Setup Timezone and NTP on CentOS 6


centos6 - Timezone and NTP
centos6 - Timezone and NTP

Introduction of Timezone and NTP

Time in the server is very important to set and maintain correctly. Because if time configured wrong, it will cause chaos within the server environment, such as data inconsistency, data synchronization failures, and job scheduling problems. To prevent those problem in the future, we need to set  timezone and ntp on the server accordingly. For timezone exactly like our local time. And then NTP (Network Time Protocol) to synchronize the time of your servers and remote NTP servers, keeping the time on your machines in perfect order.

In this article, will be shown how to setup timezone and NTP on CentOS 6

First, you need to logged in to server as root.

Step 1: Set the timezone

Input the following command in your terminal:

date

By default, CentOS 6 using the UTC time on their system. We can modify it to any time zone using the local timezone of the server on physical location. For this example, my server was running in Indonesia, then we would use the “Asia/Jakarta” time zone. Use following command line to applying it

rm -rf /etc/localtime

ln -s /usr/share/zoneinfo/Asia/Jakarta /etc/localtime

You can navigate to the directory /usr/share/zoneinfo to find the appropriate time zone. There is an excellent resource on Wikipedia for timezone listings. Input date again, you will find that the local system time has changed to WIB (Western Indonesian Time) GMT+ 7.

Next, we will write the system time info into the hardware clock.

vim /etc/sysconfig/clock

Modify the content of this file as below.

ZONE=”Asia/Jakarta”

UTC=false

ARC=false

Save and quit.

Write the system time into the hardware clock.

hwclock –systohc –localtime

Input hwclock to see the result.

Step 2: Upgrade NTP

By default, the ntp daemon program has been installed and if not you can install ntp daemon using this command :

yum –y install ntp

For security purposes, the first thing that we should do is to upgrade it to the latest version.

To see the ntpd version:

ntpd –version

At the time of writing, the default installed version is “4.2.6p5”. Stop the ntpd service:

service ntpd stop

Download the latest version of the ntp program from its official website:

wget http://archive.ntp.org/ntp4/ntp-4.2/ntp-4.2.8p2.tar.gz. Unzip and go into the newly created directory:

tar -zxvf ntp-4.2.8p2.tar.gz

cd ntp-4.2.8p2

Install the necessary components for our installation:

yum -y install gcc libcap-devel

Because we are going to upgrade the existing ntpd program, we need to determine the owner and group info:

cat /etc/group

cat /etc/passwd

As you see, the ntp program belongs to the owner ntp (uid=38) and the group ntp (gid=38).

For security purposes, update the configuration of the ntp user account:

usermod -c “Network Time Protocol” -d /var/lib/ntp -u 38 -g ntp -s /bin/false ntp

Compile and install the ntp program:

./configure –prefix=/usr –bindir=/usr/sbin –sysconfdir=/etc –enable-linuxcaps –with-lineeditlibs=readline –docdir=/usr/share/doc/ntp-4.2.8p2 && make && make install && install -v -o ntp -g ntp -d /var/lib/ntp

Once the installation has completed, you can check the ntpd version again:

ntpd –version

As you see, the ntp program has been upgraded to the latest version “4.2.8p2”.

Step 3: Configure ntp

For better performance and security, we need to modify the default configuration:

vim /etc/ntp.conf

In the ntp.conf configuration file, you can find the ntp servers. And for faster synchronization speed, you can change these servers to the ones in the region or even in the country of your datacenter. For example, in Indonesia you can use:

server 0.id.pool.ntp.org

server 1.id.pool.ntp.org

server 2.id.pool.ntp.org

server 3.id.pool.ntp.org

More NTP pool time servers can be found on the NTP support website. For security purposes, we should restrict permissions. While still in the ntp.conf configuration file, find the following two rows:

restrict default kod nomodify notrap nopeer noquery

restrict -6 default kod nomodify notrap nopeer noquery

Modify them as below:

restrict default limited kod nomodify notrap nopeer noquery

restrict -6 default limited kod nomodify notrap nopeer noquery

Additionally, we need to add the following two rows:

pidfile   /var/run/ntpd.pid

leapfile  /etc/ntp.leapseconds

Save and quit and then reboot the system.

Step 4: Configure the firewall

Add the following sentence to the iptable configuration

iptables -A  INPUT -m state –state NEW -m udp -p udp –dport 123 -j ACCEPT

Restart the firewall.

service iptables restart

At this point, NTP is fully configured. The ntpd program will continually adjust the time of your server.

If needed, you can check the time synchronization status with the following command:

ntpstat


About Desianto Abdillah 31 Articles
My name is Desianto Abdillah. I am a System Administrator. My experience as SysAdmin no more than two years, but i realy like to share somethings that i just learned and i just done. I more familiar with Linux SysAdmin than others sysadmin's function. I have high enthusiasm in IT, especially in SysAdmin world.