Current versions of vTM VA ship with David L. Mills' Network Time Protocol (NTP) Daemon. It is possible to use this software as NTP server. To configure this and increase the rate limit:
1) Login into vTM's web UI, navigate to System > Time > NTP Settings, and make sure three or more reference NTP servers are listed.
2) Login into vTM's CLI/SSH, and edit /etc/ntp.conf like described below:
3) Add a new line saying "discard average 0 minimum 0" (without quotes).
4) Save file and quit editing.
5) Run "service ntp restart".
6) Wait a minute, then run "ntpq -np".
7) In the output above, look for:
- "offset" being small - well below 1000 milliseconds.
- "reach" being non-zero, and increasing over time (until it reaches 377).
- "refid" column is populated with anything other than ".INIT.".
- an asterisk "*" appearing to the left of one of the IPs in "remote" column.
8) repeat steps 6 and 7 above until all four parameters above are to the satisfaction.
Note that the change to /etc/ntp.conf will not be preserved over future upgrades because it's outside of vTM's configuration management system.
Troubleshooting if offset is above 1000 seconds:
1) From web UI > System > Time, click "Sync Time Now"
2) Repeat steps 6 and 7 of the configuration procedure above.
Troubleshooting if "ntpq: read: Connection refused":
1) Run "service ntp status".
2) Look for "panic_stop +123456 s; set clock manually within 1000 s.".
3) If found, do the "above 1000 seconds" procedure above.
Troubleshooting if reach, delay, offset and jitter are all stuck at "0" and refid is stuck at ".INIT."
1) Check firewall allowing outbound udp port 123.
2) Check if correct IPs/hostnames for reference NTP servers are configured.
3) (in case reference NTP servers are configured by name) Check DNS. |
