Thanks for the help Berndweyand. Here's what I found:
ntpq -c as
ind assid status conf reach auth condition last_event cnt
===========================================================
1 9258 9024 yes yes none reject reachable 2
2 9259 9024 yes yes none reject reachable 2
ntpq
ntpq> rv 9258
associd=9258 status=9024 conf, reach, sel_reject, 2 events, reachable,
srcadr=DCadc03.mydonaim.local, srcport=123, dstadr=172.0.0.1,
dstport=123, leap=00, stratum=2, precision=-6, rootdelay=31.250,
rootdisp=10739.105, refid=10.0.0.80,
reftime=e3c4744e.a574b5b4 Wed, Feb 3 2021 1:01:02.646,
rec=e3c4767a.c86eb1c7 Wed, Feb 3 2021 1:10:18.782, reach=377,
unreach=0, hmode=3, pmode=4, hpoll=6, ppoll=6, headway=0,
flash=400 peer_dist, keyid=0, offset=180144.541, delay=0.337,
dispersion=16.509, jitter=1.416, xleave=0.025,
filtdelay= 0.34 0.28 0.26 0.28 0.32 0.27 0.30 0.31,
filtoffset= 180144. 180142. 180144. 180144. 180144. 180143. 180143. 180141.,
filtdisp= 15.63 16.60 17.59 18.55 19.56 20.52 21.51 22.48
ntpq>
ntpq
ntpq> rv 9259
associd=9259 status=9024 conf, reach, sel_reject, 2 events, reachable,
srcadr=DCadc04.mydonaim.local, srcport=123, dstadr=172.0.0.1,
dstport=123, leap=00, stratum=2, precision=-6, rootdelay=31.250,
rootdisp=10742.462, refid=10.0.0.80,
reftime=e3c47472.994dc809 Wed, Feb 3 2021 1:01:38.598,
rec=e3c47744.c7e923db Wed, Feb 3 2021 1:13:40.780, reach=377,
unreach=0, hmode=3, pmode=4, hpoll=6, ppoll=6, headway=3,
flash=400 peer_dist, keyid=0, offset=180146.158, delay=0.433,
dispersion=16.510, jitter=7.705, xleave=0.021,
filtdelay= 0.43 0.37 0.40 0.35 0.25 0.38 0.32 0.39,
filtoffset= 180146. 180134. 180136. 180136. 180139. 180140. 180143. 180146.,
filtdisp= 15.63 16.60 17.59 18.57 19.56 20.52 21.52 22.48
ntpq>
Previous contents of /etc/ntp.conf:
restrict default kod nomodify notrap nopeer
restrict 127.0.0.1
server 10.0.0.225
server 10.0.0.226
driftfile /etc/ntp.drift
I added:
tos maxdist 30
I then restarted the ntpd service:
/etc/init.d/ntpd restart
------------------------------------------------------------------------------
Looks like it's working now!
Here are the new values.
ntpq -p
remote refid st t when poll reach delay offset jitter
==============================================================================
*DCadc03.myd 10.0.0.80 2 u 9 64 377 0.276 0.147 6.203
+DCadc04.myd 10.0.0.80 2 u 30 64 377 0.369 -14.097 9.219
ntpq -c as
ind assid status conf reach auth condition last_event cnt
===========================================================
1 59031 961a yes yes none sys.peer sys_peer 1
2 59032 946a yes yes none candidate sys_peer 6
Based on your proposed soltion of "tos maxdist 30", I Googled this and found this link:
https://kb.vmware.com/s/article/1035833
Does this mean that we have to modify every Windows DC which is acting as an NTP time source AND every host connecting to these DCs?