Set up NTP Server and Client on Rocky Linux 9 | Best Guide

In this guide, we want to teach you to Set up NTP Server and Client on Rocky Linux 9. Network Time Protocol (NTP) is a protocol that allows the synchronization of system clocks (from desktops to servers). Having synchronized clocks is not only convenient but required for many distributed applications. Therefore, the firewall policy must allow the NTP service if the time comes from an external server.

You can now follow the guide steps below on the Orcacore website to complete NTP Setup on Rocky Linux 9.

To complete NTP Setup on Rocky Linux 9, you must log in to your server as a non-root user and set up a basic firewall. To do this, you can follow our guide on Initial Server Setup with Rocky Linux 9.

1. Install Chrony on Rocky Linux 9

To install NTP on your Rocky Linux server, you must have Chrony installed on your server. Chrony is an implementation of the Network Time Protocol and is useful in a number of ways.

First, you need to check your current time zone by using the command below:

timedatectl

Example output:

**Output**
Time zone: America/New_York (EDT, -0400)

Next, update your local package index with the following command:

sudo dnf update -y

Then, use the following command to install Chrony on Rocky Linux 9:

sudo dnf install chrony -y

Manage Chrony Service

At this point, you need to start and enable Chrony to start on the boot system:

# sudo systemctl start chronyd
# sudo systemctl enable chronyd

To verify that your Chrony service is active and running on your Rocky Linux 9, run the command below:

sudo systemctl status chronyd

Now let’s see how to configure the NTP server.

2. Configure NTP Server on Rocky Linux 9

The default configuration file for the NTP server is /etc/chrony.conf.

First, you need to open the file with your favorite text editor, here we use vi editor:

sudo vi /etc/chrony.conf

At the file, comment on the Pool line by adding the # from the beginning of the line.

Then, add a list of NTP servers close to your location. In my case, the US, you can use the All pool server on the ntppool website:

#pool 2.cloudlinux.pool.ntp.org iburst
server 0.us.pool.ntp.org
server 1.us.pool.ntp.org
server 2.us.pool.ntp.org
server 3.us.pool.ntp.org

Also, you need to Allow NTP client access from the local network. To do this, edit the line below:

# Allow NTP client access from local network.
allow 192.168.201.0/24

When you are done, save and close the file.

In the next step, you need to set NTP synchronization with the following command:

sudo timedatectl set-ntp true

Restart your Chrony service to apply the changes:

sudo systemctl restart chronyd

Check NTP Server Status

Now you can check whether your NTP server is working or not with the following command:

chronyc sources

Configure Firewall for NTP

At this point, you need to allow NTP service through the Rocky Linux 9 firewall:

sudo firewall-cmd --permanent --add-service=ntp --permanent

Reload the firewall to apply the changes:

sudo firewall-cmd --reload

Now let’s see how to configure the NTP client.

3. Configure NTP Client on Rocky Linux 9

At this point, you need to install the NTP client on a client machine and configure it with the Chrony. Here our client machine is Rocky Linux 9.

First, you need to set the correct timezone on your client machine:

sudo timedatectl set-timezone **America/New_York**

Then, install Chrony on your client machine:

sudo dnf install chrony -y

Edit the configuration file /etc/chrony.conf and point to your NTP server.

sudo vi /etc/chrony.conf

#pool 2.fedora.pool.ntp.org iburst
server your-server-ip-address

When you are done, save and close the file.

Restart your Chrony service to apply the changes:

sudo systemctl restart chronyd

Next, set NTP synchronization:

sudo timedatectl set-ntp true

Enable your Chrony service to start on boot:

sudo systemctl enable chronyd

Now verify your time synchronization:

chronyc sources

Check NTP Client Status

Finally, you can check on NTP clients. To do this, log in to your Rocky Linux 9 server and run the command below:

sudo chronyc clients

That’s it, you are done with NTP Setup on Rocky Linux 9.

Conclusion

At this point, you have learned to Set up NTP Server and Client on Rocky Linux 9. The purpose of using an NTP (Network Time Protocol) server and client on Rocky Linux 9 is to synchronize the system time across devices on a network. The NTP server provides accurate time to clients, ensuring consistent and precise timekeeping, which is essential for logging, scheduling tasks, and security purposes.

Hope you enjoy it. You may also like these articles:

Install Caddy Web Server on Rocky Linux 9

How To Install mtr Command on Linux

How To Install Squid Proxy on Debian 11

Install Python 3.13 on Rocky Linux 9

Alternative Solutions for Setting up NTP

While the above guide uses Chrony, which is an excellent and modern NTP implementation, here are two alternative ways to achieve time synchronization on Rocky Linux 9.

1. Using systemd-timesyncd

systemd-timesyncd is a simpler NTP client that’s part of the systemd suite, and is often installed by default on many modern Linux distributions. It’s designed to keep the system clock synchronized with NTP servers with minimal configuration. While it’s not as fully featured as Chrony, it’s sufficient for many basic use cases.

Explanation:

systemd-timesyncd operates as a client only; it cannot serve time to other machines. It periodically queries NTP servers and adjusts the local system clock. The primary advantage is its simplicity and ease of use. It’s lightweight and generally requires less configuration than Chrony.

Configuration:

The main configuration file for systemd-timesyncd is /etc/systemd/timesyncd.conf. You can specify the NTP servers to use in this file.

[Time]
NTP=0.pool.ntp.org 1.pool.ntp.org 2.pool.ntp.org
FallbackNTP=ntp.ubuntu.com

• NTP: Specifies the primary NTP servers to use. Multiple servers should be space separated.
• FallbackNTP: Specifies fallback NTP servers to use if the primary servers are unavailable.

Commands:

1. Start and Enable the Service:

   sudo systemctl enable --now systemd-timesyncd

2. Check Status:

   sudo systemctl status systemd-timesyncd

3. Check Synchronization Status:

   timedatectl status

   The output will show details about the time synchronization status, including the NTP server being used and the round-trip time.

Code Example:

To modify the /etc/systemd/timesyncd.conf file programmatically, you could use sed or awk. For example, to replace the existing NTP servers with time.google.com and time1.google.com, you could use:

sudo sed -i 's/^NTP=.*/NTP=time.google.com time1.google.com/' /etc/systemd/timesyncd.conf
sudo systemctl restart systemd-timesyncd

This solution provides a straightforward way to synchronize time if you don’t need the advanced features of Chrony and prefer a simpler approach.

2. Using ntpd (Network Time Protocol Daemon)

ntpd is the original implementation of the NTP protocol. While Chrony is generally preferred due to its faster synchronization and better handling of intermittent network connections, ntpd remains a viable option, particularly in environments where it’s already established or for specific legacy compatibility reasons. This alternative approach will also help you Set up NTP Server and Client on Rocky Linux 9.

Explanation:

ntpd synchronizes the system clock to NTP servers using a more traditional approach. It’s been around for a long time and is well-understood, but can be slower to synchronize initially compared to Chrony. It can act as both a server and a client, allowing other machines to synchronize their time with it.

Installation:

ntpd is available from the standard Rocky Linux repositories.

sudo dnf install ntp

Configuration:

The main configuration file is /etc/ntp.conf.

Example /etc/ntp.conf configuration:

driftfile /var/lib/ntp/drift

restrict default nomodify notrap nopeer noquery
restrict 127.0.0.1
restrict ::1

# Add pool servers
server 0.pool.ntp.org iburst
server 1.pool.ntp.org iburst
server 2.pool.ntp.org iburst

# Allow clients from the local network
restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

• driftfile: Specifies the file used to record the drift of the system clock.
• restrict: Controls access to the NTP server. The default line typically restricts most access. 127.0.0.1 and ::1 allow access from the local machine. The final restrict line allows clients from the 192.168.1.0/24 network to synchronize. Adjust the network address and mask to match your network configuration.
• server: Specifies the NTP servers to synchronize with. iburst allows for faster initial synchronization.

Commands:

1. Start and Enable the Service:

   sudo systemctl enable --now ntpd

2. Check Status:

   sudo systemctl status ntpd

3. Query NTP Servers:

   ntpq -p

   This command shows the status of the NTP servers being used, including their stratum, offset, and delay.

Code Example:

To programmatically add a server to the /etc/ntp.conf file:

sudo sh -c 'echo "server time.nist.gov iburst" >> /etc/ntp.conf'
sudo systemctl restart ntpd

This appends the line server time.nist.gov iburst to the end of the /etc/ntp.conf file and restarts the ntpd service. Remember to configure your firewall to allow NTP traffic (UDP port 123).

Choosing between Chrony, systemd-timesyncd, and ntpd depends on your specific requirements. Chrony offers a balance of features and performance, systemd-timesyncd prioritizes simplicity, and ntpd provides a more traditional approach. This guide showed how to Set up NTP Server and Client on Rocky Linux 9 using Chrony, and it also provided two valid alternatives.