用NTP网络时间协议同步你的IT系统

NTP协议全称网络时间协议（Network Time Procotol）。它的目的是在国际互联网上传递统一、标准的时间。具体的实现方案是在网络上指定若干时钟源网站，为用户提供授时服务，并且这些网站间应该能够相互比对，提高准确度。

NTP 最早是由美国Delaware大学的Mills教授设计实现的，从1982件最初提出到现在已发展了将近20年，2001年最新的NTPv4精确度已经达到了200毫秒。对于实际应用，又有确保秒级精度的SNTP（简单的网络时间协议）。

NTP是一个跨越广域网或局域网的复杂的同步时间协议，它通常可获得毫秒级的精度。RFC2030[Mills 1996]描述了SNTP（Simple Network Time Protocol），目的是为了那些不需要完整NTP实现复杂性的主机，它是NTP的一个子集。通常让局域网上的若干台主机通过因特网与其他的NTP主机同步时钟，接着再向局域网内其他客户端提供时间同步服务。

NTP协 议是OSI参考模型的高层协议，符合UDP传输协议格式，拥有专用端口123。

随着时间的推移， 计算机的时钟会倾向于漂移。 网络时间协议 (NTP) 是一种确保您的时钟保持准确的方法。它为路由器、交换机、工作站和服务器之间提供了一种时间同步的机制。所以NTP Server经常应用于一些有时间同步要求的IT系统环境中。

[size=large][color=blue][b]一、服务端设置[/b][/color][/size]

Mac OS X Server似乎默认就有了，只说一下Linux下如何设置。
在Ubuntu Linux中应用NTP Server非常方便：
[b]1. 安装[/b]
[code]
sudo apt-get install ntp
[/code]

[b]2. 配置[/b]
配置文件是/etc/ntp.conf

a. 找到server一项，添加你喜欢的Time Server
[code]
server time.asia.apple.com iburst dynamic
[/code]
b. 设置权限，我的所有restrict条目如下
[code]
restrict -4 default kod notrap nomodify nopeer noquery
restrict -6 default kod notrap nomodify nopeer noquery

# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1
restrict ::1

# Clients from this (example!) subnet have unlimited access, but only if
# cryptographically authenticated.
#restrict 192.168.123.0 mask 255.255.255.0 notrust
restrict 192.168.0.0 mask 255.255.255.0
[/code]

[b]3. 重启ntp服务器[/b]
/etc/init.d/ntp restart

[b]4. 查看服务器是否工作正常[/b]
在服务器运行
[code]
ntpq -p
[/code]

[size=large][color=green][b]二、工作站同步[/b][/color][/size]

好了，测试一下吧，假设你的新服务器IP地址为192.168.0.7。在客户端运行如下命令：
ntpdate -u 192.168.0.7

同步成功后，将会显示如下：
6 Mar 15:44:24 ntpdate[9921]: adjust time server 192.168.0.7 offset -0.007277 sec

[size=large][color=olive][b]三、交换机同步[/b][/color][/size]

Cisco IOS
[code]
ciscorouter> enable
password: *********
ciscorouter# config t
ciscorouter(config)# ntp update-calendar
ciscorouter(config)# ntp server 192.168.0.4
ciscorouter(config)# ntp server 192.168.0.7
ciscorouter(config)# exit
ciscorouter# wr mem
[/code]

Dell 6248
[code]
dell6248-corner>en
dell6248-corner#configure
dell6248-corner(config)#sntp server 192.168.0.7
dell6248-corner(config)#
[/code]

[size=large][color=darkblue][b]四、一些常见的时间服务器[/b][/color][/size]

210.72.145.44 ── (国家授时中心服务器IP地址)
133.100.11.8 ── 日本 福冈大学
time-a.nist.gov 129.6.15.28 ── NIST, Gaithersburg, Maryland
time-b.nist.gov 129.6.15.29 ── NIST, Gaithersburg, Maryland
time-a.timefreq.bldrdoc.gov 132.163.4.101 ── NIST, Boulder, Colorado
time-b.timefreq.bldrdoc.gov 132.163.4.102 ── NIST, Boulder, Colorado
time-c.timefreq.bldrdoc.gov 132.163.4.103 ── NIST, Boulder, Colorado
utcnist.colorado.edu 128.138.140.44 ── University of Colorado, Boulder
time.nist.gov 192.43.244.18 ── NCAR, Boulder, Colorado
time-nw.nist.gov 131.107.1.10 ── Microsoft, Redmond, Washington
nist1.symmetricom.com 69.25.96.13 ── Symmetricom, San Jose, California
nist1-dc.glassey.com 216.200.93.8 ── Abovenet, Virginia
nist1-ny.glassey.com 208.184.49.9 ── Abovenet, New York City
nist1-sj.glassey.com 207.126.98.204 ── Abovenet, San Jose, California
nist1.aol-ca.truetime.com 207.200.81.113 ── TrueTime, AOL facility, Sunnyvale, California
nist1.aol-va.truetime.com 64.236.96.53 ── TrueTime, AOL facility, Virginia


[color=indigo][size=large][b]五、使用Python脚本来获取时间[/b][/size][/color]

[code]
#!/usr/bin/python
from socket import *
import struct,os,time,sys

# Script to set Linux hardware clock (/usr/sbin/hwclock) from an NTP
# time server. Run as "setclock.py" to simply print the time from
# the NTP server. Run as "setclock.py --set" to set the Linux
# hardware clock (as the super user, of course).

# Based on Simon Foster's simple SNTP client from ASPN Python cookbook.
# Adapted by Paul Rubin; this script lives at:
# http://www.nightsong.com/phr/python/setclock.py

time_server = ('time.apple.com', 123)
# time.apple.com is a stratum 2 time server. (123 is the SNTP port number).
# More servers info can be found at
#
# http://www.eecis.udel.edu/~mills/ntp/servers.htm
#
# Note it's considered antisocial to use a stratum 1 server (like NIST)
# for purposes like this which don't need extreme accuracy (i.e. syncing
# your own big NTP network). See www.ntp.org for more info.
#
# You could also use time.windows.com (Microsoft server) which syncs
# all Windows XP machines everywhere, so it can presumably handle lots
# of clients.

# number of seconds between NTP epoch (1900) and Unix epoch (1970).
TIME1970 = 2208988800L # Thanks to F.Lundh

client = socket( AF_INET, SOCK_DGRAM )
data = '\x1b' + 47 * '\0'
client.sendto(data, time_server)
data, address = client.recvfrom( 1024 )
if data:
print 'Response received from', address,'\n'
t = struct.unpack( '!12I', data )[10]
if t == 0:
raise 'invalid response'
ct = time.ctime(t - TIME1970)
print 'Current time = %s\n' % ct
if len(sys.argv) > 1 and sys.argv[1] == "--set":
os.system("/usr/sbin/hwclock --set '--date=%s'"% ct)
else:
raise 'no data returned'

[/code]

上面这个脚本原址在这里，http://www.nightsong.com/phr/python/setclock.py。使用方式如下：
$ python setclock.py
Response received from ('17.151.16.23', 123)

Current time = Fri Mar 6 16:03:19 2009