Bering-uClibc 4.x - User Guide - Basic Configuration - Setup a small timeserver
|Basic Configuration - Setup a small timeserver|
|Prev||Bering-uClibc 4.x - User Guide||Next|
It is important on routers and firewalls to have the exact time. It starts while reviewing your log files and ends with some applications that won't even start properly without having the correct time (e.g. openvpn).
This instructions explain, how to make shure, you have the exact time (UTC)
on your router and to optionally act as a timeserver for the local net. We
use by default the busybox applet
ntpd to achieve that goals, though you can replace it with a package providing the full-fledged ntp from ntp.org (
The ntpd applet is part of the core and already installed after you boot your router. If enabled (see below), it sets the time with the information provided by two upstream servers and listen on all ports to serve clients in your LAN with the correct time.
ntpd is part of the default distribution and already installed.
To make use
ntpd you have to make shure that the Package
bbntpd.lrp is loaded (through
bbntpd.lrp provides the init script, that starts
ntpd and the configuration file.
/etc/default/ntpd is the only configuration file you need to touch - you
can add more upstream servers and en/disable ntpd as timeserver for your LAN,
or preventing to run the ntpd applet at all. The latter is important, if
you want to use the full-fledged
To enable ntpd change
With NTPDOPTS you can change the way ntpd works.
The option "-l" activates ntpd to act as timeserver for your LAN. If don't need that, just remove "-l" from NTPDOPTS.
To get the exact time, you have to synchronize with peers from a group of so-called stratum 2 timeservers. A good place to start is the pool at pool.ntp.org (see http://twiki.ntp.org/bin/view/Servers/NTPPoolServers). The default settings calls at least two peers from the pool. Each peer is added with the "-p" option followed by a number from pool.ntp.org. (e.g. 0.pool.ntp.org, 1.pool.ntp.org) You can add as much peers as you want. Though the default should work sufficiently.
Open your firewall for time services
ntpd needs open ports for ntp from the firewall to the net, to sync
your router with the peers on the net, and to allow a
connection from your LAN clients to your timeserver on the router.
The first one is open by default with recent versions of Bering-uClibc, to
allow access from the LAN to the firewall/router you have to outcomment the
according entry in
# timeserver (allow syncing with time servers (default: pool.ntp.org)) NTP(ACCEPT) fw net # timeserver (allow LAN clients to sync with the time service on this machine) ) # NTP(ACCEPT) loc fw
For more information see:
ntp.org - the home of the Network Time Protocol project with an extensive documentation.
The NTP FAQ and HOWTO - "A first try on a non-technical Mini-HOWTO and FAQ on NTP"