VMware VCP 4 Dumps|Pass your VCP 4 Exam Today

Restart NTP Service
After editing the three files, we need to restart the NTP service. To do that type service ntpd restart at command
prompt.

www.certifyme.com
To enable NTP daemon to autostart when the server is rebooted, type chkconfig –level 345 ntpd on at command
prompt
Now we have to set the local hardware clock to NTP synchronized local system time. To do that, type hwclock -
-systohc at command prompt.
This command will successfully poll NTP server and the kernel sets the hardware clock to system clock time
automatically.
References:
• http://support.ntp.org/bin/view/Main/DocumentationIndex
• http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&externalId=133
9&sliceId=1&docTypeID=DT_KB_1_1&dialogID=42914722&stateId=0%200%2041456647
• http://support.ntp.org/bin/view/Main/WebHome
• http://support.ntp.org/bin/view/Servers/WebHome
• http://support.ntp.org/bin/view/Servers/NTPPoolServers

NTP
The Network Time Protocol is usable in a virtual machine with proper configuration of the NTP daemon. The
following points are important:
• Do not configure the virtual machine to synchronize to its own (virtual) hardware clock, not even as a
fallback with a high stratum number. Some sample ntpd.conf files contain a section specifying the local
clock as a potential time server, often marked with the comment “undisciplined local clock.” Delete any
such server specification from your ntpd.conf file.
• Include the option tinker panic 0 at the top of your ntp.conf file. By default, the NTP daemon sometimes
panics and exits if the underlying clock appears to be behaving erratically. This option causes the
daemon to keep running instead of panicking.
• Follow standard best practices for NTP: Choose a set of servers to synchronize to that have accurate
time and adequate redundancy. If you have many virtual or physical client machines to synchronize, set
up some internal servers for them to use, so that all your clients are not directly accessing an external
low†stratum NTP server and overloading it with requests.
VMware ESX and ESXi also include an NTP daemon. You can enable and configure NTP from the Virtual
Infrastructure Client. The ESX NTP daemon runs in the service console. Because the service console is partially
virtualized, with the VMkernel in direct control of the hardware, NTP running on the service console provides

www.certifyme.com
less precise time than in configurations where it runs directly on a host operating system. Therefore, if you are
using native synchronization software in your virtual machines, it is somewhat preferable to synchronize them
over the network from an NTP server that is running directly on its host kernel, not to the NTP server in the
service console. In VMware ESXi, there is no service console and the NTP daemon runs directly on the
VMkernel.
Lab Scenario
As part of implementing VMware Vsphere 4, you have decided to configure NTP on ESX hosts that you have
created. However, you haven’t installed VMware Vsphere client to configure NTP on ESX hosts using graphical
mode. You need to configure NTP using CLI based console in ESX 4.0.
Lab Objectives
Using your personal lab, configure NTP on an ESX Host
Lab Solution
To configure NTP on an ESX host, follow the steps given below:
Enter the console by pressing ALT+F2.
Login using the root administrator password.
certifyme.com
First we need to edit /etc/ntp.conf file and then the /etc/ntp/step-tickers. But before doing that we need to make
a backup copy of /etc/ntp.conf file using the following command:
cp /etc/ntp.conf /etc/ntp.conf.bk
Now you need to edit /etc/ntp.conf file to include the following lines:

www.certifyme.com
restrict 127.0.0.1
restrict default kod nomodify notrap
server 0.vmware.pool.ntp.org
server 1.vmware.pool.ntp.org
server 2.vmware.pool.ntp.org
driftfile /etc/ntp/drift
To edit the file, type nano /etc/ntp.conf
You will enter the write modification mode. Type the lines mentioned above.

www.certifyme.com
Now save the file by pressing CTRL+X and save the file by pressing ‘Y’

www.certifyme.com
Do not write the filename. Just press ‘Enter’

www.certifyme.com
Now we have to edit /etc/ntp/step-tickers file. To do that first we need to back up the existing file. At the
command prompt type:
cp /etc/ntp/step-tickers /etc/ntp/step-tickers.bk
Now edit /etc/ntp/step-tickers file by typing:
nano /etc/ntp/step-tickers

www.certifyme.com
And include the following in the file:
0.vmware.pool.ntp.org
1.vmware.pool.ntp.org
2.vmware.pool.ntp.org

www.certifyme.com
Now exit the file by pressing CTRL+X. Then press ‘Y’ and on the file write prompting, press ‘Enter’
Edit the third file /etc/hosts. By adding the NTP server list in this file, you actually minimize the impact of DNS
lookup failures during NTP synchronization
Edit /etc/hosts by typing nano /etc/hosts and press ‘Enter’
Now add these lines to the file:
0.vmware.pool.ntp.org
1.vmware.pool.ntp.org

www.certifyme.com
2.vmware.pool.ntp.org
Save the file by pressing CTRL+X and then ‘Y’ and then ‘Enter’

www.certifyme.com
After these tasks, we need to enable NTP client for firewall. This opens appropriate ports and enables NTP
daemon to talk to external server.
Enable NTP client for firewall by typing esxcfg-firewall –enableService ntpClient at the command prompt.

Exam Objective: Configure ESX/ESXi NTP

Contents
• Introduction
• Technology Background
• Lab Scenario
• Lab Objectives
• Lab Solution

Introduction
The Network Time Protocol (NTP) is widely used to synchronize a computer to Internet time servers or other
sources, such as a radio or satellite receiver or telephone modem service. It provides accuracies typically less
than a millisecond on LANs and up to a few milliseconds on WANs. Typical NTP configurations use multiple
redundant servers and diverse network paths in order to achieve high accuracy and reliability.
NTP time synchronization services are widely available in the public Internet. The public NTP subnet in early
2008 includes several thousand servers in most countries and on every continent of the globe, including
Antarctica. These servers support a total population estimated at over 25 million computers in the global
Internet.
The NTP subnet operates with a hierarchy of levels, where each level is assigned a number called the stratum.
Stratum 1 (primary) servers at the lowest level are directly synchronized to national time services. Stratum 2
(secondary) servers at the next higher level are synchronized to stratum 1 servers and so on. Normally, NTP
clients and servers with a relatively small number of clients do not synchronize to public primary servers. There
are several hundred public secondary servers operating at higher strata and is the preferred choice.
Technology Background
Because virtual machines work by time†sharing host physical hardware, a virtual machine cannot exactly
duplicate the timing behavior of a physical machine. VMware virtual machines use several techniques to

www.certifyme.com
minimize and conceal differences in timing behavior, but the differences can still sometimes cause timekeeping
inaccuracies and other problems in software running in a virtual machine.
VMware Timer Virtualization
VMware products use a patent†pending technique to allow the many timer devices in a virtual machine to
fall behind real time and catch up as needed, yet remain sufficiently consistent with one another that software
running in the virtual machine is not disrupted by anomalous time readings. In VMware terminology, the time
that is visible to virtual machines on their timer devices is called apparent time. Generally, the timer devices in a
virtual machine operate identically to the corresponding timer devices in a physical machine, but they show
apparent time instead of real time.
Virtual PIT
VMware products fully emulate the timing functions of all three timers in the PIT device. In addition, when the
guest operating system programs the speaker timer to generate a sound, the virtual machine requests a beep
sound from the host machine. However, the sound generated on the host may not be the requested frequency or
duration.
Virtual CMOS RTC
Current VMware products emulate all the timing functions of the CMOS RTC, including the time of day clock
and the periodic, update, and alarm interrupts that the CMOS RTC provides.
Many guest operating systems use the CMOS periodic interrupt as the main system timer, so VMware products
run it in apparent time to be consistent with the other timer devices. Some guest operating systems use the
CMOS update interrupt to count off precisely one second to measure the CPU speed or the speed of other timer
devices, so VMware products run the CMOS update interrupt in apparent time as well.
In contrast, VMware products base the virtual CMOS TOD clock directly on the real time as known to the host
system, not on apparent time. This choice makes sense because guest operating systems generally read the
CMOS TOD clock only to initialize the system time at power on and occasionally to check the system time for
correctness. Operating systems use the CMOS TOD clock this way because it provides time only to the nearest
second but is battery backed and thus continues to keep time even when the system loses power or is restarted.
VMI Para virtual Timer
The Virtual Machine Interface (VMI) is an open Para virtualization interface developed by VMware with input
from the Linux community. VMI is an open standard, the specification for which is available at
http://www.vmware.com/pdf/vmi_specs.pdf. VMI is currently defined only for 32†bit guests. VMware
products beginning with Workstation 6 and ESX 3.5 support VMI.
VMI includes a Para virtual timer device that the guest operating system kernel can use for tickles timekeeping.
In addition, VMI allows the guest kernel to explicitly account for “stolen time”; that is, time when the guest
operating system was ready to run but the virtual machine was descheduled by the host scheduler.
ESX Host (Linux Kernel)

www.certifyme.com
Since ESX and ESXi are based on Linux kernels, the Linux timekeeping mechanisms are necessary to
understand to effectively configure ESX host NTP.
Clocksource Kernels
With the new clocksource abstraction, the kernel’s high†level timekeeping code basically deals only with
wall†clock time and NTP rate correction. It calls into a lower†level clocksource driver to read a counter
that reflects the raw amount of time (without rate correction) that has passed since boot. The available
clocksource drivers generally do not use any of the problematic techniques from earlier Linux timekeeping
implementations, such as using one timer device to interpolate between the ticks of another or doing lost tick
compensation. In fact, most of the clocksource drivers are tickless. The TSC clocksource (usually the default)
basically just reads the TSC value and returns it. The ACPI PM Timer clocksource is similar, as the kernel
handles timers that wrap (which occurs about every four seconds with a 24†bit ACPI PM timer) and extends
their range automatically.
The clocksource abstraction is a good match for virtual machines, though not perfect. The TSC does not run at a
precisely specified rate, so the guest operating system has to measure its rate at boot time, and this measurement
is always somewhat inaccurate. Running NTP or other clock synchronization software in the guest can
compensate for this issue, however. The ACPI PM timer does run at a precisely specified rate but is slower to
read than the TSC. Also, when clocksource is used without NO_HZ, the guest operating system still programs a
timer to interrupt periodically, so by default; the virtual machine still keeps track of a backlog of timer
interrupts and tries to catch up gradually. The NO_HZ option provides a further significant improvement.
Because the guest operating system does not schedule any periodic timers, the virtual machine can never have a
backlog greater than one timer interrupt, so apparent time does not fall far behind real time and catches up very
quickly. Also important, NO_HZ tends to reduce the overall average rate of virtual timer interrupts, improving
system throughput and scalability to larger numbers of virtual machines per host.