Ntp

Article description::is a suite of tools utilizing [[Network Time Protocol. Their purpose is to keep the system clock in time.]]

Emerge
Install the suite of NTP programs:

Ntp-client
The service is used for one-time sync, usually during bootup. Its purpose is to help with the startup, as  initially waits before attempting to correct the clock skew, and may even refuse to do so if the skew is too large.

Starting the service will run the sync only once. It is then expected that is used for maintaining the time until the next reboot.

Upstream servers
To adjust 's command and upstream servers, edit the configuration file. The default configuration is populated with:

Usage
To run the sync command manually:

OpenRC
To run the :

To have the run at boot:

systemd
To run the client service:

To have the client service run at boot:

Upstream servers
In the servers that will be used to synchronize the local time for  can be specified. The default configuration is populated with:

By default the configuration uses the Gentoo NTP servers. A list of available servers can be found on ntp.org. A private server can also be used.

Network not always available?
On systems where a network connection is not always available at boot (laptops, etc.), it might help to add the following lines to server configuration:

This sets localhost as a server with low priority, so that the daemon starts properly even without a network connection and switches to using network servers when a connection is established.

Permissions
Permission are used to control who is allowed to synchronize or change permissions.

To enable time syncing, the server must be reachable by the other ntp services. can be used for blocking.

To prevent other machines from reconfiguring your server, use.

To prevent your server from being used in Denial of Service attacks, use.

Access to NTP service allowed only from the 192.0.2.0/24 network:

To deny access to monlist functionality, used for querying traffic stats, but which may also be exploited in a Denial of Service attack:

OpenRC
To start the service:

To have the service start at boot:

To monitor status of the service:

systemd
To start the service:

To have the service start at boot:

To monitor status of the service:

ntpd command not running
If ntpd is already running in daemon mode, it will automatically exit when attempting to be manually run from the commandline.

For example:

This can be corrected by stopping the daemon service and then running ntpd. On OpenRC systems, this is accomplished as follows:

External resources

 * https://www.ntp.org/
 * https://wiki.archlinux.org/index.php/Network_Time_Protocol_daemon
 * https://wiki.archlinux.org/index.php/systemd-timesyncd
 * https://blog.hboeck.de/archives/863-Dont-update-NTP-stop-using-it.html