ESXi时间同步测试 - 与Windows搭建的NTP - server无法同步的原因

ESXi与NTP服务器同步的抓包测试

问题：

ESXi配置NTP时间同步时，当指向由Windows系统搭建的NTP服务器时，无法实现同步，而指向由Linux系统搭建的NTP服务器时，则可以实现同步。为查找问题根源，专门搭建了测试环境，进行抓包分析，研究其中发生的过程。

测试环境：

序号 名称 1 2 3 4 拓扑图： ESXi Server Router NTP Server1 NTP Server2 IP Address 192.168.131.222 192.168.131.119 192.168.130.119 192.168.130.3 192.168.130.4 系统版本 ESXi5.0 Windows 2003 Rhel5.5 作用 ESXi服务器，作为NTP客户端 配置了路由功能，并安装抓包工具 搭建NTP服务器 Windows2003 搭建NTP服务器 IP：192.168.131.119IP：192.168.130.119ESXi ServerIP：192.168.131.222Windows2003NTP ServerIP:192.168.130.3路由器，监控点LinuxNTP ServerIP:192.168.130.4

1 / 13

测试ESXi使用Windows 2003搭建NTP的服务器

按照VMware提供KB的建议，

http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&externalId=1035833&sliceId=1&docTypeID=DT_KB_1_1&dialogID=970332905&stateId=1 0 970354356

1.配置Windows 2003，搭建NTP客户端

修改注册表，步骤如下： 1.Enable NTP mode:

Locate HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\W32Time\\Parameters Set the Type value to NTP.

2.Enable the NTP Client:

Locate HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\W32Time\\Config Set the AnnounceFlags value to 5.

2 / 13

3.Specify the upstream NTP servers to sync from:

Locate HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\W32Time\\TimeProviders Set the NtpServer value to a list of at least 3 NTP servers.

Example: You might set the value to:

pool.ntp.org,0x1 2.pool.ntp.org,0x1 3.pool.ntp.org,0x1

Note: On a Windows 2008 Domain Controller, NtpServer is located in

HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\W32Time\\Parameters.

4.Specify a 15-minute update interval: Locate

HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\W32Time\\TimeProviders\\NtpClient Set the SpecialPollInterval value to 900.

5.Restart the W32time service for the changes to take effect.

3 / 13

2.配置ESXi Server，将其NTP服务器指向由Windows搭建的NTP服务器

1.Open the /etc/ntp.conf file in a text editor. For more information, see Editing configuration files in VMware ESXi and ESX (1017022).

2.Add thetosmaxdistcommand on its own line: tosmaxdist 30

3.Save and close the configuration file.

4.Make the /etc/likewise/lsassd.conf file writable by running the command: chmod +w /etc/likewise/lsassd.conf

5.Open the /etc/likewise/lsassd.conf file in a text editor. For more information, see Editing configuration files in VMware ESXi and ESX (1017022).

4 / 13

6.Locate the sync-system-time option, uncomment it, and set the value to no: sync-system-time = no

7.Save and close the configuration file.

8.OnESXi, save the configuration changes to the boot bank so they persist across reboots by running the command: /sbin/auto-backup.sh

9.Restart the ntpd and lsassd services for the configuration changes to take effect by running the commands:

servicelsassd restart servicentpd restart

Note: To restart the ntpd and lsassd services on an ESXi host, run these commands:

./etc/init.d/lsassd restart ./etc/init.d/ntpd restart

5 / 13

3.配置ESXi的NTP服务器地址

4.监控数据包

只有从ESXi发出的NTP包，NTP server没有回复。

6 / 13

5.在KB的基础上做调整，修改注册表，启动NTP服务

修改注册表的键值:Run->regedit

HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\W32Time

\\TimeProviders\\NtpServer内的Enabled为1，打开NTP服务器功能（默认是不开启NTP Server服务

重启W23Time服务

6.启动NTP服务后，抓包显示NTP服务器有了回复

7 / 13

7.NTP数据包

ESXi发出的NTP请求包是NTP版本4.

Windows搭建的NTP Server的响应包是NTP版本3

ESXi未完成时间同步，NTP服务器发回的响应包并未被接受。

8 / 13

测试ESXi使用Linux搭建NTP的服务器

1.配置Linux作为NTP服务器

1.编辑ntp.conf

2.Ntp.conf配置示例： # Permit time synchronization with our time source, but do not # permit the source to query or modify the service on this system. restrict default nomodify # Permit all access over the loopback interface. This could # be tightened as well, but to do so would effect some of # the administrative functions. restrict 127.0.0.1 9 / 13

# -- CLIENT NETWORK ------- # Permit systems on this network to synchronize with this # time service. Do not permit those systems to modify the # configuration of this service. Also, do not use those # systems as peers for synchronization. # restrict 192.168.1.0 mask 255.255.255.0 nomodifynotrap # --- OUR TIMESERVERS ----- server 0.pool.ntp.org server 1.pool.ntp.org server 2.pool.ntp.org # --- NTP MULTICASTCLIENT --- #multicastclient # listen on default 224.0.1.1 # restrict 224.0.1.1 mask 255.255.255.255 nomodifynotrap # restrict 192.168.1.0 mask 255.255.255.0 nomodifynotrap # --- GENERAL CONFIGURATION --- # # Undisciplined Local Clock. This is a fake driver intended for backup # and when no outside source of synchronized time is available. The # default stratum is usually 3, but in this case we elect to use stratum # 0. Since the server line does not have the prefer keyword, this driver # is never used for synchronization, unless no other other # synchronization source is available. In case the local host is # controlled by some external source, such as an external oscillator or # another protocol, the prefer keyword would cause the local host to # disregard all other synchronization sources, unless the kernel # modifications are in use and declare an unsynchronized condition. # server 127.127.1.0 # local clock fudge 127.127.1.0 stratum 10 # # Drift file. Put this in a directory which the daemon can write to. # No symbolic links allowed, either, since the daemon updates the file # by creating a temporary in the same directory and then rename()'ing # it to the file. # driftfile /var/lib/ntp/drift 10 / 13

broadcastdelay 0.008 # # Keys file. If you want to diddle your server at run time, make a # keys file (mode 600 for sure) and define the key number to be # used for making requests. # # PLEASE DO NOT USE THE DEFAULT VALUES HERE. Pick your own, or remote # systems might be able to reset your clock at will. Note also that # ntpd is started with a -A flag, disabling authentication, that # will have to be removed as well. # keys /etc/ntp/keys

3. Linux防火墙启动123端口

11 / 13

2.更改ESXi的NTP服务器，将其指向Linux服务器的IP：192.168.130.4

3.NTP数据包内容

1. 总共发了20个ntp请求包，才实现同步

12 / 13

2.客户端请求包是NTP版本4

3.服务器端响应包是NTP版本4

总结

测试结果表明，按照VMware提供的KB，使用Windows2003搭建的NTP Server，ESXi5.0无法实现与其同步。使用Linux搭建的NTP Server，ESXi5.0可以实现与其同步。

从NTP数据包内容分析，ESXi5.0发出的NTP同步请求包是NTP版本4，Windows系统搭建的NTP Server回复的数据包是NTP版本3。Linux系统搭建的NTP Server回复的数据包是NTP版本4。

13 / 13

本文来源：https://www.bwwdw.com/article/721v.html