NTP servers

From Swivel Knowledgebase
Jump to: navigation, search


Overview

Network Time Protocol (NTP) servers ensure the system time is accurate by periodically checking the local system time against a time server.


Prerequisites

Communication on port 123 (UDP) from the PINsafe server to the NTP server


Symptoms

System time varies

Logs appear ahead or behind time

NTP settings are not saved in the webmin


Solution

Note: For External databases such as MySQL ensure that all PINsafe servers use the same timezone. It is not recommended to change the timezone on production Swivel appliances.

The NTP settings can be set in the CMI

Older versions of the CMI do not have NTP settings and the NTP server must be set through the command line. Where available the NTP settings should be entered through the CMI

Create a script in /etc/cron.daily called timsync.sh 

cd /etc/cron.daily
touch timesync.sh

add the following line to the file timesync.sh 

ntpdate -t 2 -s NTP_SERVER_IP > /dev/null 2>& 1

then change the permissions on the file 

chmod +x timesync.sh

Run this command line to ensure there are no errors first and connectivity to the NTP Server exists. 

 ntpdate NTP_SERVER_IP

Here is an example of success. 

[root@support /]# ntpdate ntp2d.mcc.ac.uk
5 Oct 17:58:24 ntpdate[22878]: step time server 130.88.212.143 offset 8.094169 sec

Here is an example of failure. 

[root@support /]# ntpdate 192.168.0.99
5 Oct 17:59:13 ntpdate[22880]: no server suitable for synchronization found

Once you have confirmed NTP server connectivity then run the script to check for errors e.g ./timesync.sh


Configuring Multiple PINsafe servers

The recommended way of configuring multiple NTP servers is to use DNS.

For example, you could have a DNS host called uk.pool.ntp.org which then in turn has multiple servers.

uk.pool.ntp.org

Name: uk.pool.ntp.org Address: 194.238.48.2 Name: uk.pool.ntp.org Address: 83.231.183.4 Name: uk.pool.ntp.org Address: 194.1.151.100


Troubleshooting

touch: cannot 'touch timesync.sh': permission denied

Root permissions are required to create the file. To do this switch to the root user and enter the root password: 

 su - root
Retrieved from "https://kb.swivelsecure.com/w/index.php?title=NTP_servers&oldid=2547"