VMware Cloud Community
Clayton_J
Contributor
Contributor
‎05-07-2007 02:11 PM

Synchronize time w/o an NTP server

Hi All,

Can anyone tell me how to sync up the time on my clustered ESX farm without an NTP server?

Thanks!

0 Kudos
8 Replies
jdvcp
Enthusiast
Enthusiast
‎05-07-2007 05:48 PM

Can't you connect to an internal or external NTP source? I'm guessing not. I would recommend getting NTP running internally or using one externally. What are the limitations? That might help us get to a solution.

admin
Immortal
Immortal
‎05-07-2007 06:26 PM

You need ntp to do this - why can you not use it?

0 Kudos
PatrickMSlatter
Enthusiast
Enthusiast
‎05-07-2007 07:16 PM

You can use a standard Windows 2000/2003 Active Directory DC as an NTP time source. Of course if you want the AD to provide accurate time it still needs an outside NTP time source unless you want to use a GPS connection as your time source.

Accurate time may not seem such a big deal until you stop to think how easy it is for a lawyer to get a cracker off if you can't prove that your logs are set to single time source.

Message was edited by:

PatrickMSlattery

Clayton_J
Contributor
Contributor
‎05-08-2007 04:43 AM

Thanks all,

As you guessed, I'm inside a private network with no access to an external NTP source. I'm also running a VM network without a Domain Controller at the moment. I have a Windows 2003 Server stood up to act as my access point to the two clustered VM boxes, but it is not a domain controller. Do I need it to be in order to run NTP?

Accuracy isn't as big at the moment as synching the cluster is. I'm in this stand-alone environment for now as a proof of concept, but once the concept is proven, I'll be able to tie into an AD infrastructure.

Thanks again,

CJ

0 Kudos
PatrickMSlatter
Enthusiast
Enthusiast
‎05-08-2007 08:57 AM

I don't think that a Windows 2003 server has to be a DC in order to act as an NTP source. My understanding is that as long as the Windows Time service is running you can use it as a NTP source.

Naturally you will need to open the correct ports in the Windows firewall.

0 Kudos
jdvcp
Enthusiast
Enthusiast
‎05-08-2007 02:21 PM

You could build another VM and give it a NIC on each network...outward facing, then on the private network. You could make it an NTP server and have it sync with proper NTP sources. Then, you could point the private network VMs to this box. No traffic would be allowed to traverse this machine from production to private network by default.

0 Kudos
Casinoguy
Contributor
Contributor
‎05-09-2007 01:51 PM

Well in order to sync the esx servers time you have to have something acting as a time server so all the servers involved can use it as a common reference point. Any windows server can do this by making sure the windows time service is running and you change the LocalNtp reg key to 1

http://support.microsoft.com/kb/223184

is the microsoft article that explains the reg keys for w32time.

Once that is working you can follow the steps listed in this thread just because for some reason the document from Vmware that the steps come from isnt available but the link is

http://www.vmware.com/community/thread.jspa?messageID=554665&;

Good luck time is an intersting animal on some virtualized servers.

0 Kudos
Casinoguy
Contributor
Contributor
‎05-09-2007 03:10 PM

Oh forgot to mention instead of pointing to the server pool since you said you coudlnt reach that you would point it instead to the ip address of your time server if your able to create one that is.

0 Kudos