"Kim dove into the problem again, and found the controller's NTP service configured correctly, but attempts to manually sync the machines saw the NTP daemon report it could not find any servers. Which was odd, because the NTP server was clearly broadcasting the time, and other machines in the lab requested and received time information. Kim eventually remembered that the NTP daemon has a "panic threshold.""
"NTP's job is to keep time and broadcast it so that clocks on all machines connected to a network are in synch. This matters for many reasons, among them consistency of log files - if every machine on a network kept different time it would be very hard to investigate an incident. The panic threshold exists to stop a client of an NTP server synching if there's a big discrepancy between time as experienced by client and server."
An application server was more than five minutes out of sync with the domain controller acting as the lab's NTP server. All servers were out of sync and staff had known for over a year without remediation. Management required application timestamps be within one minute of real time. The controller's NTP service was configured correctly but manual sync attempts failed because the NTP daemon reported it could not find servers. The daemon refused to adjust because the time discrepancy exceeded its panic threshold. Increasing the panic threshold allowed the daemon to stop panicking and resynchronize clocks, restoring consistent timestamps for logs and investigations.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]