Jump to contentJump to page navigation: previous page [access key p]/next page [access key n]
Applies to openSUSE Leap 15.6

18 Time synchronization with NTP Edit source

Abstract

The NTP (network time protocol) mechanism is a protocol for synchronizing the system time over the network. First, a machine can obtain the time from a server that is a reliable time source. Second, a machine can itself act as a time source for other computers in the network. The goal is twofold—maintaining the absolute time and synchronizing the system time of all machines within a network.

Maintaining an exact system time is important in many situations. The built-in hardware clock does often not meet the requirements of applications such as databases or clusters. Manual correction of the system time would lead to severe problems because, for example, a backward leap can cause malfunction of critical applications. Within a network, it is usually necessary to synchronize the system time of all machines, but manual time adjustment is a bad approach. NTP provides a mechanism to solve these problems. The NTP service continuously adjusts the system time with reliable time servers in the network. It further enables the management of local reference clocks, such as radio-controlled clocks.

Since openSUSE Leap 15, chrony is the default implementation of NTP. chrony includes two parts; chronyd is a daemon that can be started at boot time and chronyc is a command line interface program to monitor the performance of chronyd, and to change operating parameters at runtime.

Starting with openSUSE Leap 15.2, the YaST module for NTP client configuration configures the systemd-timer instead of the cron daemon to execute chrony, when it is not configured to run as a daemon.

Note
Note

To enable time synchronization via active directory, follow the instructions found at Book “Security and Hardening Guide”, Chapter 7 “Active Directory support”, Section 7.3.3 “Joining Active Directory using Windows domain membership”, Joining an Active Directory domain using Windows domain membership.

18.1 Configuring an NTP client with YaST Edit source

The NTP daemon (chronyd) coming with the chrony package is preset to use the local computer hardware clock as a time reference. The precision of the hardware clock heavily depends on its time source. For example, an atomic clock or GPS receiver is a precise time source, while a common RTC chip is not a reliable time source. YaST simplifies the configuration of an NTP client.

In the YaST NTP client configuration (Network Services › NTP Configuration) window, you can specify when to start the NTP daemon, the type of the configuration source, and add custom time servers.

NTP configuration window
Figure 18.1: NTP configuration window

18.1.1 NTP daemon start Edit source

You can choose from three options for when to start the NTP daemon:

Only manually

Select Only Manually to manually start the chrony daemon.

Synchronize without daemon

Select Synchronize without Daemon to set the system time periodically without a permanently running chrony. You can set the Interval of the Synchronization in Minutes.

Now and on boot

Select Now and On Boot to start chronyd automatically when the system is booted. This setting is recommended.

18.1.2 Type of the configuration source Edit source

In the Configuration Source drop-down box, select either Dynamic or Static. Set Static if your server uses only a fixed set of (public) NTP servers, while Dynamic is better if your internal network offers NTP servers via DHCP.

18.1.3 Configure time servers Edit source

Time servers for the client to query are listed in the lower part of the NTP Configuration window. Modify this list as needed with Add, Edit, and Delete.

Click Add to add a new time server:

Adding a time server
Figure 18.2: Adding a time server
  1. In the Address field, type the URL of the time server or pool of time servers with which you want to synchronize the machine time. After the URL is complete, click Test to verify that it points to a valid time source.

  2. Activate Quick Initial Sync to speed up the time synchronization by sending more requests at the chronyd daemon start.

  3. Activate Start Offline to speed up the boot time on systems that start the chronyd daemon automatically and may not have an Internet connection at boot time. This option is useful, for example, for laptops with network connections managed by NetworkManager.

  4. Confirm with OK.

18.2 Manually configuring NTP in the network Edit source

chrony reads its configuration from the /etc/chrony.conf file. To keep the computer clock synchronized, you need to tell chrony what time servers to use. You can use specific server names or IP addresses, for example:

0.suse.pool.ntp.org
1.suse.pool.ntp.org
2.suse.pool.ntp.org
3.suse.pool.ntp.org

You can also specify a pool name. Pool name resolves to several IP addresses:

pool pool.ntp.org
Tip
Tip: Computers on the same network

To synchronize time on multiple computers on the same network, we do not recommend to synchronize them all with an external server. A good practice is to make one computer the time server which is synchronized with an external time server, and the other computers act as its clients. Add a local directive to the server's /etc/chrony.conf to distinguish it from an authoritative time server:

local stratum 10

To start chrony, run:

systemctl start chronyd.service

After initializing chronyd, it takes a while before the time is stabilized and the drift file for correcting the local computer clock is created. With the drift file, the systematic error of the hardware clock can be computed when the computer is powered on. The correction is used immediately, resulting in a higher stability of the system time.

To enable the service so that chrony starts automatically at boot time, run:

systemctl enable chronyd.service
Warning
Warning: Conflicting yast-timesync.service service

Besides the chronyd.service service, openSUSE Leap includes yast-timesync.service. yast-timesync.service is triggered by a timer every 5 minutes and runs chronyd with the -q option to set the system time and exit. Because only one instance of chronyd can be running at any given time, do not enable or start both chronyd-related services at the same time.

18.3 Configure chronyd at runtime using chronyc Edit source

You can use chronyc to change the behavior of chronyd at runtime. It also generates status reports about the operation of chronyd.

You can run chronyc either in interactive or non-interactive mode. To run chronyc interactively, enter chronyc on the command line. It displays a prompt and waits for your command input. For example, to check how many NTP sources are online or offline, run:

# chronyc
chronyc> activity
200 OK
4 sources online
2 sources offline
1 sources doing burst (return to online)
1 sources doing burst (return to offline)
0 sources with unknown address

To exit chronyc's prompt, enter quit or exit.

If you do not need to use the interactive prompt, enter the command directly:

# chronyc activity
Note
Note: Temporary changes

Changes made using chronyc are not permanent. They will be lost after the next chronyd restart. For permanent changes, modify /etc/chrony.conf.

For a complete list of chronyc commands, see its man page (man 1 chronyc).

18.4 Dynamic time synchronization at runtime Edit source

Although chronyd starts up normally on a system that boots without a network connection, the tool cannot resolve the DNS names of the time servers specified in the configuration file.

chronyd keeps trying to resolve the time server names specified by the server, pool, and peer directives in an increasing time interval until it succeeds.

If the time server will not be reachable when chronyd is started, you can specify the offline option:

server server_address offline

chronyd will then not try to poll the server until it is enabled using the following command:

# chronyc online server_address

When the auto_offline option is set, chronyd assumes that the time server has gone offline when two requests have been sent to it without receiving a response. This option avoids the need to run the offline command from chronyc when disconnecting the network link.

18.5 Setting up a local reference clock Edit source

The software package chrony relies on other programs (such as gpsd) to access the timing data via the SHM or SOCK driver. Use the refclock directive in /etc/chrony.conf to specify a hardware reference clock to be used as a time source. It has two mandatory parameters: a driver name and a driver-specific parameter. The two parameters are followed by zero or more refclock options. chronyd includes the following drivers:

  • PPS - driver for the kernel pulse per second API. For example:

    refclock PPS /dev/pps0 lock NMEA refid GPS
  • SHM - NTP shared memory driver. For example:

    refclock SHM 0 poll 3 refid GPS1
    refclock SHM 1:perm=0644 refid GPS2
  • SOCK - Unix domain socket driver. For example:

    refclock SOCK /var/run/chrony.ttyS0.sock
  • PHC - PTP hardware clock driver. For example:

    refclock PHC /dev/ptp0 poll 0 dpoll -2 offset -37
    refclock PHC /dev/ptp1:nocrossts poll 3 pps

For more information on individual drivers' options, see man 8 chrony.conf.

Print this page