Introduction

When deploying virtual servers on ESX and ESXi hosts you may notice that the time on your servers can drift, this is due to the way that the operating system keeps time by using the server’s hardware. We need a solution to keep the time of our servers correct.

 

Terminology: NTP

The Network Time Protocol is used to synchronise the clocks of a client to a time server.

 

Configuration

We have a couple of  methods available to ensure the correct time of our guest servers. The first is to get the guest servers to synchronise with the underlying host. The first thing, then, to do is to make sure out hosts are at the right time.

 

1. We’ll first SSH to out host servers and login, making sure that we either login as root or su from a less priviliged user. By default the NTP client isn’t allowed out through the firewall, so we need to permit this with the command “esxcfg-firewall -e ntpClient“.

 

2. Now we’re logged in we can enable the NTPD service, this is the service that will be responsible for keeping accurate time to the NTP servers we specify. We enable the service to run at startup with the command “/sbin/chkconfig ntpd on“. We then need to setup NTP by editing the ntp.conf file.

 

3. We now open this configuration file with our favourate text editor (VI, of course) “vi /etc/ntp.conf” and press “i” to get into “insert” mode. We then enter the following into the file:

restrict 127.0.0.1

server 0.uk.pool.ntp.org
server 1.uk.pool.ntp.org
server 2.uk.pool.ntp.org
server 3.uk.pool.ntp.org

server  127.127.1.0
fudge   127.127.1.0 stratum 10
driftfile /var/lib/ntp/drift
broadcastdelay  0.008

The “restrict 127.0.0.1″ option only permits the server itself to synchronise the clocks with itself. Without this, the server could potentially be used by anyone as an ntp server. We then specify the servers we wish to synchronise with. You can find a list of servers at http://www.ntp.org or your ISP may offer a time server to use. The “server 127.127.1.0″ defines the local clock and “fudge 127.127.1.0 stratum 10″ sets the distance of the server, almost like the priority to 10, so that the other servers defined will be used before the local clock is used. The “driftfile /var/lib/ntp/drift” specifies the name and location of the driftfile, this file is used to record the drift rate to this file, this helps speed up the synchronisation with the NTP server. “Broadcastdelay” specifies the ammount of delay in the network between the client and the server. The default when we don’t specify a value is 0.004 seconds.

When we’re done we type “Esc” followed by “w” for write and “q” for quit to save and exit the file.

 

4. We now need to start the ntpd service on out host. We do this with the command “/etc/init.d/ntpd start“. The service will start and begin to bring our server clock to the right time. It may take a while to do this. Instead of changing the clock to the correct time immediately, NTP makes slight changes to the clock. This is to stop some applications having a fit. We can, however, change the time immediately with the command “ntpdate -u ntpserver” where ntpserver is a valid NTP server. In my case, I might use 0.uk.pool.ntp.org.

5. Now that our host(s) have to correct time we can set the guest server to use the host as a time source in VMware Tools. Once we open theVMware tools dialogue box, we can see on the first tab an option called “Time synchronization between the virtual machine and the ESX server.” If we select this, the guest server will use the host to keep time.

 

 

Our second method is to get the guest server to use time servers directly. We can do this easily with w32tm.

 

1. For this method we do not need to set the host server to use an accurate time source, so we can just jump straight onto the guest. We first need to start by determining the server that holds the PDC fsmo role, we can do this with the command “netdom query fsmo“. This is the results of the command that we get running it on the domain controller that we provisioned in the post Creating a Domain Controller.

Not surprisingly, the server we are on is the PDC (in the post NT4 world the concept of PDC’s and BDC’s dont exist, but the fsmo role is there for backwards compatability and is a PDC emulator), as it is the only server in our domain.

 

2. We now start by stopping the w32time service with the command “net stop w32time”. Now the service is stopped, we can use the command “w32tm /config /syncfromflags:manual /manualpeerlist:”server1, server2, server3” where server1, server2, and server3 are valid NTP servers, at least one is required. Note: the list of servers are surrounded by quotation marks “. Breaking down this command we see “/config” this means that we want to configure  w32tm, “/syncfromflags:manual” specifies the NTP server that the computer should query for time, in our case “manual“, so we now need so specify our manual list. This is where “/manualpeerlist:”server1, etc, etc” comes in.

 

3. Our next command is “w32tm /config /reliable:yes“. This allows the server to announce itself as a reliable time source on the network and other servers and PCs in our domain will use this server to keep time.

 

4. Finally, we need to start the e32time service again. The command for this is “net start w32time“. Altogether, the commands look like this. I’ve only included two servers here to keep the length of the line short.

n short.et stop w32time
w32tm /config /syncfromflags:manual /manualpeerlist:"0.uk.pool.ntp.org, 1.uk.pool.ntp.org"
w32tm /config /reliable:yes
net start w32time

And a screenshot:

 

Summary

We’ve seen how to set up our VMware ESX hosts to query NTP servers for the correct time, and to allow our Windows guests to syncronise with the host server. We also saw how to configure the guest server to query NTP servicers directly. This is ideal because it can be used on physical servers. We can also use the method implemented on the ESX host to configure our Linux servers, we just don’t need to use the command “esxcfg-firewall -e ntpClient” as it won’t be an ESX server. We may need to open a port in iptables or any other firewall we may be running to allow the NTP client access to the NTP server.

 

I hope you found this post informative, please leave a comment if you have any questions or feedback.

2,589 comments on “VMware Time Drift

  1. Pingback: http://robhasawiki.com/index.php?title=User_talk:AidaHoran

  2. Pingback: weed seed bank

  3. Pingback: win money playing

  4. Pingback: www.topbadcreditpaydayloans.co.uk

  5. Pingback: phen375 consumer reviews

  6. Pingback: yepi friv

  7. Pingback: Adiphene

  8. Pingback: retro jordans

  9. Pingback: sbobet casino

  10. Pingback: loose manboobs

  11. Pingback: Read blog-sexe-tube.com

  12. Pingback: http://tagawaydeal.com/

  13. Pingback: agen bola

  14. Pingback: fat loss factor

  15. Pingback: agen bola

  16. Pingback: http://www.routingcheck.com/td-bank-routing-number.html

  17. Pingback: quotes about motivation in life

  18. Pingback: Vitamins

  19. Pingback: cheating spouse

  20. Pingback: EPXBody.com

  21. Pingback: songs about life and motivation

  22. Pingback: payday loan no fax

  23. Pingback: resistance bands quickness

  24. Pingback: http://www.personaldebtrelief.co.uk/

  25. Pingback: best quality garcinia cambogia

  26. Pingback: over 50 life insurance

  27. Pingback: european roulette wheel

  28. Pingback: payday loan consolidation

  29. 12 month loans on said:

    Low-interest loans are 12 month loans bad credit and loans that provide instant cash to the borrowers. These credit facilities are granted financial instruments that have been introduced in order to facilitate people suffering from fiscal problems. http://n12monthloans.co.uk

  30. Harry Dick on said:

    For those are hunting for any loan company to get loan for 12 months Payday Loans 12 Months are the best idea. Consult your lender online and fill out your loan application. Without wasting your time your lender will provide you with enough funds in only 24 hours keeping your details confidential. Visit @ http://n12monthpaydayloans.co.uk/

  31. Jeane Cloud on said:

    Saturday is a day which brings a good and relaxed feeling as next day is Sunday which means holiday and off from every hectic work. Anything is possible anytime similarly it is possible that you suddenly run out of cash on Saturday when banks don’t work throughout the day and next day they are closed. If you get into a problem at night than who will help you that time? These things are possible with anyone. We need to know the solution to prevent money stress if we somehow fell into the well of financial crunch. The solution is very simple and easily available for everyone and it is known as Saturday Payday Loans. Visit @ http://www.sundayloanspayday.co.uk/

  32. Shaylee Marion on said:

    No one will argue with the fact that the good times have been put in storage, with the high life something that only very few of us can still enjoy. The economic situation all around the world is such that many find themselves looking for a way out of financially perilous situations. http://www.all-paydayloans.co.uk/12-month-pl.html

  33. Hey guys very good article

  34. Sophia Cruz on said:

    At this point , it seems that some of the money to support them in any tree , they can easily meet the 12 -month loans may use the money to help individuals quickly and properly .

    http://www.6monthloans12uk.co.uk/

  35. Harry Johnson on said:

    The emergencies are inevitable and he cannot fight with them unless he borrows some amount in form of loan. These loans which are used for personal or business purpose just for smaller period of time are called instant cash loans.
    http://www.ukinstantloanss.co.uk/

  36. Fast Loans on said:

    The funds generated can be utilized for meeting various expenses such as paying grocery bills, electricity bills, medical bills, admission fee, paying home installments or meeting family emergency.
    http://fastnocreditcheckloanss.co.uk/

  37. kallysmith on said:

    If you’re wondering if your information is safe with us, we have to ensure that we adhere to the privacy policy quick loans. Your data will not be disclosed to another device. In addition, you always have the option to cancel your application with us and demand no. You can get more information about fast loan payday loans fast payday loans today hours today, quick loans no credit check the same day cash loans, fast loans today, get cash assistance at any time during the month. Fast loans are beneficial to the individual wage earner need cash.
    http://24hrsamedayloans-uk.co.uk

  38. Dayna Reese on said:

    It has done thee with their provider the money will do little, and after he get verification satisfied with your information, [url=http://www.besteasypaydayloans.co.uk/]payday loans uk[/url] he immediately grant your money and after that the money wired into your account in small span of time. You can do anything you like with the captured through this service means. [url=http://www.ukpaydayloansprovider.co.uk/]payday loans[/url] And lastly, make sure the borrowed funds on time to avoid penalties and increase to pay your finance ratings.There are several requirements that have to be made the specific date. [url=http://www.onlinepaydayloanss.co.uk/]payday loans online[/url] Employed Person face several issues that had to be made clear, it may not be possible to delete all of the costs at the same time as the income they receive is not enough.

  39. poundloans2500 on said:

    Hello ,

    Need 250 Pound loans come with us and get instant approval loan today .

    Thanks

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>