Re: confused on NTP setup - watching the service

IB_IT · ‎06-03-2009

Hey all,

I have several hosts set up for NTP across my environment all using the same internal time source. I wasn't part of the build process for these, but as far as I can see, they are keeping up with the time just fine. I am seeing different results for different ESX hosts though when I run

#watch "ntpq -p"

Sometimes, I see an asterisk (*) indicating the source reference. Sometimes, I see an asterisk by the primary IP of the time source and see a plus sign :smileyplus: next to the secondary IP time source. And sometimes I do not see any asterisk at all. Can't really find any relevant info on this...can someone elaborate? Am I seeing a potential issue with NTP on my hosts? What should I be seeing given a correct NTP setup when running watch "ntpq -p"?

RParker · ‎06-03-2009

Sometimes, I see an asterisk (*) indicating the source reference. Sometimes, I see an asterisk by the primary IP of the time source and see a plus sign

(*) indicates in sync. + indicates time is out of sync and greater than the time @ NTP. No asterisk means that the time has NOT synched at all.

More info here:

Charachter that may be before hostname:

(*) indicates the current synchronization source.

(#) indicates that the host is selected for synchronization, but distance from the host to the server exceeds the maximum value.

(o) indicates that the host is selected for synchronization, and the PPS signal is in use.

:smileyplus: indicates the host included in the final synchronization selection set.

(x) indicates that the host is the designated false ticker by the intersection algorithm.

(.) indicates that the host is selected from the end of the candidate list.

blank indicates a host is discarded due to high stratum and/or failed sanity checks.

IB_IT · ‎06-03-2009

thanks for that...so what would be the difference in a host that is set to "LOCAL" and one that is set to "ipoftimesrv1"?

so I see something similar to this for one host ESX1:

remote refid st t when poll reach delay offset jitter

==============================================================================

ipoftimesrv1 0.0.0.0 16 u - 512 0 0.000 0.000 4000.00

ipoftimesrv2 0.0.0.0 16 u - 512 0 0.000 0.000 4000.00

*LOCAL(0) LOCAL(0) 10 l 23 64 377 0.000 0.000 0.008

And I see this for another host ESX2:

remote refid st t when poll reach delay offset jitter

==============================================================================

*ipoftimesrv1 CHU_AUDIO(1) 3 u 462 1024 377 21.294 0.264 0.209

ipoftimesrv2 0.0.0.0 16 u - 1024 0 0.000 0.000 4000.00

LOCAL(0) LOCAL(0) 10 l 30 64 377 0.000 0.000 0.008

And I also see this on another ESX3:

remote refid st t when poll reach delay offset jitter

==============================================================================

*ipoftimesrv1 CHU_AUDIO(1) 3 u 1009 1024 377 21.065 1.296 4.271

+ipoftimesrv2 pdcd07-snmcpe1. 4 u 1021 1024 377 20.234 -6.841 0.914

LOCAL(0) LOCAL(0) 10 l 31 64 377 0.000 0.000 0.008

So which one of these would you say is correct...if any?

RParker · ‎06-03-2009

The first shows that LOCAL time source is accurate (why I don't know). Did you leave the local time source configured?

The second shows that it is synching with the remote time source (*) and it doesn't need the second one.

The third shows that it is in synch AND the seondary time source can be use. If you did the same for all 3 ESX hosts, then they should work in all 3 cases

Try these steps on that first machine, and see what you get.

NTP

1. nano -w /etc/ntp.conf

Prohibit general access to this service.

restrict default kod nomodify notrap noquery nopeer

--- OUR TIMESERVERS
-----

restrict x.x.x.x mask 255.255.255.255 nomodify notrap noquery

server x.x.x.x

__________________

(x.x.x.x) is your NTP time server.

__________________

2. nano -w /etc/ntp/step-tickers

x.x.x.x

3. esxcfg-firewall -e ntpClient

4. service mgmt-vmware restart

5. service ntpd stop

6. date (MMDDhhmm)

7. service ntpd start

8. chkconfig --list ntpd

ntpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off

(chkconfig --level 3 ntpd on)

9. ntpq -p

*x.x.x.x

(This is what it should look like when you are done and synched)

10. Sync Local clock with hardware clock

hwclock --systohc --utc

11. nano -w /etc/sysconfig/clock

UTC=true

12. reboot

_______________________________________________

(reboot host)

_______________________________________________

1. /etc/ntp.conf : Add the following

restrict Windows Server IP Address mask 255.255.255.255 nomodify notrap noquery

server Windows Server FQDN

2. /etc/ntp/step-tickers : Add

server Windows Server FQDN

3. /etc/hosts : add entry for your Windows time source

4. At console:

5. At console: chkconfig --level 345 ntpd on

6. At console: /sbin/hwclock --systohc

7. At console: watch ntpq -p

For #7 wait until the asterisk goes beside your PDC emulator or the time source you have specified. It may not be right away and I've had it take a while.

IB_IT · ‎06-03-2009

ok, on that 1st host (ESX1), I changed the ntp.conf file as noted, step-tickers was fine, rebooted host.

Now I am seeing this:

remote refid st t when poll reach delay offset jitter

==============================================================================

*10.94.0.1 CHU_AUDIO(1) 3 u 1 64 177 0.423 1.125 1.344

+10.95.0.1 pdcd07-snmcpe1. 4 u 6 64 177 8.272 -12.488 1.250

LOCAL(0) LOCAL(0) 10 l 3 64 177 0.000 0.000 0.008

I am guessing that is what it should be. I just looked again at and i don't see anywhere in the steps where it says to modify the ntp.conf file with the restrict access you have noted in step 1 for each NTP time server specified. That seemed to have been the only piece missing before.

~~- OUR TIMESERVERS~~
---
restrict x.x.x.x mask 255.255.255.255 nomodify notrap noquery
server x.x.x.x

If this looks right to you now, I will close out this thread. Thanks for your help!

All

confused on NTP setup - watching the service