Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

Trending KB Articles

april-30.jpg

Support Central: KB #1436: Adjusting the NTP Offset in NIOS

This week, we're "turning back the clock" for an oldie-but-a-goody that many customers have requested.

 

The topic centers around NTP service enabled on the Grid and syncing time with external NTP servers.

 

Resolution    

According to the NTP protocol, “the local-clock process operates upon the offset data produced by the update procedure and adjusts the phase and frequency of the local clock using the mechanisms described in RFC- 1305 (section 5). This may result in either a step-change [adjustment] or a gradual phase (slew) adjustment of the local clock to reduce the offset to zero."

The Infoblox member adjusts the offset with external NTP server either in step-change or a gradual phase (slew) adjustment of the local clock to reduce the offset to zero. If the offset is greater than 300 seconds, the Infoblox member needs to use step-change by issuing thentpupdate command. If the offset is less than 300 seconds, the Infoblox member uses a gradual phase(slew) adjustment of the local clock to reduce the offset to zero.

The Infoblox member clock is adjusted (step-change) using the ntpdate command only during the product restart to set the time. After that, it uses the gradual phase (slew) adjustment of the clock to reduce the offset to zero. From the show ntp output and review of the case notes, if the offset is less than 300 secconds, the Infoblox member needs use a gradual phase (slew) adjustment of the local clock to reduce the offset to zero (small adjustment takes a long time). It might take 1-2 days to make the offset down to 0 or to a closer value.

The reason for not adjusting the clock via step-change by the Infoblox members (bigger step and only configure to use step-change during product restart) is the assumption that the appliance has a huge offset with the external NTP servers. If the ntpdate command is called to adjust the clock when all the services are running, the appliance clock is stepped forward/backward. This forward/backward step interrupts the DHCP/DNS/watchdog OR other services that rely on the time.

Please note that many services rely on time and jumping the time abruptly affects these services

Showing results for 
Search instead for 
Did you mean: