NC State Time Service Migration (NTP)
The NCSU time service is being upgraded and moved behind a hardware firewall on new non-public networks with new aliases. Configuration changes will be required to use the new service.
Many of the clients currently using our NTP service are connecting directly to our LVS software load balancer. Others are connecting directly to individual servers which may prevent proper failover. Some are using the server names, which is not recommended.
Off campus access to NTP services
If you need off campus access to NTP services, use servers from the NTP Pool Project at http://www.pool.ntp.org.
For North American hosts, the reccomended values are :
server 0.north-america.pool.ntp.org server 1.north-america.pool.ntp.org server 2.north-america.pool.ntp.org server 3.north-america.pool.ntp.org
Changing your NTP configuration
Changes are based current NTP client configuration
|NTP configuration||DNS available?||New settings|
|Multiple NTP servers||Y||time-4.ncsu.edu, time-5.ncsu.edu, time-6.ncsu.edu|
|Multiple NTP servers||N||18.104.22.168, 22.214.171.124, 126.96.36.199|
|Single NTP server||Y||time.ncsu.edu (request access from Comtech)|
|Single NTP server||N||188.8.131.52 (request access from Comtech)|
Current NC State time service
These new servers replace the old NTP server names (time-1, time-2, time-3) and the old VIP (time.ncsu.edu)
The old “time.ncsu.edu” also served a web page with time information. This functionality has not been carried over to the new vip. If you need the old time web page, it is temporarily available at time.ncsu.edu
The use of DNS aliases will allow future upgrades without disruption or user involvement. For those services that can’t take advantage of DNS, the new IP addresses are listed in the table above.
See current time servers (Linux)
To see the time servers that are in use in Linux , ssh into a host and run :
$ /usr/sbin/ntpq -p remote refid st t when poll reach delay offset disp ========================================================================￬ +time100.unity.n itd-timesource. 2 u 589 1024 377 0.73 1.783 15.29 *time101.unity.n itd-timesource. 2 u 1045 1024 377 0.81 0.761 19.12 +time200.unity.n itd-timesource. 2 u 1019 1024 377 1.02 0.214 15.41
For Windows systems NOT in Wolftech AD, the time will need to be manually changed. They can be updated at any time.
ntp.conf on RHEL hosts for new time servers
For older hosts that are not using Puppet for configuration, the ntp.conf file should look like this :
# ntp.conf - based on Puppet config - 9/22/2017 # Enable next tinker options: # panic - keep ntpd from panicking in the event of a large clock skew # when a VM guest is suspended and resumed; # stepout - allow ntpd change offset faster tinker panic 0 disable monitor # Permit time synchronization with our time source, but do not # permit the source to query or modify the service on this system. restrict default ignore restrict -6 default ignore restrict 127.0.0.1 restrict -6 ::1 restrict 184.108.40.206 nomodify notrap nopeer noquery # time100.unity.ncsu.edu restrict 220.127.116.11 nomodify notrap nopeer noquery # time101.unity.ncsu.edu restrict 18.104.22.168 nomodify notrap nopeer noquery # time200.unity.ncsu.edu # Set up servers for ntpd with next options: # server - IP address or DNS name of upstream NTP server # iburst - allow send sync packages faster if upstream unavailable # prefer - select preferrable server # minpoll - set minimal update frequency # maxpoll - set maximal update frequency server time100.unity.ncsu.edu iburst server time101.unity.ncsu.edu iburst server time200.unity.ncsu.edu iburst