18

This question has come up a number of times in a localized way, this question is meant to provide the preferred/best method for synchronizing a system's clock using NTP.

The solution should handle multiple issues correctly, such as:

  1. Correct for time at boot-up quickly where the clock has a large skew.

  2. Provide a configuration that guards and/or corrects for situations where the clock can sometimes develop a large skew over time.

  3. A robust solution that can handle and sync the time quickly when certain problems arise such as: "the time server wasn't accessible during boot" or "the internet is inaccessible during boot".

The ideal solution would be a single NTP configuration file that is able to handle all this.

References

Many of the pieces that will provide the "ultimate" solution are spread across the U&L site in questions such as these:

There are bound to be others but these are the ones that I've seen that come to mind as being relevant.

Community
  • 1
slm
  • 369,824
  • 1
    chat discussion about the scope of this question – Gilles 'SO- stop being evil' Sep 21 '13 at 18:02
  • 1
    FYI: Planning on working on a comprehensive answer to this. See the chat log starting at http://chat.stackexchange.com/transcript/message/11350138#11350138 – derobert Sep 23 '13 at 16:32
  • #2 should not happen if ntpd is running – dfc Sep 28 '13 at 00:48
  • @dfc - this can happen when a VM is paused and then later resumed, there are other situations where it can happen too. – slm Sep 28 '13 at 00:51
  • @slm "develops" means aone time jump in the skew after VM restart? It seems that within a couple of hours after restart ntpd should get the skew under control. Definitely not make it worse. What are the other situations? – dfc Sep 28 '13 at 01:02
  • For more information on #3 take a look at http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683061 Id love to have a better solution than a cron script that periodically populates /etc/hosts with the information for my preferred tie servers. – dfc Sep 28 '13 at 01:05
  • @dfc - as would I. That's the rational behind this Q. We're attempting to get a conclusive answer and not a hacked together solution. – slm Sep 28 '13 at 01:15
  • I added some comments to the outline. for some reason my comments are showing up as anonymous. – dfc Sep 28 '13 at 01:26
  • I'm inclined to think that the answer lies somewhere between "iburst" and "ntpdate " before launching ntpd, thats how most distributions do it... iburst may well handle lacking internet at boot too as it stabalises quicker. I think you can set the max correction "fix-rate vs set clock" values too. Obviously if your clock is skewing over time and NTP isn't compensating for it (case 2), you broke NTP, because thats exactly what NTP was designed to get around, an unreliable drifting local clock. The case of VM suspends, well what do you expect-compensate for a clock that misses hours? – iain Sep 29 '13 at 18:23
  • @iain iburst will not handle no internet at boot. iburst does not create an internet connection. iburst will set a clock quicker when there is a net connection but it does not magically create a network connection – dfc Sep 30 '13 at 17:33
  • @dfc - obviously no internet = no clock sync. iburst will send a burst when the server DOES become reachable, promoting the speed of the synchronisation overall. No-one's asking or answering "how do you sync with NTP when you have no external references ever" surely? – iain Oct 02 '13 at 22:10
  • All questions containing "best" or "recommended" cannot actually be answered while "best" or the exact goals to achieve are not listed. Any "best" solution is always specific to some environment and is never generic for any situation (much different from "What is the best solution for 1+1"). – U. Windl Nov 02 '20 at 09:33

3 Answers3

6

Since you cannot correct large deviations in time using ntp (unless you have a few hours for the clock to catch up or slow down) I do this:

service ntpd stop
ntpdate us.pool.ntp.org
service ntpd start

I cron it for once a day, everyday. I also put ntpdate in an init script to run before ntp starts after bootup, since reboots and power cycles are the most likely/frequent events that mess with the system time.

Andrew
  • 1,205
4

What you're looking for is ntpd with the --panicgate option.

The panicgate option allows the first adjustment after ntpd starts to be any size. This is exactly for the use case you described where a machine comes up and it's clock is wildly inaccurate. When ntpd starts with this option enabled, it can take a moment for it find a server and establish synchronization with it.

That option in itself solves your item #1.

#2 is vanilla ntpd. Ntpd keeps a drift file which is the rate your system's clock skews.

#3 is also the same as #1. The --panicgate option isn't limited to immediately when ntpd starts, it is limited to "the first adjustment", whenever that adjustment is.

phemmer
  • 71,831
2

Use chronyd/chronyc instead of ntp/ntpdate. It's already default method in fedora and, I suppose, will be in RHEL 7.0 as soon as it ready.

Documentation can be found at http://chrony.tuxfamily.org/

Anthon
  • 79,293
aim
  • 191