ntp server

DIY HOME SERVER 2021 – Software – NTP Server

1. DIY HOME SERVER - Local NTP Server - Prepare container

When creating a home lab server, it’s often usefull to have a Network Time Protocol server inside your local network. In cases where you have VLAN with no internet access, it’s good practice to have a local NTP server keeping al your IoT devices like for instance IP cameras in sync.

A common way to install applications in Proxmox is to use Docker containers. But I like to do things a bit different. Let’s install a NTP Server in an Ubuntu LXC.

We will use Chrony as our NTP server.

In Proxmox, select local (storage) → CT Templates → Templates.

In the dropdown, select the latest Ubuntu LTS (.04) template and click the Download button.

Click the Create CT button to create a new LXC.

On the General tab, specify the container name an set the password for the root user.

Click Next.

On the Template tab, select the latest Ubuntu CT Template.

Click Next.

On the Root Disk tab, set a 2 GB Disk size.

Click Next.

On the CPU tab, there’s nothing to change.

Click Next.

On the Memory tab, there’s nothing to change.

Click Next.

On the Network tab, set the static IP address and specify the Gateway.

Click Next.

On the DNS tab, there’s nothing to change.

Click Next.

On the Confirm tab, check the Start after created option.

Click Next.

The container will be installed.

Select the container and click Options → Start at boot → Edit.

Set the Start at boot option and click OK.

You might want to set the Start/Shutdown order so the NTP server starts early in the Proxmox boot process.

 

2. DIY HOME SERVER - Local NTP Server - Add VLAN NIC

For security and privacy reasons, you better put all your IoT devices and especially all IP cameras in a seperate VLAN, one that has no internet access. Believe me, a lot of IP cameras have security issues or even “phone home” from time to time. 

Because my mainboard has multiple NIC, I can add one Network Interface connected to a seperate VLAN to the NTP Server LXC container and use that one to reach my IP cameras.

Use Network → Add to add a NIC to the container. Specify a fixed IP addres inside the IoT VLAN and don’t specify a Gateway.

Tip :

Specify the same fixed network address host in all subnets. That way it’s easy to remember.

Example :
192.168.50.16/24
192.168.51.16/24
192.168.52.16/24

3. DIY HOME SERVER - Local NTP Server - Installation

Start the newly created NTP Server Container.

Select the Console.

Log in as user root with the password set during the container creation.

Enter the following command sequences :
apt update && apt upgrade -y
apt install chrony -y

You might want to correct your system time zone.

You can get a list of all available timezones by using the command : 

timedatectl list-timezones

Then set your specific timezone like this :

timedatectl set-timezone Europe/Brussels

Now let’s configure Chrony :

nano /etc/chrony/chrony.conf

Goto the end of the file and set all subnets you want to allow access to this NTP server.

allow xxx.xxx.yyy.0/24
allow xxx.xxx.zzz.0/24

Press Ctrl + O to save, confirm.
Press Ctrl + X to exit.

Tip :

Chromy by default acts as a NTP client. By adding the allow statement it starts acting as a server.

Now restart Chrony :

systemctl restart chrony

Job done. You now have a fully operational NTP server.

Now go and configure all possible LAN clients to use this NTP server by specifiing :

  • the IP address of the NTP server (in the correct subnet)
  • UDP port 123

 

When done, you can check if NTP clients succesfully connect to the new NTP server by entering the following command in the console :

chronyc clients

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.