I've desided to run ntpd (network time protocal daemon) on Vectra and use her to sync my other machines with. After a little researching I found out my ISP has a ntp server so I'm using that. The NTP daemon should come preinstalled on a FreeBSD box, it's also in ports if you need to update it without the whole computer. Since my ports tree is up to date and I need to update the system and ntpd takes less time to compile then FreeBSD this was my method of making sure it was up to date.
#cd /usr/ports/net/ntp && make install clean
That netted me ntp-4.2.2p3 which should be fairly current. Running portaudit tonite has showed me that python, ruby, and pgp have issues. Checking for outdated ports:
Vectra# portversion -v | grep "<" fastest_cvsup-0.2.9_3 < needs updating (port has 0.2.9_4) portaudit-0.5.10 < needs updating (port has 0.5.11) portupgrade-2.0.1_1,1 < needs updating (port has 2.1.3.3_1,2) ruby-1.8.4_4,1 < needs updating (port has 1.8.5,1)Gotta love portupgrade giving some nice tools, gotta do some updates over the weekend of course. The NTP daemon is pretty simple, all the compucated stuff is basically done for you by the program and Network Time Protocol. We need to create a configuration file, being part of the system it's in the et cetera directory of the root file system (/etc). The only editors installed on FreeBSD I know of are ed, ee, and vi. Ed was the first unix editor I think and probably would be a good choice if your using some type of telitype terminal, for the sake of ease of use I suggest you use ee or vi. PC-BSD and DesktopBSD should include kwrite, kedit, and kate, xedit as well. I personally prefer vi as it's vim like (funny as vim is supposed to be vi like :-P ).
Vectra#vi /etc/ntp.conf #Simple ntpd configuration for Vectra driftfile /var/db/ntpd.drift server ntp.bellsouth.net version 2 #Broadcast NTP signals over the LAN restrict 192.168.1.255 mask 255.255.255.0 notrust nomodify logfile /var/log/ntp.logLike many config files and a fair number of scripting languages any use of "#" is a comment. To explain NTP quickly. You have a clock, like all clocks your lose accuracy as time goes on. Infact my wristwatches manual stats that it'll gain like 0.001 seconds a year. I'm not the most tech-headed person but I'd reckon a machine that's not up 24/7/365 a year is going to be less accurate them my watch. So we need to "syncronize" our watches to do that we need some thing to sync to, thats where time servers come in. A primary time server should be hooked up to a decent time source, like an atomic clock or GPS gizmo e.t.c. and filter down through things, need less to say primary/secondary time servers should be fairly accurate and NTP takes into account trying to keep it that way between systems. The configuration file specifies my ISP's time server using the syntax "server Server_To_Sync_With", you need to query at least one server, two is more reliable but you should be considerate of the server maintainers. The driftfile is used to help store information to keep accuracy of the time. The server is limited to broadcasting on the given LAN with several options (taken from the man page). notrust Treat these hosts normally in other respects, but never use them as synchronization sources nomodify Ignore all NTP mode 6 and 7 packets which attempt to modify the state of the server (i.e., run time reconfiguration). Queries which return information are permitted. We can start the daemon now using the command:
Vectra#ntpd -c /etc/ntp.conf -f /var/db/ntpd.driftTo get this setup at boot time we enable ntpd in /etc/rc.conf, edit it as root in your editor of choice. Add ntpd_enable="YES" and ntpd_falgs="-c /etc/ntp.conf -f /var/db/ntpd.drift", below is a copy of my rc.conf file including the ntpd lines.
# -- sysinstall generated deltas -- # Sat Sep 2 19:29:45 2006 # Created: Sat Sep 2 19:29:45 2006 # Enable network daemons for user convenience. # Please make all changes to this file, not to /etc/defaults/rc.conf. # This file now contains just the overrides from /etc/defaults/rc.conf. hostname="Vectra" ifconfig_xl0="DHCP" saver="daemon" sshd_enable="YES" usbd_enable="YES" update_motd="NO" #Services #enable CUPS #cupsd_enable="YES" #background_cupsd="YES" #boot samba #samba_enable="YES" #enable ntpd ntpd_program="/usr/local/bin/ntpd" ntpd_enable="YES" ntpd_falgs="-c /etc/ntp.conf -f /var/db/ntpd.drift" #Security #clear temp files clear_tmp_enable="YES" #Make sendmail listin only on the local host sendmail_enable="NO" #Ignore ICMP redirect packets icmp_drop_redirect="YES"
I've organized it in the form of things that came standard, services, and security for now. To sync my computers with Vectra I've to set them up to use ntpd with the FreeBSD box as the time server. If you've got to sync multiple machines you should use one as a local time server and sync the others on it rather then say ask your internet time server for the time 10 times ! Also you can use ntpdate timeserver for a one time update instead of running ntpd on the clients.
Ok, I think I've accidently not done my history test enough, time for bed I'll worry about getting windows clients syncing off it and the box updated tomorrow !!!
No comments:
Post a Comment