Menu

Virtual Geek

Tales from real IT system administrators world and non-production environment

Configure PTP (Precision Time Protocol) on ESXi Server

Time keeping on ESXi server is a best practice, It helps in SSL certificate authentication and troubleshooting (logs/activities), it is very essential to Time configuration settings on ESXi server after deployment or after later. I have written two articles earlier on this topic.

vSphere ESXi security best practices: Time configuration - (NTP) Network Time Protocol
VMWare Powercli: Time Configuration (NTP - Network Time Protocol) on multiple Esxi server

In above articles I was using NTP (Network Time Protocol) on Esxi server, starting with vSphere 7 version there is a new protocol option available to configure time. The Precision Time Protocol (PTP) is a protocol used to synchronize clocks throughout a computer network. On a local area network, it achieves clock accuracy in the sub-microsecond range. NTP is a unicast protocol in most cases. That's a point-to-point UDP transaction. PTP defaults to a multicast protocol - so broadcast messages are sent across the network for every packet.

To start choose ESXi server >> click Configure tab >>  from navigation expand System and click Time Configuration, make sure NTP Client is Disabled and NTP service status is stopped. 

Note: To ensure that the time of an ESXi host is synchronized with the time of other components of the vSphere network, you can synchronize the time and date of the host to a PTP server. The PTP and the NTP services cannot run simultaneously. Disable the NTP service and then enable the PTP service. Additionally, when you enable the PTP service, the manual time configuration becomes inactive.

On the Precision Time Protocol click Edit button.

VMWARE-VSPHERE-vcenter-esxi-Time-configuration-network-time-protocol-precision-Time-protocol-ntp-ptp-servers-esxi-configuration-edit-settings-time-synchronization-date-and-time

On the Edit Precision Time Protocol click Enable. Under Networking Settings, select Virtual Network interface (vmk - vmkernel port) from the drop down box. This interface will be used to sync time from the PTP server. Click OK.

Note: make sure you must start the service manually in the services view of the host.

vmware-vsphere-esxi-vcenter-edit-precision-time-protocol-start-ptp-service-manually-networking-settings-network-interface-IPV4-subnet-mask-vmk0

PTP client is enabled now but PTP service status is still Stopped.

vmware-vsphere.vcenter-esxi-precision-time-protocol-network-time-protocol-ptp-client-enabled-ptp-service-status-stopped-network-interace-vmk0

To start service choose Services from navigation pane, select PTP daemon and click Start, then on Edit Startup Policy make sure start and stop with host is chosen click OK.

vmware-vsphere-vcenter-esxi-services-ptp-daemon-start-edit-startup-policy-start-and-stop-with-host-precision-time-protocol-ntp-network-time-protocol-configuration-esxi

PTP daemon is Running and it will start and stop with host under Startup Policy.

vmware-vsphere-vcenter-esxi-precision-time-protocol-network-time-protocol-ptp-ntp-start-and-stop-with-host-daemon-running-time-configuration-esxi-services

If I check status under Time Configuration, PTP service status is running.

vmware vsphere vcenter esxi time configuration current time configuration time synchronization precision time protocol network time protocol ntp client ntp service status netp servers network interface ptp.png

Useful articles
Configure syslog on VMware ESXi hosts: VMware best practices
Configure SNMP on ESXi Server GUI :Vmware Best Practices

vmware workstation, vmware vsphere vcenter server vcsa vmca microsoft ca, windows certificate authority, ssl certificate openssl self signed esxiGenerate new self-signed certificates for ESXi using OpenSSL
Push SSL certificates to client computers using Group Policy
Replacing a default ESXi certificate with a CA-Signed certificate
Troubleshooting replacing a corrupted certificate on Esxi server 

Go Back

Comment

Blog Search

Page Views

11275444

Follow me on Blogarama