RHCSA Training Labs

These are some labs I have crafted to prep for the RHCSA exam.  Hopefully you will find this useful!

Brakertech’s RHCSA Training Labs

Objective: Configure NTP Client to sync against a custom NTP server

Configure Local NTP Server

The first step is to get your local ntp server running

Install Required Package

# yum install ntp

Modify /etc/ntp.conf

  • replace 38.106.177.10 with your primary external ntp server to sync with
  • change 192.168.0.0 to the local subnet you would like to accept connections from
[root@rhel6 ~]# cat /etc/ntp.conf | grep -v "#" | grep -v "^$"
driftfile /var/lib/ntp/drift
restrict default kod nomodify notrap nopeer noquery
restrict 127.0.0.1 
restrict 38.106.177.10 mask 255.255.255.255 nomodify notrap noquery
restrict 192.168.0.0 mask 255.255.255.0 nomodify notrap
server 38.106.177.10
server 0.north-america.pool.ntp.org
server 1.north-america.pool.ntp.org
server 2.north-america.pool.ntp.org
server 3.north-america.pool.ntp.org
includefile /etc/ntp/crypto/pw
keys /etc/ntp/keys

Confirm local ntp server machine can retrieve ntp updates from external server

[root@rhel6 ~]# service ntpd stop
Shutting down ntpd:                                        [  OK  ]
[root@rhel6 ~]# ntpdate 38.106.177.10
16 Aug 02:42:42 ntpdate[3353]: adjust time server 38.106.177.10 offset 0.097539 sec
[root@rhel6 ~]# service ntpd start
Starting ntpd:                                             [  OK  ]
[root@rhel6 ~]#

Set ntp to start on boot

[root@rhel6 ~]# chkconfig ntpd on
[root@rhel6 ~]# chkconfig --list | grep ntpd
ntpd            0:off   1:off   2:on    3:on    4:on    5:on    6:off

Disable selinux and iptables

[root@rhel6 ~]# setenforce 0
[root@rhel6 ~]# service iptables stop

Configure ntp client

The client machine must be another machine on your local network (ex: in 192.168.0.0 mask 255.255.255.0 network i specified in the above server config)

Install Required Package

[root@rhel6 ~]# yum install ntp
[root@rhel6 ~]# yum install ntpdate

Modify /etc/ntp.conf

  • change 192.168.0.4 to the ip of your local ntp server
  • Alternatively you can set the ntp server by running system-config-date & from terminal
[root@desktop2 ~]# cat /etc/ntp.conf | grep -v "#" | grep -v "^$"
driftfile /var/lib/ntp/drift
restrict default ignore
restrict 127.0.0.1 
restrict 192.168.0.254
restrict 192.168.0.4
server 192.168.0.4 iburst
includefile /etc/ntp/crypto/pw
keys /etc/ntp/keys
[root@desktop2 ~]#

Test our ntp client’s ability to sync time with the local ntp server

Follow these steps:

  1. stop ntpd
  2. set a different local time on the client machine with date -s
  3. run ntpdate -u three times
  4. start ntpd
  5. check time with date command
[root@desktop2 ~]# service ntpd stop
[root@desktop2 ~]# date
Thu Aug 16 02:47:07 CDT 2012
[root@desktop2 ~]# date -s "16:15:00"
Thu Aug 16 16:15:00 CDT 2012
[root@desktop2 ~]# ntpdate -u 192.168.0.4
16 Aug 02:47:34 ntpdate[9974]: step time server 192.168.0.4 offset -48458.277826 sec
[root@desktop2 ~]# ntpdate -u 192.168.0.4
16 Aug 02:47:35 ntpdate[9975]: adjust time server 192.168.0.4 offset 0.000287 sec
[root@desktop2 ~]# ntpdate -u 192.168.0.4
16 Aug 02:47:35 ntpdate[9976]: adjust time server 192.168.0.4 offset 0.000384 sec
[root@desktop2 ~]# service ntpd start
Starting ntpd:                                             [  OK  ]
[root@desktop2 ~]# date
Thu Aug 16 02:47:46 CDT 2012

Troubleshooting NTP

Here are some basic troubleshooting steps when dealing with ntp

  • Change your client’s timezone to the same timezone as your server’s, instructions here
  • Check for selinux blocking ntp requests on client and server
  • Verify firewall rules allow UDP traffic on source/destination port 123 between your server and the Stratum 1/2 server with which you are synchronizing.
  • use ntpq to determine if you are properly syncronized with your local ntp server:
[root@desktop2 ~]# ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 192.168.0.4     38.106.177.10    2 u   10   64  377    0.366  -100.05  39.778

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.