VMware Cloud Community
jaspain
Enthusiast
Enthusiast
‎07-10-2009 12:16 PM

ESX 4 NTP Client Will Not Synchronize with NTP Server on 3Com Switch/Router

ESX 4 (and this also applies to ESX 3.5) uses version 4 of the Network Time Protocol by default and will not synchronize with 3Com switches and routers running 3Com Comware 5, e.g. the 5500G switch and the MSR router series. The symptoms are that the ESX host sends NTP queries to the 3Com device, but the 3Com device remains silent, issuing no responses. The problem is that the 3Com devices support NTP up to version 3, but not version 4. 3Com Tech Support told me that NTP version 4 is not currently on the product roadmap, but has been submitted as a feature request.

There is a fairly simple workaround, however. First configure NTP using the vSphere client in the usual manner:

  • Select the ESX host, and then click on its Configuration tab and then on the Time Configuration link.

  • Click on Properties..., check NTP Client Enabled, and click Options.

  • On the General tab, be sure that the NTP service is set to start automatically.

  • On the NTP Settings tab, add the IP address of the 3Com switch(es) and/or router(s) to be used as NTP servers.

  • Check Restart NTP service to apply changes, then OK, and OK.

Now since the ESX server will be sending out queries using NTP version 4 and the 3Com devices are expecting at most version 3, the 3Com devices will not respond, and the ESX server will not synchronize. To fix this, log onto the console of the ESX server:

  • Stop the NTP service with the command service ntpd stop.

  • Use nano or your favorite text editor to edit the file /etc/ntp.conf.

  • One or more of the lines will read SERVER w.x.y.z where w.x.y.z is the IP address of the corresponding 3Com device.

  • Modify these lines so that they read SERVER w.x.y.z VERISON 3. This will cause the NTP client to issue its queries to that device using NTP version 3 rather than the default version 4.

  • Save the file and exit the editor.

  • Then start the NTP service with service ntpd start. When starting the service, it may indicate that synchronization has failed.

  • If you wait a few minutes, you can use the command ntptrace localhost to verify that the NTP client has in fact ultimately synchronized.

  • With the NTP service stopped, you can test it with the command ntpd -d -q. After you have modified ntp.conf as above, you should see messages showing queries and responses between the ESX host and the 3Com NTP server. After a few minutes, ntpd should exit indicating that the NTP client has synchronized, but the messages are admittedly somewhat cryptic. Contrast this with the messages you will see before you edit ntp.conf, where there will be no responses from the 3Com device to NTP queries.

  • Another useful troubleshooting step to see what has been happening with NTP is to examine the message log: cat /var/log/messages | grep ntpd.

Tags (3)
Reply
0 Kudos
5 Replies
jaspain
Enthusiast
Enthusiast
‎09-30-2010 08:03 AM

Updated information for ESXi Installable 4.1

The configuration on the vSphere client is the same as before.

There is no "service console" per se on ESXi, but one can temporarily enable local or remote Tech Support Mode. See Using Tech Support Mode in ESXi 4.1 at .

To stop/start the NTP service, use the command /etc/init.d/ntpd {start|stop|status|restart}.

The nano editor isn't available, so use vi instead.

Otherwise after configuring the IP address of the NTP server in the vSphere client, edit the file /etc/ntp.conf as described above. Note the typo: for "VERISON 3" read "VERSION 3".

To test synchronization, stop the NTP service and enter the command ntpd -q. There is no -d option available. Then start the service again.

To check the log, use the same command as before: cat /var/log/messages | grep ntpd.

The ntptrace command isn't available.

Reply
0 Kudos
simon79
Contributor
Contributor
‎10-24-2011 05:28 AM

The theory behind this post is; ESX 4 NTP client sends out time queries in version 4 so therefore a version 4 NTP server must reply?

What if an ESX 4.0 host sent a time query to NTP running on a Windows Server 2003 SP2 server? This Windows server is running version 3 NTP so would it send back a response to the ESX server?

Thanks (not sure if im hyjacking this post)

Simon

Reply
0 Kudos
jaspain
Enthusiast
Enthusiast
‎10-24-2011 05:51 AM

Simon: I haven't tested this and am not able to do so. If Windows Server 2003 SP2 NTP uses version 3 and not version 4, I would expect ESX 4 NTP not to be able to communicate with it unless /etc/ntp.conf on ESX 4 is configured to use NTP version 3 as described above. Jeff.

Reply
0 Kudos
jaspain
Enthusiast
Enthusiast
‎10-24-2011 06:26 AM

Updated information for ESXi 5.0

The log file used by ntpd has been changed: cat /var/log/syslog.log | grep ntpd. See http://kb.vmware.com/kb/2004201.

Updated information for 3Com, now HP, switches

HP is continuing to sell the 3Com 5500G series switches (HP E5500 series) and the H3C MSR router series (HP A-MSR series). See http://www.hp.com/networking and the 3Com Product Conversion Tool link at the bottom of the page.

We purchased an H3C S5800 (HP A5800) series switch some time ago in order to get IPv6 layer-3 switching support not available in the 3Com 5500G (HP E5500). Now as an added bonus, the latest A5800 firmware (Comware 5.20 R1211P02 released 9/21/2011) adds support for NTP version 4 for the first time. See release notes at http://bizsupport2.austin.hp.com/bc/docs/support/SupportManual/c03005678/c03005678.pdf.

As for the MSR router series, the latest firmware (Comware 5.20 R2207P02 also released 9/21/2011) still does not support NTP version 4. Nor does the latest 5500G (E5500) firmware v3.03.03p18 released 7/14/2011. Note that there has not been even a minor version upgrade of the 5500G firmware since 2009.

Reply
0 Kudos
simon79
Contributor
Contributor
‎10-24-2011 07:35 AM

Ok, thanks.

I'll test and report back if i find out any more info

Reply
0 Kudos