How to Configure NTP on Ubuntu: Accurate Time Synchronization with Chrony

1. Importance of NTP on Ubuntu

What is NTP?

NTP (Network Time Protocol) is a protocol designed to synchronize the time of computer systems accurately over a network. Maintaining accurate system time is essential for log consistency, transaction processing, and the reliability of network communication. If the system clock drifts, network errors or data inconsistencies may occur, making accurate time synchronization crucial, especially in server environments.

On Ubuntu, chrony is recommended because it provides accurate time synchronization even in unstable network environments. Chrony also offers low latency and fast synchronization, making it suitable for both server and client environments.

2. How to Configure NTP

Installing and Configuring Chrony

Chrony is the default NTP client on Ubuntu 18.04 and later. Use the following steps to install Chrony and configure time synchronization using NTP servers.

Installation Steps

sudo apt update
sudo apt install chrony

Next, start the Chrony service and enable it for automatic startup.

sudo systemctl start chrony
sudo systemctl enable chrony

The configuration file is located at /etc/chrony/chrony.conf. If you want to use NTP servers located in Japan, configure it as follows:

server ntp.nict.jp iburst
server 0.jp.pool.ntp.org iburst
server 1.jp.pool.ntp.org iburst
server 2.jp.pool.ntp.org iburst

The iburst option accelerates the initial synchronization when connecting to an NTP server.

3. Optimizing and Selecting NTP Servers

Using the NTP Pool Project

The NTP Pool Project provides region-optimized NTP servers sourced from around the world. By configuring multiple NTP servers, reliability increases, ensuring that if one server becomes unavailable, others can seamlessly continue time synchronization.

The example below shows a configuration that uses servers located in Japan:

server ntp.nict.jp iburst
server 0.jp.pool.ntp.org iburst
server 1.jp.pool.ntp.org iburst
server 2.jp.pool.ntp.org iburst

4. Setting the Time Zone

Using the `timedatectl` Command

By default, Ubuntu uses UTC as the system time zone. You can change it to Japan Standard Time (JST) using the following command:

sudo timedatectl set-timezone Asia/Tokyo

After making the change, verify the current time zone settings with:

timedatectl

5. Troubleshooting

When NTP Does Not Synchronize

Check the Firewall

NTP uses UDP port 123, and synchronization may fail if the firewall blocks this port. Open port 123 using the following command:

sudo ufw allow 123/udp

Checking for False-tickers

Use the ntpq -p command to verify whether NTP servers are functioning correctly. Servers providing inaccurate time are marked with an x symbol. If detected, remove or replace those servers in your configuration.

Stratum 16 Error

If the NTP server cannot synchronize with an upstream server, a Stratum 16 error occurs. This indicates a connectivity or configuration issue. Verify your network settings and reconfigure your NTP servers to ensure synchronization with reliable upstream sources.

Manual Time Synchronization

To manually synchronize time using Chrony, run the following command:

sudo ntpdate ntp.nict.jp

You can also review Chrony logs to diagnose synchronization issues:

sudo journalctl -u chrony

6. NTP Optimization in High-Load Environments

Adjusting `minpoll` and `maxpoll`

In environments requiring high-precision time synchronization, adjusting NTP polling intervals allows more frequent updates and helps minimize time drift. The configuration example below increases the synchronization frequency:

server ntp.nict.jp iburst minpoll 4 maxpoll 10

Managing NTP with Juju

In large-scale cloud environments, Juju can automate NTP service deployments. Juju monitors host loads and automatically selects the optimal host as the NTP server. Deploy NTP via Juju as follows:

juju deploy cs:ntp ntp
juju config ntp auto_peers=true

This enables automated NTP management, distributing load effectively and ensuring efficient time synchronization.

7. Enhancing Security

Access Control for NTP Servers

To improve security, you can restrict NTP server access to specific IP addresses. Add access control rules to /etc/chrony/chrony.conf as shown below to allow requests only from approved networks:

allow 192.168.1.0/24

This prevents unauthorized NTP requests from external hosts and strengthens internal network security.

1. Importance of NTP on Ubuntu

What is NTP?

2. How to Configure NTP

Installing and Configuring Chrony

Installation Steps

3. Optimizing and Selecting NTP Servers

Using the NTP Pool Project

4. Setting the Time Zone

Using the `timedatectl` Command

5. Troubleshooting

When NTP Does Not Synchronize

Check the Firewall

Checking for False-tickers

Stratum 16 Error

Manual Time Synchronization

6. NTP Optimization in High-Load Environments

Adjusting `minpoll` and `maxpoll`

Managing NTP with Juju

7. Enhancing Security

Access Control for NTP Servers

Ubuntu Memory Monitoring Guide: How to Check and Optimize RAM Usage on Linux

Mastering the ping Command in Ubuntu: Network Diagnostics Made Easy

How to Configure NTP on Ubuntu: Accurate Time Synchronization with Chrony

1. Importance of NTP on Ubuntu

What is NTP?

2. How to Configure NTP

Installing and Configuring Chrony

Installation Steps

3. Optimizing and Selecting NTP Servers

Using the NTP Pool Project

4. Setting the Time Zone

Using the timedatectl Command

5. Troubleshooting

When NTP Does Not Synchronize

Check the Firewall

Checking for False-tickers

Stratum 16 Error

Manual Time Synchronization

6. NTP Optimization in High-Load Environments

Adjusting minpoll and maxpoll

Managing NTP with Juju

7. Enhancing Security

Access Control for NTP Servers

Ubuntu Memory Monitoring Guide: How to Check and Optimize RAM Usage on Linux

Mastering the ping Command in Ubuntu: Network Diagnostics Made Easy

Using the `timedatectl` Command

Adjusting `minpoll` and `maxpoll`