Set the Time with NTP
The Linux (UCM/Signalling Server) time of day clock may be more accurate than the Call Server's. We can enable the NTP daemon (optionally synced with an external server) on the Primary Security Server (UCM0), and reference it to synchronise the time and date on all elements - including the Call Server. Call Pilot can also synchronise with a network time server.
If SSH security certificates become invalid, elements can drop-out of the security domain.
1 Set the Primary Linux Base first: Base Manager Date & Time NTP Server type Primary Server: Internal
- In the case of External, enter the IP address of a "higher authority" NTP server (must be reachable).
2 Point the Backup base (UCM1) to the primary NTP server (UCM0) ELAN IP address (the CS is on the ELAN).
- NTP server type for other Linux elements (eg, MAS) is Not a Clock Server, and enter the primary server address.
The Linux Base configuration is complete.
The following images show the relevant (Rel. 7.5) UCM screens:
|Base: Date and Time
||Internal Clock Source
||External Clock Source
||Not a Clock Server
|Click image to view, or right-click and Open Link in a new window/tab|
3 Next, configure the Call Server and enable NTP in LD 117 with the following commands:
=> chg ntp ipaddr <ip UCM0 or NTP server>
=> en ntp
=> sync ntp manual
sync ntp manual will query the NTP server network time, if found.
Check the correct time is returned. If the UTC offset is wrong, enter n and correct it with (hours and minutes):
=> chg utcoffset <hr> 0
When sync ntp manual returns the correct date and time, hit y to accept it.
=> sync ntp backgroundto have the Call Server date and time update automatically (stop ntp background to disable).
Daylight savings time adjustment can also be set to take place automatically on the Call Server, this is done in LD 2.
Refer to Setting Time and Date for more details.
NTP server check:
You can quickly check if an NTP server is responding in Mac OS X terminal with the
SNTP <hostname-or-IP> command:
$ sntp 10.10.10.202 2014 Nov 11 05:22:08.527749 -0.125693 +/- 0.001083 secs
After the date and time, the response also shows that the NTP server is 0.125693 seconds behind the Mac's local time (0.125693 seconds should be subtracted from the local clock to correct it), and that the server time is believed to be correct to within +/- 0.001083 seconds.
Set Date and Time Manually:
Enabling NTP disables being able to set the date and time in LD2 - trying to do so will give TFC errors.
Therefore, to manually change date and time (if the NTP server is unreachable) we must first disable NTP.
In LD 117:
=> stop ntp background
=> dis ntp
Then goto LD 2, and enter:
STAD <day> <month> <year> <hour> <minute> <second>
Example: < - Current time. Enter this command exactly as shown.
LD 117 NTP Command Summary:
|CHG NTP IPADDR||Configure the IP addresses for the Primary and/or Secondary NTP Servers.|
|CHG NTP THRESH||Configure the 3 NTP threshold levels (Minimum, Warning, Maximum).|
|CHG NTP SECURE||Configure the parameters used by the Primary and/or Secondary NTP servers in secure mode of operation.|
|CHG NTP AUTHMODE||Configure the security mode for the Primary, Secondary, or both, NTP servers.|
|CHG NTP TIMEINT||Configure the time interval for background NTP synchronization and offset from other background routines.|
|CHG UTCOFFSET||Configure the time offset (from UTC) for the local time zone.|
|ENL NTP||Enable NTP.|
|DIS NTP||Disable NTP.|
|STAT NTP||Check Status of NTP.|
|SYNC NTP||Synchronize NTP servers manually or in background mode.|
|STOP NTP BACKGROUND||Stop background synchronization from running.|
|PRT NTP||Display the current configuration parameters of NTP.|
LD 117 Example Output:
>ld 117 OAM000 => chg ntp ipaddr 10.10.10.202 - configure primary NTP server IP NTP Server's IP address is configured Primary IP Address: 10.10.10.202 Secondary IP Address: 0.0.0.0 The secured parameters for the changed IP address has been reset => stat ntp - print NTP status information CURRENT NTP CONFIGURATION NTP Status: DISABLED Primary IP address: 10.10.10.202 Secondary IP address: 0.0.0.0 UTC Offset: 00:00 Last Updated: 00:00:00 on 0-0-0 Delta: 00 Threshold: NORMAL Security Mode for Primary: INSECURE Security Mode for Secondary: INSECURE Synchronization Status: INACTIVE COUNTERS Packets Sent: 0 Packets Received: 0 LAST NTP CONFIGURATION NTP Status: DISABLED Primary IP address: 0.0.0.0 Secondary IP address: 0.0.0.0 UTC Offset: 00:00 Delta: 00 Threshold: NORMAL Security Mode for Primary: INSECURE Security Mode for Secondary: INSECURE Syncing Mode: INACTIVE LAST SYNCHRONIZATION ERROR Date and Time: 08:26:19 on 18-5-2012 Type of Error: SCH1689 => en ntp - enable NTP NTP is running in CS mode. Mode of security for Primary:INSECURE Mode of security for Secondary:INSECURE NTP feature is enabled. => sync ntp manual - check the server responds Trying 10.10.10.202......Please do not abort from overlay till sync operation is executed NTP is not running in secured mode " ERR0061": Delta between server clock and system clock exceeds the critical threshold level. NTP Server Time is 08:48:53 on 18-5-2012 Do you want to update the time (y/n)? [n]y - yes! => Updated Call Server Time to 08:49:01 on 18-5-2012 =>