Ntp

手動更改後NTP是否應該更新時間?

  • March 7, 2016

我已經配置NTP了服務,並通過以下方式對其進行了檢查:

  1. 禁用 NTP
  2. 調整時間
  3. 啟用 NTP

主機的時間固定在幾秒鐘內。但如果我這樣做:

  1. 啟用 NTP
  2. 調整時間

時間不固定。在這種情況下應該固定時間嗎?

我正在通過諸如 /bin/date -s "4:2" && /sbin/hwclock -w

OS: Debian 3.2.68-1+deb7u5

ntp.conf 之類的命令設置時間(所有預設值,server行除外):

# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help

driftfile /var/lib/ntp/ntp.drift


# Enable this if you want statistics to be logged.
#statsdir /var/log/ntpstats/

statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable


# You do need to talk to an NTP server or two (or three).
server 0.pool.ntp.org iburst
server 1.pool.ntp.org iburst
server 2.pool.ntp.org iburst
server 3.pool.ntp.org iburst

# pool.ntp.org maps to about 1000 low-stratum NTP servers.  Your server will
# pick a different set every time it starts up.  Please consider joining the
# pool: <http://www.pool.ntp.org/join.html>
#server 0.debian.pool.ntp.org iburst
#server 1.debian.pool.ntp.org iburst
#server 2.debian.pool.ntp.org iburst
#server 3.debian.pool.ntp.org iburst


# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
# details.  The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions>
# might also be helpful.
#
# Note that "restrict" applies to both servers and clients, so a configuration
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.

# By default, exchange time with everybody, but don't allow configuration.
restrict -4 default kod notrap nomodify nopeer noquery
restrict -6 default kod notrap nomodify nopeer noquery
# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1
restrict ::1

# Clients from this (example!) subnet have unlimited access, but only if
# cryptographically authenticated.
#restrict 192.168.123.0 mask 255.255.255.0 notrust


# If you want to provide time to your local subnet, change the next line.
# (Again, the address is an example only.)
#broadcast 192.168.123.255

# If you want to listen to time broadcasts on your local subnet, de-comment the
# next lines.  Please do this only if you trust everybody on the network!
#disable auth
#broadcastclient

答案是“是和不是”。

當本地和 ntp-server 之間的差異太大時(我認為大約是 0.5 秒?),NTP 不會更新伺服器上的時間。但是當它檢測到太大的差異並決定這樣做時,它可以在一段時間後恢復時間進行糾正。

您可以使用以下方法更改該時間:

tinker panic 0 stepout 120

它將在 2 分鐘後恢復到正確的時間(如果我沒記錯的話,預設為 15 ……當然取決於實施)。

這是為什麼?

NTP 嘗試盡可能地進行小修復,以保持時間線性且真正正確。如果差異太大,他無法正確保持它,因為修復時間可能需要很長時間(修復時間大約為 1-10 毫秒)。

正常執行也可能出現太大的差異,當您的本地時鐘工作不正常且太慢時,差異越來越大,最終變得如此之大以至於ntpd不再固定時間。

引用自:https://serverfault.com/questions/762069