Home » NTP Time Synchronization

Time Synchronization with NTP on Ubuntu Server

NTP (Network Time Protocol) is a networking protocol for clock synchronization between computer systems over packet-switched, variable-latency data networks. Accurate timekeeping is crucial for many server operations including logging, authentication, and task scheduling.

Time Synchronization

NTP ensures all systems on your network maintain consistent and accurate time, which is critical for distributed systems and logging.

Server or Client

Configure your server as an NTP client to sync with external time sources, or as an NTP server to provide time for your internal network.

Security

Implement security features like access control and authentication to protect your time synchronization infrastructure.

Prerequisites

  • Ubuntu Server (any supported version)
  • Root or sudo privileges
  • Network connectivity to NTP servers
  • Basic knowledge of Linux command line

1 Check Current Time Configuration

Check the current time and timezone settings:

date
timedatectl

Check if NTP is already active:

timedatectl show | grep NTPSynchronized

2 Install NTP Package

Update your package list and install the NTP package:

sudo apt update
sudo apt install -y ntp

Verify the installation:

ntpd --version

3 Configure NTP Client

Back up the original configuration file:

sudo cp /etc/ntp.conf /etc/ntp.conf.backup

Edit the NTP configuration:

sudo nano /etc/ntp.conf

Configure NTP pools (add these lines to the file):

# Use Ubuntu's NTP pool
pool 0.ubuntu.pool.ntp.org iburst
pool 1.ubuntu.pool.ntp.org iburst
pool 2.ubuntu.pool.ntp.org iburst
pool 3.ubuntu.pool.ntp.org iburst

# Use fallback servers
pool ntp.ubuntu.com

# Restrict access
restrict -4 default kod notrap nomodify nopeer noquery limited
restrict -6 default kod notrap nomodify nopeer noquery limited

# Allow localhost
restrict 127.0.0.1
restrict ::1

# Allow network clients (replace with your network)
restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

4 Start and Enable NTP Service

Start the NTP service:

sudo systemctl start ntp

Enable NTP to start on boot:

sudo systemctl enable ntp

Check the status of the NTP service:

sudo systemctl status ntp

5 Configure Firewall for NTP

Allow NTP traffic through the firewall:

sudo ufw allow ntp
sudo ufw enable

Alternatively, open the specific NTP port (UDP 123):

sudo ufw allow 123/udp
sudo ufw enable

Verify the firewall status:

sudo ufw status

6 Verify NTP Synchronization

Check NTP synchronization status:

ntpq -p

Check NTP statistics:

ntpstat

Check systemd-timesyncd status (if using timesyncd):

timedatectl timesync-status
timedatectl show-timesync

7 Configure NTP Server for Internal Network

Edit the NTP configuration to serve time to your internal network:

sudo nano /etc/ntp.conf

Add these lines (replace with your network details):

# Serve time to internal network
broadcast 192.168.1.255

# Allow time queries from internal network
restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

# Local clock as fallback
server 127.127.1.0
fudge 127.127.1.0 stratum 10

Restart NTP to apply changes:

sudo systemctl restart ntp

8 Configure systemd-timesyncd (Alternative)

If you prefer using systemd's built-in time synchronization:

sudo apt install -y systemd-timesyncd

Enable and start the service:

sudo systemctl enable systemd-timesyncd
sudo systemctl start systemd-timesyncd

Check the status:

timedatectl status

Configure timesyncd:

sudo nano /etc/systemd/timesyncd.conf

Update the configuration:

[Time]
NTP=0.ubuntu.pool.ntp.org 1.ubuntu.pool.ntp.org 2.ubuntu.pool.ntp.org 3.ubuntu.pool.ntp.org
FallbackNTP=ntp.ubuntu.com
RootDistanceMaxSec=5
PollIntervalMinSec=32
PollIntervalMaxSec=2048

9 Configure Chrony (Alternative NTP Implementation)

Install Chrony:

sudo apt install -y chrony

Edit the Chrony configuration:

sudo nano /etc/chrony/chrony.conf

Configure Chrony with appropriate servers:

pool 0.ubuntu.pool.ntp.org iburst
pool 1.ubuntu.pool.ntp.org iburst
pool 2.ubuntu.pool.ntp.org iburst
pool 3.ubuntu.pool.ntp.org iburst

# Allow NTP client access from internal network
allow 192.168.1.0/24

# Serve time even if not synchronized to a time source
local stratum 10

Restart Chrony:

sudo systemctl restart chrony

Check Chrony tracking:

chronyc tracking
chronyc sources

10 Troubleshooting Common Issues

Check NTP service status:

sudo systemctl status ntp
sudo journalctl -u ntp -f

Check NTP peer connections:

ntpq -pn

Force immediate time synchronization:

sudo ntpdate -s pool.ntp.org

Check detailed NTP information:

ntptime
ntpdc -c loopinfo

Common issues and solutions:

Issue Solution
No synchronization Check firewall settings and NTP server connectivity
Large time offset Force time sync with sudo ntpdate -s pool.ntp.org
Service won't start Check configuration syntax with ntpd -q
No peers available Verify network connectivity to NTP servers
Previous: LDAP Server Next: DNS Server
Command copied to clipboard!