Setting Up XNTPD Time on NetWare 6.5 SP5 Servers

0 Likes
over 14 years ago

Network Time Protocol (NTP) is a protocol designed to synchronize the clocks of computers over a network. NTP version 3 is an internet draft standard, formalized in RFC 1305. NTP version 4 is a significant revision of the NTP standard, and is the current development version, but has not been formalized in an RFC. Simple NTP (SNTP) version 4 is described in RFC 2030. Currently, Novell 6.5 SP5 uses NTPv3 Time Synchronization Service.


1. Firewall Filter Exception.



If you are running a firewall, you will have to create filters to allow NTP Time synchronization. The following is an example of the minimum filter configuration for a BorderManager firewall server. If desired, you can specify the address to the specific server you want to have access to this filter by adding the IP address of your Time server to the Private Source and Public Destination Address fields.




Current BM Filters


Source Interface

Source Address

Protocol

Destination Port

Source Port

ackFilt

stFilt

Destination Interface

Destination Address

Comments



PRIVATE



UDP

123







PUBLIC



To allow NTP Time sync



PUBLIC



UDP



123





PRIVATE


To allow NTP Time sync





2. Internal Time Provider Configuration.



On the server(s) that will act as the Internal Time Provider, change the NTP.CONF file "Client Server Mode" section as shown. This file is located in the SYS:\ETC directory.



NTP.CONF File
*******************************************
# Client-Server Mode
# : Time provider IP address
#
# Time Provider
# server
#StratumOne
#time.nist.gov
#National Center for Atmospheric Research, Boulder, Colorado
#Judah Levine (jlevine@boulder.nist.gov)
#server 192.43.244.18 prefer
#StratumOne
#clock.fmt.he.net
#Hurricane Electric, Fremont, California
#support@he.net
#server 216.218.192.202 prefer
#pool.ntp.org uses DNS round robin to make a random selection
#from a pool of time servers who have volunteered to be in the pool.
#This is often good enough for end-users.
server 1.pool.ntp.org prefer
*******************************************


Note: There are other Stratum servers to use. These are just ones near me. Just do a search on the internet for Stratum servers (http://ntp.isc.org/bin/view/Servers/WebHome).




3. Time Consumer Server Configuration.


On the servers in your environment that will be Time Consumers, change the NTP.CONF file "Client Server Mode" section as shown. This file is located in the SYS:\ETC directory.

NTP.CONF File
*******************************************
#
# Client-Server Mode
# : Time provider IP address
#
# Time Provider
# server
#
# Time Provider
# server
server XXX.XXX.XXX.XXX prefer
*******************************************


The XXX.XXX.XXX.XXX is the IP address of your Internal Time Provider.



4. TIMESRV.NCF File Configuration.


On all servers in your environment, change the TIMESERV.NCF file as shown. This file is located in the SYS:\SYSTEM directory.

TIMESERV.NCF
**********************************************************
# To Load Timesync at boot uncomment only the line below.
#LOAD TIMESYNC
# To load XNTPD at boot uncomment only the line below
LOAD xntpd

# WARNING : You can either load Timesync or XNTPD.
**********************************************************



5. Fix Time NCF File.



You can create a NCF file called "FIXNTP" that can be used to "Fix" time on your servers. Create a file as shown and copy the file to the SYS:\System directory on all your servers. (NOTE: The IP address shown will be the same as the external Stratum server that you use in the NTP.CONF File on your Internal Time Provider.)



FIXNTP.NCF
**********************************************************
unload xntpd
load ntpdate 1.pool.ntp.org prefer
?XNTPD
**********************************************************


6. Initiating XNTPD Time.


To initiate the use of XNTPD time, unload "TimeSync" from your "Internal Time Provider" first and execute the FIXNTP command. Wait until the "XNTPD (NTP Service) Progress Screen" shows that the server is connected to the NTP Time Server. Then run this command on all servers in your environment.



XNTPD (NTP Service) Progress Screen
**********************************************************
NTP Version 3-5.93e
NTP NRM services started.
tickadj = 28, tick = 54925, tvu_maxslew = 476, est. hz = 18
precision = 6 usec
read drift of -0.885 from sys:\system\drift.ntp
Configuration file sys:\etc\ntp.conf read
interface 0: fd=7, bfd=0, name=wildcard, flags=0x9
sin=0.0.0.0
bcast=0.0.0.0
mask=255.255.255.255
interface 1: fd=8, bfd=0, name=my loopb, flags=0xd
sin=127.0.0.1
bcast=0.0.0.0
mask=127.0.0.1
interface 2: fd=9, bfd=0, name=eth, flags=0x8
sin=165.235.24.226
bcast=165.235.25.255
mask=255.255.254.0
Attempting to start timesync NCP engine........Timesync NCP engine started
4 Aug 08:32:05 Writing -0.885 to drift file sys:\system\drift.ntp
4 Aug 08:34:13:synchronized to 216.218.192.202, stratum=1
**********************************************************


7. Reverse the XNTPD Time setup.


To reverse this process, just change the Timeserv.ncf file as shown, XNTPD from your servers and reload Timesync. You may need to verify that your servers TimeSync settings are still correct. This can be checked in the server monitor screen.



TIMESERV.NCF
**********************************************************
# To Load Timesync at boot uncomment only the line below.
LOAD TIMESYNC
# To load XNTPD at boot uncomment only the line below
#LOAD xntpd
# WARNING : You can either load Timesync or XNTPD.
**********************************************************

Labels:

How To-Best Practice
Comment List
Anonymous
  • Nice document.

    However, I ran into problems with xntpd because it seems to default to requiring an auth key while connecting to other servers or for clients connecting to it. I had to use the -A option while loading xntpd to bypass the auth key. I haven't gone through the documentation enough to understand the whole auth key configuration process and how we can get internal Windows clients configured properly in order for them to get time from this server.
Related Discussions
Recommended