Joining the NTP Server Pool with Ubuntu
Just in case anyone was wondering, I haven’t been abducted by Linux-loving aliens. Nor have I inexplicably dropped off the face of the planet. The reasons behind my lack of recent posts are firstly – a lack of time; secondly – and happily – my Ubuntu 12.04 installation has been so unbelievably stable that it hasn’t required much tinkering or tweaking at all!
Anyway, this isn’t a technical problem, nor is it specifically Ubuntu-related, but I think it comes under the category of ubuntu with a small “u”; the philosophy of community, mutual support, and giving back when you can. That’s what I thought when I read the June 21st 2012 news release on www.pool.ntp.org. The full release can be read here. The chances are that you’re already using servers of the NTP project – even if you don’t realise it. So I decided to give a bit back and join the pool with my Ubuntu server and static IP. If you want to help out too, then it’s fairly easy to set up.
The two main requirements for joining the pool would be 1) an Internet connection with a static IP address, and 2) a machine running ntpd. If you’re running Ubuntu server (as I am), then ntpd is already installed. For everyone else, open a terminal window and type:
sudo apt-get install ntp
When ntpd is installed, edit the /etc/ntp.conf file to adjust the servers.
sudo nano /etc/ntp.conf
The file is pre-populated with ubuntu.pool.ntp.org servers. To join the NTP pool, we need to use stratum 1 or 2 servers with fixed IP addresses. You need about five servers in the list. Locate the servers nearest to you by using this list, and then put them in your ntp.conf file using the following syntax:
So, for example, my ntp.conf file looks like this:
server ntp.maths.tcd.ie iburst
The “iburst” parameter after the first server tells it to synchronise quickly after startup.
I left the default restrictions in place. These allow anyone to synchronise, but they don’t allow non-local clients to see the operating system type, or ntpd version number. The default restrictions are:
restrict -4 default kod notrap nomodify nopeer noquery
restrict -6 default kod notrap nomodify nopeer noquery
Finally, I retrieved the “leap seconds” file from the US National Institute of Standards and Technology (NIST) and applied this to my ntpd installation. In case you’re confused about what a leap second is, then the ntp.org support pages offer the following helpful information:
Graceful handling of leap seconds implies applying the leap second locally at the appropriate time, rather than having the clock off by one second until the discrepancy witih sources is noticed and corrected at a later time. ntpd will gracefully handle leap seconds which it knows about in advance, via one of two means. If a leap second file is configured in ntp.conf or acquired via autokey, ntpd will inform clients of the pending leap for one day in advance via the leap field of the NTP packet, and it will be applied locally. Lacking a leapfile, ntpd is at the mercy of its sources to inform it of the pending leap second.
So now you know! To apply the file, download it from time.nist.gov using your favourite ftp client. It’s in the /pub directory and is called “leap-seconds.nnnnnnnnnn” where nnnnnnnnnn is a numeric time stamp. At time of writing, the file was called “leap-seconds.3535228800″. Once you have retrieved the file, store it in a public path on your server. Then add the following line to your ntp.conf file:
So my ntp.conf file reads:
Now make sure that TCP and UDP port numbers 123 are open on your firewall and forwarded to your Ubuntu server. Lastly, restart ntpd:
sudo service ntp restart
You can check to make sure that ntp has synchronised with a peer by typing:
ntpq -c lpeers
If a peer name appears with an asterisk in the list, then your ntpd service has synchronised with it.
Now all you need to do is add your server to the pool. I created a DNS entry, so that ntp.mattrudge.net points to my static IP address, but this isn’t strictly necessary.
Once your server is added, it will start with an “availability score” of -5.0. This will gradually increase as your server is checked over a number of hours for uptime and reliability. When the score reaches 10, then the server will be published in the pool.
So, if you have a few spare CPU cycles and a bit of bandwidth hanging around, then why not get into the spirit of Ubuntu and join the NTP server pool.