Quickly Setup NTP Server using NTPd on Ubuntu 20.04/18.04

|
Last Updated:
|
|

In this tutorial, you will learn how to install and setup NTP server using NTPd on Ubuntu 20.04/18.04. Network Time Protocol is a networking protocol that is used to synchronize system clocks on a network. NTP uses clock stratum scheme to enable access to correct time sources. The stratums are numbered from 0 to 15, where the devices at stratum 0 are highly accurate time-keeping hardware devices and the latter is true. The stratums usually have NTP clients. An NTP client can also be configured as a server in a customized environment.

NTP client employs a server-client architecture where NTP clients synchronize time from NTP server(s).

Installin NTP Server using NTPd on Ubuntu 20.04/18.04

Run System Update

Before you can install and setup NTP Server, you need to update your package cache in order to install the latest version of ntp.

sudo apt update -y

Install NTPd on Ubuntu 20.04/18.04

Once the update is done, proceed to install NTP daemon on Ubuntu 20.04/18.04. The ntpd daemon is provided by the ntp package.

To check if ntp package is installed on Ubuntu 18.04/20.04 run the command:

 dpkg -l ntp

If the package is not installed you will get output similar to:

dpkg-query: no packages found matching ntp

The ntp package is available on the default Ubuntu 18.04 and Ubuntu 20.04 repositories.

Install ntp on Ubuntu 20.04/18.04 by running the command:

sudo apt install ntp -y

Verify that that ntp package has been installed successfully by checking the version number:

sntp --version

Output:

sntp [email protected] (1)

Running NTPd on Ubuntu 20.04/18.04

After installation NTP is started and enabled to start at boot time:

systemctl status ntp
● ntp.service - Network Time Service
     Loaded: loaded (/lib/systemd/system/ntp.service; enabled; vendor preset: e>
     Active: active (running) since Sun 2020-10-11 20:09:21 EAT; 55min ago
       Docs: man:ntpd(8)
   Main PID: 567 (ntpd)
      Tasks: 2 (limit: 585)
     Memory: 1.5M
     CGroup: /system.slice/ntp.service
             └─567 /usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 127:133

Onk 11 20:10:28 computers-VirtualBox ntpd[567]: Soliciting pool server 162.159.>
Onk 11 20:10:29 computers-VirtualBox ntpd[567]: Soliciting pool server 160.119.>
Onk 11 20:10:29 computers-VirtualBox ntpd[567]: Soliciting pool server 162.159.>
Onk 11 20:10:29 computers-VirtualBox ntpd[567]: Soliciting pool server 162.159.>
...

Setting up NTP Server using NTPd on Ubuntu

Configure NTP Server on Ubuntu 20.04/18.04

NTP daemon (ntpd) main configuration file is /etc/ntp.conf. The file is configured to enable NTP server to fetch the correct time from NTP servers of higher stratum such as pool.ntp.org. The pool directive in the file enables setting of NTP time servers (pool) to use.

sudo vim /etc/ntp.conf

# Specify one or more NTP servers.

# Use servers from the NTP Pool Project. Approved by Ubuntu Technical Board
# on 2011-02-08 (LP: #104525). See http://www.pool.ntp.org/join.html for
# more information.
pool 0.ubuntu.pool.ntp.org iburst
pool 1.ubuntu.pool.ntp.org iburst
pool 2.ubuntu.pool.ntp.org iburst
pool 3.ubuntu.pool.ntp.org iburst

# Use Ubuntu's ntp server as a fallback.
pool ntp.ubuntu.com

By default NTP on Ubuntu 20.04/18.04 uses ubuntu pool time servers from the NTP servers pool.ntp.org as seen from the above output. A list of time servers can be found at NTP Public Pool Time Servers where one can choose which timeserver to use according to their timezone. For example to use ke.pool.ntp.org pool:

First comment out the default ubuntu pool timeservers:

...
# more information.
#pool 0.ubuntu.pool.ntp.org iburst
#pool 1.ubuntu.pool.ntp.org iburst
#pool 2.ubuntu.pool.ntp.org iburst
#pool 3.ubuntu.pool.ntp.org iburst

# Use Ubuntu's ntp server as a fallback.
#pool ntp.ubuntu.com
...

To add up servers from the ke.pool.ntp.org pool add the following entry on the configuration file:

...
#Use kenyan pool
pool 0.ke.pool.ntp.org iburst
pool 1.ke.pool.ntp.org iburst
pool 2.ke.pool.ntp.org iburst
pool 3.ke.pool.ntp.org iburst
...

TIP: Setting the pool as pool.ntp.org allows the system to determine the nearest time servers to use.

iburst option in the configuration file changes the initial interval of polls to a NTP server in order to speed up the initial synchronization.

Configure Access Control for NTP Server (Optional)

NTP server can optionally be configured to only allow specific NTP client connections to query them using the restrict directive in the /etc/ntp.conf configuration file which uses the syntax:

restrict address [mask mask] [other options]

This access control can be used to limit access to NTP service to particular LAN. For instance to only allow connections from the network 192.168.56.0/24, define the network address by appending the line:

restrict 192.168.56.0 mask 255.255.255.0 nomodify notrap

Where:

  • nomodify options prevents any changes to the configuration.
  • notrap option prevents ntpdc control message protocol traps.

More about restrict and other command options can be read on man ntp.conf.

Save the configuration file and restart NTP server for the changes to take effect.

 sudo systemctl restart ntp

Check the status of NTP service

 systemctl status ntp

Output:

 ntp.service - Network Time Service
     Loaded: loaded (/lib/systemd/system/ntp.service; enabled; vendor preset: enabled)
     Active: active (running) since Tue 2020-10-20 19:05:15 EAT; 1min 0s ago
       Docs: man:ntpd(8)
    Process: 8428 ExecStart=/usr/lib/ntp/ntp-systemd-wrapper (code=exited, status=0/SUCCESS)
   Main PID: 8446 (ntpd)
      Tasks: 2 (limit: 1111)
     Memory: 1.0M
     CGroup: /system.slice/ntp.service
             └─8446 /usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 127:133
Onk 20 19:05:20 null1-VirtualBox ntpd[8446]: Soliciting pool server 162.159.200.123
Onk 20 19:05:21 null1-VirtualBox ntpd[8446]: Soliciting pool server 162.159.200.1
Onk 20 19:05:22 null1-VirtualBox ntpd[8446]: Soliciting pool server 160.119.216.206
Onk 20 19:05:23 null1-VirtualBox ntpd[8446]: Soliciting pool server 160.119.216.197
Onk 20 19:05:24 null1-VirtualBox ntpd[8446]: Soliciting pool server 160.119.216.202
Onk 20 19:05:29 null1-VirtualBox ntpd[8446]: Soliciting pool server 160.119.216.197
Onk 20 19:05:29 null1-VirtualBox ntpd[8446]: Soliciting pool server 2606:4700:f1::1
Onk 20 19:05:37 null1-VirtualBox ntpd[8446]: Soliciting pool server 91.189.94.4

Confirm NTP service is set to start at boot time:

sudo systemctl is-enabled ntp
enabled

If disabled, enable it by running the command below;

sudo systemctl enable ntpd

Verify System time

Check NTP time after afew seconds.

ntptime 

Output:

tp_gettime() returns code 0 (OK)
  time e3398bfb.b241700c  Tue, Oct 20 2020 19:16:59.696, (.696311693),
  maximum error 78688 us, estimated error 5216 us, TAI offset 37
ntp_adjtime() returns code 0 (OK)
  modes 0x0 (),
  offset 251.894 us, frequency -11.169 ppm, interval 1 s,
  maximum error 78688 us, estimated error 5216 us,
  status 0x2001 (PLL,NANO),
  time constant 6, precision 0.001 us, tolerance 500 ppm,

Configure Firewall

If Ubuntu UFW is enabled allow UDP port 123. NTP clients connect to NTP server on that particular port.

sudo ufw allow from any to any port 123 proto udp

You can as well allow NTP queries from specific Network;

sudo ufw allow from 192.168.56.0/24 to any port 123 proto udp

Verify NTP Time Service

Verify NTP server by checking the NTP server connection to NTP peers by running the command;

ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 0.ke.pool.ntp.o .POOL.          16 p    -   64    0    0.000    0.000   0.000
 1.ke.pool.ntp.o .POOL.          16 p    -   64    0    0.000    0.000   0.000
 2.ke.pool.ntp.o .POOL.          16 p    -   64    0    0.000    0.000   0.000
 3.ke.pool.ntp.o .POOL.          16 p    -   64    0    0.000    0.000   0.000
 ntp.ubuntu.com  .POOL.          16 p    -   64    0    0.000    0.000   0.000
-time.cloudflare 10.45.8.5        3 u  122  256  377   54.091    8.013  63.504
-time.cloudflare 10.45.8.5        3 u  153  256  161   54.158    8.587  40.443
+ntp0.icolo.io   160.119.216.202  3 u    8  128  377   16.850    4.389   0.586
*ntp1.icolo.io   146.64.8.7       2 u   82  128  375   16.379    4.501   1.584
+ntp2.icolo.io   146.64.8.7       2 u   65  128  377   16.524    4.709   0.742

Synchronizing Client’s Time with NTP Server

Now that the NTP server is configured, it is high time to configure clients to synchronize their clocks with the NTP server.

Synchronizing using systemd timesyncd NTP

In an Ubuntu system, an NTP Client, systemd-timesyncd.service, is running by default which can be used to set NTPd as a NTP client.

Edit the file /etc/systemd/timesyncd.conf and add the address for your NTP server by adding such an entry at the end of the file:

vim /etc/systemd/timesyncd.conf
NTP=192.168.56.103

Where 192.168.56.103 is the IP address of configured NTP server.

Restart systemd-timesyncd NTP client service:

sudo systemctl status systemd-timesyncd

Confirm the status of status that it is now synchronized with the configured NTP server.

 systemctl status systemd-timesyncd

Output:

  Loaded: loaded (/lib/systemd/system/systemd-timesyncd.service; enabled; vendor preset: enabled)
   Active: active (running) since Tue 2020-10-20 20:02:49 EAT; 3s ago
     Docs: man:systemd-timesyncd.service(8)
 Main PID: 4466 (systemd-timesyn)
   Status: "Synchronized to time server 192.168.56.103:123 (ntp.kifarunix.com)."
    Tasks: 2 (limit: 667)
   CGroup: /system.slice/systemd-timesyncd.service
           └─4466 /lib/systemd/systemd-timesyncd

...

Using ntpdate to Synchronize Client Systems’ Time

Optionally the ntpdate command can be used to manually synchronize client system time with NTP server. This guide uses Ubuntu 18.04 as the client.

Step 1: Install ntpdate

Install ntpdate package, if not already installed.

sudo apt install ntpdate -y

NOTE: Ensure that Client and NTP Server can communicate. You can use nc command to verify NTP server port connection.

Step 2: Use ntpdate Command to Query Time Service

The ntpdate command can be uses to query time service from an NTP server by running the command:

sudo ntpdate 192.168.56.103

The output shows the time offset between the two systems.

20 Oct 20:31:54 ntpdate[5053]: adjust time server 192.168.56.103 offset 0.001313 sec

Synchronize time Automatically Using NTP

NTP client can automatically be configured to query NTP server by using the NTPd daemon.

Step 1: Install NTP
sudo apt install ntp -y
Configure NTPd Client

On Ubuntu 18.04 NTP service is set to run by default after installation. First check if the client is synchronized with NTP:

timedatectl

The output will show if the system clock is synchronized or not.

 Local time: Qib 2020-10-20 19:41:59 EAT
                  Universal time: Qib 2020-10-20 16:41:59 UTC
                        RTC time: Qib 2020-10-20 16:35:32
                       Time zone: Africa/Nairobi (EAT, +0300)
       System clock synchronized: yes
systemd-timesyncd.service active: no
                 RTC in local TZ: no

If the system time is synchronized, disable the time synchronization by running the command:

sudo timedatectl set-ntp off

TIP: To toggle time synchronization back on: sudo timedatectl set-ntp on

To configure the NTP client to synchronize time from your NTP server, edit the ntp configuration file:

 sudo vim /etc/ntp.conf 

Replace public NTP pool servers with your server.

#pool 0.ubuntu.pool.ntp.org iburst
#pool 1.ubuntu.pool.ntp.org iburst
#pool 2.ubuntu.pool.ntp.org iburst
#pool 3.ubuntu.pool.ntp.org iburst

pool 192.168.56.103 iburst

Ideally the server can be added without commenting out the default NTP servers by making it the preferred reference clock using the prefer option:

pool 192.168.56.103 prefer iburst

Save the configuration file and restart ntp.

 sudo systemctl restart ntp

The client is now successfully configured to sychronize system time with NTP server. This can be verified by running the command:

ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 192.168.56.103  .POOL.          16 p    -   64    0    0.000    0.000   0.000
*192.168.56.103  160.119.216.202  3 u   24   64    1    0.768   16.118   1.355

From the output we can see NTP server (192.168.56.103) as the time synchronization host/source in the queue.

Confirm NTP service is set to start at boot time:

systemctl is-enabled ntp

To enable NTP service to start at boot time, just in case is not enabled, then you would run the command:

systemctl enable ntp

Great, your NTP Clients should now be able to query the time services from your NTP Server.

Related Tutorials

How to Configure NTP Server on pfSense

Setup NTP Server using Chrony on CentOS 8

Setup NTP server Using NTPd on Debian 10 Buster

Configure NTP Server using NTPd on Fedora 30

How to Install and Configure NTP Server Using Chrony on Fedora 29/Fedora 28

SUPPORT US VIA A VIRTUAL CUP OF COFFEE

We're passionate about sharing our knowledge and experiences with you through our blog. If you appreciate our efforts, consider buying us a virtual coffee. Your support keeps us motivated and enables us to continually improve, ensuring that we can provide you with the best content possible. Thank you for being a coffee-fueled champion of our work!

Photo of author
cr00t

Leave a Comment