Currently I’m working on my 70-640 Microsoft Server 2008 R2 exam. My setup includes my main desktop with the second NIC directly connected to my lab router, a Cisco 831 SOHO router/switch. This connects into my VMWare server, a Rackable 2U unit I picked up on Ebay. The idea originally was to have my lab network completely isolated from my home LAN and the internet, however I’ve ran into a problem with that idea: time.
Because it is a lab, and I’m conscious about my power bill, I turn off all the equipment when not in use. This is starting to cause problems with the router, VMWare host, and the guests all having different times set. Not being able to login due to the time being set 3 hours off is frustrating! So how am I to fix this?
Well, my first though is to use the Cisco router as an NTP server. Before I can do that, I need to make sure ITS clock is synced.
I connect the WAN port of the device into my home LAN and assign it a static address 192.168.1.252.
I run Show Clock and confirm the time is incorrect. I enter configuration mode and type NTP ? and get back % Unrecognized command. hmm. listing all commands confirms NTP is not available. I do have the option to sync time using SNTP, but thats all it does. It cannot act as a server. Alright, if I’m going to do this, lets do this completely.
I set the NTP Server using the command sntp server 209.167.68.100. This is the NTP server for 1.north-america.pool.ntp.org…..and after a while the clock is still wrong. It’s 4 hours fast. Lets see what’s going on.
debug sntp packets
Sep 4 16:16:08.022: Sending SNTP packet to 209.167.68.100
Sep 4 16:16:08.022: xmt D3F0A7C8.05DB8665 (16:16:08.022 UTC Tue Sep 4 2012)
OK, so it’s getting the correct UTC code. But here in the US Eastern Time Zone it is 12:16. I forgot to set a time zone!
LABROUTER(config)#clock timezone EST -4
Sep 4 16:23:13.262: %SYS-6-CLOCKUPDATE: System clock has been updated from 16:23:13 UTC Tue Sep 4 2012 to 12:23:13 EST Tue Sep 4 2012, configured from console…
LABROUTER#show clock
12:25:11.422 EST Tue Sep 4 2012
Bingo!
Since I can’t make the Cisco router my NTP server, I’m going to have to have to allow some lab traffic onto my home network.
Setup NAT with overload on the WAN Port. Well, that gives anything on my LAN full network access. I don’t want that. Time to setup an access list!
access-list 100 permit udp 172.16.1.0 0.0.0.255 eq ntp any
interface Ethernet1
description WAN PHYSICAL INTERFACE
ip address 192.168.1.252 255.255.255.0
ip access-group 100 out
ip nat outside
Double NAT for the win!
Setting the NTP settings for the ESXi host is as easy as following the instructions on this link:
http://www.emware.nl/articles/configure-your-time-ntp-server-on-esxi.html
What this leaves off is that while in that screen you can adjust the time VCenter, the host will still use the UTC time code as it is received. What I need to do now is set the time zone of the ESXi host.
Brilliantly, there is no way to set a timezone from the ESXi home screen, and I don’t have it setup for SSH access, so the rest will have to wait.
Any guest with VMWare Tools installed will now sync time automatically with the host. This seems to be the case in practice. For now, everything will be synchronized, but in the wrong time zone. I can live with that in the lab environment for now. In the future I’ll look to correct the time zone.
My Geeky Blog 