Ubuntu: Use Private NTP Server

Status

For hosts in isolated VLANS, we provide access to a local NTP server, via firewall rules.

The local NTP server is at: 192.168.1.12.

See this page for the local NTP server: Local GPS NTP Time Server

The main router includes a floating firewall rule that forwards UDP port 123 requests to the local NTP server.
It includes most of the VLANS. But can be updated to include other VLANs.

Configuration

Here are steps to configure an isolated Ubuntu VM to use the local NTP server.

Install NTP on the VM with:

sudo apt update
sudo apt install ntp

Edit the ntp config file to listen to the local NTP server.
Open it with:

sudo nano /etc/ntpsec/ntp.conf

NOTE: NTP is handled by ntpsec in recent Ubuntu versions.
And, its configuration is stored in: /etc/ntpsec.

Locate the NTP pool entries, and comment out each one.

Then, add the local NTP server entry line:

server 192.168.1.12 iburst

The section should look like this:

# Use servers from the NTP Pool Project. Approved by Ubuntu Technical Board
# on 2011-02-08 (LP: #104525). See https://www.pool.ntp.org/join.html for
# more information.
server 192.168.1.12 iburst
#pool 0.ubuntu.pool.ntp.org iburst
#pool 1.ubuntu.pool.ntp.org iburst
#pool 2.ubuntu.pool.ntp.org iburst
#pool 3.ubuntu.pool.ntp.org iburst

# Use Ubuntu's ntp server as a fallback.
#server ntp.ubuntu.com

Restart the ntpsec service with:

sudo systemctl restart ntpsec

You can check the service status with this:

sudo systemctl status ntpsec

And, you can see the NTP status, with this:

ntpq -p