Things I'd do if I ever have time

Wish list

Please help a man further his career by donating expensive hardware. Cash works too.

OpenBSD Time Services

Published: 09/07/2009

Every network has a number of nodes which should be time-synchronized together. Access points, router logs, RADIUS servers, Windows clients, Active Directory, the blinking VCR clock... Troubleshooting various systems and network issues often requires timing correlation of logs from different nodes and if the internal clocks of each device is off, it makes life difficult when narrowing down problems. This becomes especially critical if low-level forensics work is involved.

Enter Network Time Protocol (NTP). NTP has been around, like, forever. And OpenBSD, of course, has it built in. Setting it up is fast, easy, and should be one of the first things any good IT admin does when creating a new environment. You could install OpenBSD on a machine with only 64 Megs of memory and it'll get the job done for simple time services.

NTP works over UDP 123. Having a single authoritative NTP server in your network reduces the amount of NTP sync requests to a public NTP server from your corporate LAN because every node sends their requests to the same place inside their home network, which also means there's much better assurance that the clocks on all systems will be in complete sync.

Once your base OpenBSD server is up and running, edit /etc/ntpd.conf and uncomment:

listen on *

Ensure that the server can resolve via DNS. Then edit /etc/rc.conf.local and add the line:


Reboot the box. When it's back up, verify that ntpd is doing its job:

   More Information

Sync your network with the local NTP server

   Configure Active Directory Domain Services Group Policy

   Configure Cisco PIX

   Configure Cisco 2950 Switch

   Configure OpenBSD Client

   Configure Red Hat Enterprise Linux / CentOS

Go back to the main articles list.