Manage NTP

The Network Time Protocol (NTP) is a protocol for synchronizing computer system clocks across the Internet. NTP uses the User Datagram Protocol (UDP) on port number 123. For more details on NTP, see the NTPv4 Reference and Implementation Guide.

You can manage the NTP daemon on the appliance and configure a list of NTP servers using the Network Time Protocol page.

Synchronize NTP

Manage the NTP daemon

NTP is not running by default on the appliance. Click the Network Time Protocol link in the WAI to show the status of the NTP daemon, and to test the connection to the currently configured NTP server. You can also add a new NTP server, and synchronize the clock to a specific server.

Tip   You should always synchronize the system clock with an NTP server before starting the NTP daemon.

The Clock and NTP Status section displays the hardware and system clock time, and the status of the NTP daemon (whether it is running or not). You can use the following buttons to manage the NTP daemon:

Button Description
Restart NTP Starts or restarts the NTP client daemon. The system attempts to keep its clock in sync with the configured time servers.
Stop NTP When the NTP daemon is running, you can stop it using this button. The system no longer tries to synchronize with any configured time servers.
Show Peer List Displays the current list of NTP peer servers that the appliance is synchronized with.

The following example shows a list of NTP peers:

remote refid st t when poll reach delay offset jitter
==============================================================================
ns.ttosi.net 193.190.230.65 2 u 11 64 1 32.363 138609. 0.001
xen02.cblue.be 193.190.230.65 2 u 10 64 1 29.904 138609. 0.001
s01.be.it2go.eu 193.190.230.65 2 u 9 64 1 26.873 138621. 0.001
LOCAL(0) .LOCL. 10 l 9 64 1 0.000 0.000 0.001
Note   If there is a large difference in time between your system and the configured time servers, you must explicitly synchronize the clock. For more information, see Synchronize the clock with an NTP server.

Configure NTP servers

The NTP Server List displays the list of currently configured NTP servers. For example:

0.pool.ntp.org
1.pool.ntp.org
2.pool.ntp.org

You can select servers in the list, and use the following buttons to configure them:

Button Description
Delete Selected Servers Removes the selected servers from the list.
Test Server Connection Queries the time on the selected remote server.
Synchronize with Server Changes the local system and hardware clock to match the time on the selected remote NTP server.
Add New NTP Server Adds the specified server host name or IP address to the list of NTP servers.

The following example shows a successful server connection test:

Test Server Connectivity
Attempting to contact: 2.pool.ntp.org
Quering 2.pool.ntp.org for current time...
server 213.189.188.3, stratum 2, offset 0.186181, delay 0.06256
server 212.68.213.6, stratum 2, offset 0.186347, delay 0.06216
server 77.243.184.65, stratum 2, offset 0.181704, delay 0.05833
9 May 06:41:26 ntpdate[2617]: adjust time server 77.243.184.65 offset 0.181704 sec

The following example shows a failed server connection test:

Test Server Connectivity
Attempting to contact: invalid.ntp.server.org
Quering invalid.ntp.server.org for current time...
Error : Name or service not known
10 May 06:34:15 ntpdate[27000]: can't find host invalid.ntp.server.org
10 May 06:34:15 ntpdate[27000]: no servers can be used, exiting

View the NTP log file

Click the View Log link to view the contents of the NTP log file. You can also search the log for a specified text string. The following example shows some NTP log output:

May 9 04:31:26 Appliance ntpd[707]: ntpd 4.2.2p1@1.1570-o Tue Dec 8 20:30:45 UTC
2009 (1)
May 9 04:31:26 Appliance ntpd[708]: precision = 1.000 usec
May 9 04:31:26 Appliance ntpd[708]: Listening on interface wildcard, 0.0.0.0#123
Disabled
May 9 04:31:26 Appliance ntpd[708]: Listening on interface wildcard, ::#123 Disabled
May 9 04:31:26 Appliance ntpd[708]: Listening on interface lo, ::1#123 Enabled
May 9 04:31:26 Appliance ntpd[708]: Listening on interface eth0,
2002:a00:701:0:222:19ff:fe5c:946b#123 Enabled
May 9 04:31:26 Appliance ntpd[708]: Listening on interface
eth0, fe80::222:19ff:fe5c:946b#123 Enabled
May 9 04:31:26 Appliance ntpd[708]: Listening on interface lo, 127.0.0.1#123 Enabled
May 9 04:31:26 Appliance ntpd[708]: Listening on interface eth0, 192.168.0.142#123
Enabled
May 9 04:31:26 Appliance ntpd[708]: Listening on interface eth0, 192.168.200.200#123
Enabled
May 9 04:31:26 Appliance ntpd[708]: kernel time sync status 0040
May 9 04:31:27 Appliance ntpd[708]: frequency initialized 25.331 PPM from
/var/lib/ntp/drift
May 9 04:34:41 Appliance ntpd[708]: synchronized to 212.68.213.6, stratum 2
May 9 04:36:59 Appliance ntpd[708]: time reset +138.612068 s
May 9 04:36:59 Appliance ntpd[708]: kernel time sync enabled 0001

Edit the NTP configuration file

Click the Edit Config File link to manually edit the NTP configuration file, and click Save when finished. The following shows the contents of an example NTP configuration file:

# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict -6 ::1
# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server 0.pool.ntp.org
server 1.pool.ntp.org
server 2.pool.ntp.org
#broadcast 192.168.1.255 key 42 # broadcast server
#broadcastclient # broadcast client
#broadcast 224.0.1.1 key 42 # multicast server
#multicastclient 224.0.1.1 # multicast client
#manycastserver 239.255.254.254 # manycast server
#manycastclient 239.255.254.254 key 42 # manycast client
# Undisciplined Local Clock. This is a fake driver intended for backup
# and when no outside source of synchronized time is available.
server 127.127.1.0 # local clock
fudge 127.127.1.0 stratum 10
# Drift file. Put this in a directory which the daemon can write to.
# No symbolic links allowed, either, since the daemon updates the file
# by creating a temporary in the same directory and then rename()'ing
# it to the file.
driftfile /var/lib/ntp/drift
# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys
# Specify the key identifiers which are trusted.
#trustedkey 4 8 42
# Specify the key identifier to use with the ntpdc utility.
#requestkey 8
# Specify the key identifier to use with the ntpq utility.
#controlkey 8

Synchronize the clock with an NTP server

To synchronize the system clock with an NTP server, complete the following steps:

  1. Select Network Time Protocol in the WAI menu.
  2. In the NTP Server List section, select a server on the list and click Synchronize with Server.
  3. After the server synchronizes the time successfully, in the Clock and NTP Status section, click the Restart NTP button.

Start the NTP service at boot time

To automatically have the NTP daemon start after a system reboot, complete the following steps:

  1. Click Bootup and Shutdown in the WAI menu.
  2. Select the check box next to ntp.
  3. Click the Start On Boot button.
  4. The page updates with Yes in the At boot column for ntp.

For more information, see Configure a service to start at bootup.

Related Links