NetApp NTP

We recently started to receive error alerts from our NetApp monitoring services saying that our NetApp is not NTP synchronized with any peer, so it's time may be incorrect. It says:

NTP is running, but no peers have passed the selection process. The local time may be too far off; or the configured NTP peers may not be reachable.

I check the ntp.conf to ensure valid time servers are listed, I also turned ON/OFF "options timed.enable".

Next, I looked into this article: https://kb.netapp.com/support/index?page=content&actp=LIST&id=S:1012660

After following all the instructions, I was able to see the error message that might be truly the root cause of the problem: I think it says the NTP server is reachable, but it was rejected by the following reason:

It says flash=400 not_proventic.

At this point I'm stuck and not sure how to proceed further. Any help would be greatly appreciated.
LVL 8
pzozulkaAsked:
Who is Participating?
 
FilipZahradnikConnect With a Mentor Commented:
What version of ONTAP are you using?
What NTP server(s) are you syncing with?

NTP functionality has been changed substantially in ONTAP 8. In some configurations, a Windows domain controller may not be considered a suitable timesource.

These might help:

How to determine if a Windows Domain Controller is a suitable NTP server for Data ONTAP 8
https://kb.netapp.com/support/index?page=content&id=1013468

How to verify NTP operation in Data ONTAP 8
https://kb.netapp.com/support/index?page=content&id=1010058
0
 
pzozulkaAuthor Commented:
We are running 8.1 7-mode.

We are trying to sync with our domain controller which has the role PDC emulator.

I tried running the command ntpq -p <ip of NetApp management port>
And get results which indicate reach=377 meaning there are no communication problems, however it is getting rejected as an NTP peer.
0
 
FilipZahradnikCommented:
Did you manage to have a look at this article:

How to determine if a Windows Domain Controller is a suitable NTP server for Data ONTAP 8
https://kb.netapp.com/support/index?page=content&id=1013468

It describes an issue where a DC might be rejected as a time source because it does not offer the required accuracy.
0
Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

 
pzozulkaAuthor Commented:
That setting is only applicable if using the local CMOS clock of the DC -- which in our case we aren't. Our DC uses an external internet time source.
0
 
FilipZahradnikCommented:
Interesting.

As a troubleshooting step, you can try to sync directly with the external NTP source.

If that works, then the issue is likely related to the fact that your time source is a Windows DC. If if fails, then the issue is probably an NTP or ONTAP problem, in which case NetApp Support should be able to help.
0
 
pzozulkaAuthor Commented:
Can't sync directly because our NetApps are on an internal VLAN which doesn't have access to outside world.
0
 
FilipZahradnikCommented:
Ok, can you try syncing with another internal NTP that is not a Windows DC - e.g. a Cisco router?
0
 
pzozulkaAuthor Commented:
I am able to connect to other time sources. By the way, it magically started working...out of the blue.

I'm really stumped.
0
 
FilipZahradnikCommented:
Aaah, the joys of random tinkering... :)

Well done.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.