Network Time Protocol (NTP) bilgisayar sistemlerinin paket anahtarlama, degisen gecikmeli veri aglari uzerinden zamanlarini senkronize ettikleri bir protokoldur. NTP; UDP 123. portu kullanmaktadir. Degisken gecikme etkilerine karsi ozellikle tasarlanmistir.
NTP’yi kullanmak sistem saatinizi dogru bir sekilde ayarlamak ve korumak icin en uygun yollardan bir tanesidir. Dunya uzerinde bulunan diger sunucular ile iletime gecerek calisir, diger sunuculara zaman sorgusu yollar ve sonrasinda gelen cevaplara gore kendi yerel zamanini atarlar.
Debian’da NTP Sunucu Kurulumu
# apt-get install ntp ntpdate ntp-server
Bu NTP icin gerekli olan tum paketleri yukleyecektir.
NTP Sunucu Ayarlari
On tanimli olarak ana ayarlarin bulundugu dosya /etc/ntp.conf dizininde bulunmaktadir.
On tanimli ayar dosyasi asagidaki sekilde gorunmektedir.
# /etc/ntp.conf, configuration for ntpd
driftfile /var/lib/ntp/ntp.drift
statsdir /var/log/ntpstats/
statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable
# You do need to talk to an NTP server or two (or three).
#server ntp.your-provider.example
# pool.ntp.org maps to more than 300 low-stratum NTP servers.
# Your server will pick a different set every time it starts up.
# *** Please consider joining the pool! ***
# *** ***
server 0.debian.pool.ntp.org iburst
server 1.debian.pool.ntp.org iburst
server 2.debian.pool.ntp.org iburst
server 3.debian.pool.ntp.org iburst
# By default, exchange time with everybody, but don't allow configuration.
# See /usr/share/doc/ntp-doc/html/accopt.html for details.
restrict -4 default kod notrap nomodify nopeer noquery
restrict -6 default kod notrap nomodify nopeer noquery
# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1
restrict ::1
# Clients from this (example!) subnet have unlimited access,
# but only if cryptographically authenticated
#restrict 192.168.123.0 mask 255.255.255.0 notrust
# If you want to provide time to your local subnet, change the next line.
# (Again, the address is an example only.)
#broadcast 192.168.123.255
# If you want to listen to time broadcasts on your local subnet,
# de-comment the next lines. Please do this only if you trust everybody
# on the network!
#disable auth
#broadcastclient