Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 604
  • Last Modified:

ntp won't select time server

I have a Windows Server 2003 machine with ntp configured on it, running as a service.  There are two external time sources specified, but NTP will not choose either of the external sources as a master.  Attached is a screenshot of the 'peers' command using the ntpdc utility.

Thanks!
ntp.JPG
0
sureservice
Asked:
sureservice
  • 4
  • 4
  • 2
1 Solution
 
SteveJCommented:
So . . . are the externals running NTP 1, 2, 3, 4? TCP/UDP? That is, are you sure your machine can actually connect to them and get a time? Are they so far apart in time ( or is you server "fast") that your server won't slew its clock?

Good luck,
SteveJ
0
 
sureserviceAuthor Commented:
SteveJ,
Not sure what NTP version the servers are running.  Is there a command I can type to determine that information?  I would assume that it can get time updates based on the fact that it displays offset, dispersion, etc information.  Is that not necessarily true?

I'm not sure what you mean by "server won't slew its clock".  It seemed like the clock did come closer to the other servers' time, but neither were selected as time source (*).

Thanks
0
 
SteveJCommented:
About the version . . . if your server is running NTP4 for example and the servers you are trying to connect to don't support NTP4 then you would have a problem. That said, that's not likely the issue.

What I mean by the slewing reference is . . . there are limits to how far back a server can go and update it's time. For example, if your server is 20 minutes behind the ntp source, your server will gradually "slew" its clock very gradually over time instead of simply jumping ahead 20 minutes. That kind of granularity (the slewing rate, whether or not to immediately jump ahead or back) is completely dependent on the NTP client. I don't have a lot of experience with Windows and NTP . . .  but I think you don't have much control over the default windows ntp client. You might download a different NTP client and play with it. Try this:

http://www.time.edu.cn/oneguy.htm

Good luck,
SteveJ
0
Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

 
sureserviceAuthor Commented:
SteveJ,

Thanks for the comments.  I see what you mean about the slewing --- while slewing, though, should NTP denote wit the * which server it's slewing towards?  Or does it slowly change the system clock and then when it's closer, switch the * to a new time master?

Our NTP client is on a process control server in a manufacturing environment and may "slew" more slowly than I'd like.
0
 
SteveJCommented:
I'm not actually sure what the answer to your question is. You might run a packet trace on the server and see if it's actually going to one of those two servers. As I said, I don't have much experience with windows and NTP, and I don't have access to a server similar to yours to "play" with.

It's actually been quite some time since I used automachron and I decided to check out the site . . . the link is broken. If you want to play with a pretty good ntp client, try this.

http://www.softpedia.com/progDownload/Automachron-Download-81738.html

You're welcome.

Good luck,
SteveJ
0
 
ChiefITCommented:
The problem with NTP synchronization to the outside world is the communications are often blocked by firewalls or NAT

To overcome this problem, download Symmtime on the PDCe and us it to synch your PDCe to an outside time server over port 80.

Symmtime was created by symmentricom, (a time server manufacturer).
0
 
SteveJCommented:
ChiefIT . . . he's getting responses back from the NTP server. Clearly it's not being blocked by the firewall.
0
 
sureserviceAuthor Commented:
I downloaded the Symmetricom software and I really like how that functions and actually ADJUSTS the time for me, but unfortunately, because of the regulated computer environments, I probably won't be able to use it.  I guess I'm looking for a detailed explanation on how NTP chooses it's time source.  Sometimes it looks like NTP is adjusting to clock closer to one of the "=" time sources, even though it has the "*" on another source.  I just haven't been able to figure out its behavior.

I have another situation where NTP has chosen an external time source, which is preferable, but randomly will switch back to LOCAL(1) as master.  I check it again a bit later and it's back on the external source...very confusing and frustrating to figure out.

Thanks!
0
 
ChiefITCommented:
I am an advocate of Symmtime. You can argue that symmtime prevents the need for opening NTP port 123. You can actually secure that port with Symmetricom's products.
___________________________________________________________

To directly answer your questions about NTP, you won't find a really crystal clear picture of it on the web. I spent a lot of time looking for such a site. I had to piece my knowledge together from a number of different sources.

Here is the very best explanation I found on the Time services:

On this link you will see a PDF to download. Remember NTP is the protocol and W32Time is the synchronization service:
http://www.spectracomcorp.com/Support/Library/IntegrationGuides/SynchwithW32Time/tabid/164/Default.aspx

>>Here is that PDF document:
http://www.spectracomcorp.com/portals/0/support/pdf/windows2000_2003_appnotes.pdf


NOTE: spectracom is another time server manufacturer.


The basics:

Basically, the PDCe of your LAN will synch to an outside time source, as we are trying to do now.

Then that time will be synchronized, using W32time service, with the clients. It will do so,  if and only if, they are outside the 5 minute phase offset. When clients logon, they will see some registry flags that tell who in the domian PDCe is, and make it the authoritative time server. Within those flags, there are other flags that tell what the phase offset is. So, it is the client's responsibility to synch with the server. The client will see these flags and see the broadcasted time. If the client is over +/- 5 minutes of the server, the client will synchronize its clock with the server.

Those synchronization flags can bee seen on this thread from Microsoft:
http://support.microsoft.com/kb/816042

Just so you know, there is no need to configure an authoritative time server through group policy as it states in that Microsoft link. In fact it is recommended you don't. Group policies often have problems with the PDCe. The reason is, most configure Time as the default domain policy. If you point the entire domain at the PDCe, the PDCe will try to synch with itself for time. In that case, you will get Time errors on your PDCe and you will not synch to an outside time source. If you configured any Group Policies for time, you should go back and unconfigure them. That will interfere with the default configuration of time that works fine.



0
 
sureserviceAuthor Commented:
What port does Symmtime use to sync time then, if not on 123?
0

Featured Post

Ask an Anonymous Question!

Don't feel intimidated by what you don't know. Ask your question anonymously. It's easy! Learn more and upgrade.

  • 4
  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now