NTP: Seven minutes (Solved)
-
Hi,
I found that my pfsense's clock is seven minutes delayed, even NTP is configured and active.I configured NTP to sync with an internal server, and with "pool.ntp.org".
Does anyone ever saw this?
-
Anything in Status - System Logs - NTP? Maybe your clock is not really being updated.
-
@KOM:
Anything in Status - System Logs - NTP? Maybe your clock is not really being updated.
May 19 16:02:53 ntpd[17210]: 0.0.0.0 c613 03 spike_detect +438.980878 s
May 19 16:02:54 ntpd[17210]: 10.4.0.9 8094 84 reachable
May 19 16:11:32 ntpd[17210]: 0.0.0.0 c61c 0c clock_step +438.992790 s
May 19 16:18:51 ntpd[17210]: 0.0.0.0 c615 05 clock_sync
May 19 16:11:33 ntpd[17210]: 0.0.0.0 c618 08 no_sys_peer
May 19 16:11:33 ntpd[17210]: 200.129.0.46 8044 84 reachable
May 19 16:11:33 ntpd[17210]: 200.129.0.46 905a 8a sys_peer
May 19 16:11:33 ntpd[17210]: 0.0.0.0 c613 03 spike_detect +439.373600 s
May 19 16:11:36 ntpd[17210]: 10.4.0.9 8014 84 reachable
May 19 16:21:55 ntpd[17210]: 0.0.0.0 c61c 0c clock_step +439.411645 s
May 19 16:29:15 ntpd[17210]: 0.0.0.0 c615 05 clock_sync
May 19 16:29:17 ntpd[17210]: 0.0.0.0 c618 08 no_sys_peer
May 19 16:29:17 ntpd[17210]: 10.4.0.9 8014 84 reachable
May 19 16:29:17 ntpd[17210]: 10.4.0.9 902a 8a sys_peer
May 19 16:29:18 ntpd[17210]: 200.129.0.46 8064 84 reachable10.4.0.9 -> My internal NTP server (synchronized to several others).
200.129.0.46 -> pool.ntp.org -
May 19 16:02:53 ntpd[17210]: 0.0.0.0 c613 03 spike_detect +438.980878 s
Hmm. 438s / 60s = ~7 minutes. Is your BIOS clock correct?
-
There is a time difference between your internal time server and your external time server, and your pfSense box does not know which one to follow.
The 200.129.0.46 server you got from the pool looks OK, (see http://www.pool.ntp.org/scores/200.129.0.46), so I suspect your internal server.
Can you post the output of 'ntpq -c peer' and 'ntpq -c peer 10.4.0.9' run on your pfSense machine? Also, stop ntpd service on pfSense, wait a few minutes, then restart it and post the entire ntpd log after the restart.
-
That server seems pretty stable from a network point of view.
Packets: sent=11197, rcvd=11197, error=0, lost=0 (0.0% loss) in 5598.116125 sec
RTTs in ms: min/avg/max/dev: 114.483 / 115.808 / 157.655 / 0.831
Bandwidth in kbytes/sec: sent=0.120, rcvd=0.120 -
@KOM:
May 19 16:02:53 ntpd[17210]: 0.0.0.0 c613 03 spike_detect +438.980878 s
Hmm. 438s / 60s = ~7 minutes. Is your BIOS clock correct?
That was a good catch… my pfsense is a VM running on an Hyper-V 2012 host. After a lot of searching, I found that it was configured to timesync to the host, which was itself out of sync.
This became clear to me when I looked in the NTP log with a little more care, and saw that the time was hopping back and forth, from sync to 7 minutes delay.There is a time difference between your internal time server and your external time server, and your pfSense box does not know which one to follow.
The 200.129.0.46 server you got from the pool looks OK, (see http://www.pool.ntp.org/scores/200.129.0.46), so I suspect your internal server.
Can you post the output of 'ntpq -c peer' and 'ntpq -c peer 10.4.0.9' run on your pfSense machine? Also, stop ntpd service on pfSense, wait a few minutes, then restart it and post the entire ntpd log after the restart.
No, the time on the internal time server is correct. This server is my internal network's official NTP server. It was the HV2012 host that was out-of-sync…
The good news is that the pfsense's problem is solved; the bad is that now I have to fix time sync in 4 HV2012 hosts. :(
-
No, the time on the internal time server is correct. This server is my internal network's official NTP server. It was the HV2012 host that was out-of-sync…
The good news is that the pfsense's problem is solved; the bad is that now I have to fix time sync in 4 HV2012 hosts. :(
Glad you figured it out … Yes, time sync in VMs can be a minefield
