These are some labs I have crafted to prep for the RHCSA exam. Hopefully you will find this useful!
Brakertech’s RHCSA Training Labs
Objective: Configure NTP Client to sync against a custom NTP server
Configure Local NTP Server
The first step is to get your local ntp server running
Install Required Package
# yum install ntp
Modify /etc/ntp.conf
- replace 38.106.177.10 with your primary external ntp server to sync with
- change 192.168.0.0 to the local subnet you would like to accept connections from
[root@rhel6 ~]# cat /etc/ntp.conf | grep -v "#" | grep -v "^$" driftfile /var/lib/ntp/drift restrict default kod nomodify notrap nopeer noquery restrict 127.0.0.1 restrict 38.106.177.10 mask 255.255.255.255 nomodify notrap noquery restrict 192.168.0.0 mask 255.255.255.0 nomodify notrap server 38.106.177.10 server 0.north-america.pool.ntp.org server 1.north-america.pool.ntp.org server 2.north-america.pool.ntp.org server 3.north-america.pool.ntp.org includefile /etc/ntp/crypto/pw keys /etc/ntp/keys
Confirm local ntp server machine can retrieve ntp updates from external server
[root@rhel6 ~]# service ntpd stop Shutting down ntpd: [ OK ] [root@rhel6 ~]# ntpdate 38.106.177.10 16 Aug 02:42:42 ntpdate[3353]: adjust time server 38.106.177.10 offset 0.097539 sec [root@rhel6 ~]# service ntpd start Starting ntpd: [ OK ] [root@rhel6 ~]#
Set ntp to start on boot
[root@rhel6 ~]# chkconfig ntpd on [root@rhel6 ~]# chkconfig --list | grep ntpd ntpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
Disable selinux and iptables
[root@rhel6 ~]# setenforce 0 [root@rhel6 ~]# service iptables stop
Configure ntp client
The client machine must be another machine on your local network (ex: in 192.168.0.0 mask 255.255.255.0 network i specified in the above server config)
Install Required Package
[root@rhel6 ~]# yum install ntp [root@rhel6 ~]# yum install ntpdate
Modify /etc/ntp.conf
- change 192.168.0.4 to the ip of your local ntp server
- Alternatively you can set the ntp server by running system-config-date & from terminal
[root@desktop2 ~]# cat /etc/ntp.conf | grep -v "#" | grep -v "^$" driftfile /var/lib/ntp/drift restrict default ignore restrict 127.0.0.1 restrict 192.168.0.254 restrict 192.168.0.4 server 192.168.0.4 iburst includefile /etc/ntp/crypto/pw keys /etc/ntp/keys [root@desktop2 ~]#
Test our ntp client’s ability to sync time with the local ntp server
Follow these steps:
- stop ntpd
- set a different local time on the client machine with date -s
- run ntpdate -u three times
- start ntpd
- check time with date command
[root@desktop2 ~]# service ntpd stop [root@desktop2 ~]# date Thu Aug 16 02:47:07 CDT 2012 [root@desktop2 ~]# date -s "16:15:00" Thu Aug 16 16:15:00 CDT 2012 [root@desktop2 ~]# ntpdate -u 192.168.0.4 16 Aug 02:47:34 ntpdate[9974]: step time server 192.168.0.4 offset -48458.277826 sec [root@desktop2 ~]# ntpdate -u 192.168.0.4 16 Aug 02:47:35 ntpdate[9975]: adjust time server 192.168.0.4 offset 0.000287 sec [root@desktop2 ~]# ntpdate -u 192.168.0.4 16 Aug 02:47:35 ntpdate[9976]: adjust time server 192.168.0.4 offset 0.000384 sec [root@desktop2 ~]# service ntpd start Starting ntpd: [ OK ] [root@desktop2 ~]# date Thu Aug 16 02:47:46 CDT 2012
Troubleshooting NTP
Here are some basic troubleshooting steps when dealing with ntp
- Change your client’s timezone to the same timezone as your server’s, instructions here
- Check for selinux blocking ntp requests on client and server
- Verify firewall rules allow UDP traffic on source/destination port 123 between your server and the Stratum 1/2 server with which you are synchronizing.
- use ntpq to determine if you are properly syncronized with your local ntp server:
[root@desktop2 ~]# ntpq -p remote refid st t when poll reach delay offset jitter ============================================================================== 192.168.0.4 38.106.177.10 2 u 10 64 377 0.366 -100.05 39.778