OPNsense Forum
Archive => 19.7 Legacy Series => Topic started by: TheCodeGeek on November 28, 2019, 05:32:12 am
-
My OPNsense instance seems to be off by 1 minute. By this I mean that the Dashboard current time reads 1 minute behind my computers and my phone. Normally this wouldn't be a problem, but I have noticed that when I log into OPNsense with my TOTP, I have to wait until the token expires before I can submit or the logon will fail. I've added both Google and NIST NTP servers to the list. Can someone please help me fix this?
-
What type of hardware do you use?
What does your ntp deamon report to the logs? I am using the ntp pool server of the reagion the FW is located in. For example the .de pool for the firewalls located in Germany.
What happens if you set the hardware clock to the correct time in the BIOS / UEFI?
Regards,
-
Thank you for responding. My instance is running on a Dell R710 with Windows Server 2016 in a Hyper-V instance. I will try to change the time in UEFI/BIOS today, it's just difficult because I access the server via network and OPNsense runs my network. (I need to clone the Hyper-V instance and let the clone take over while I change the UEFI settings)
(https://i.ibb.co/C2VmzpV/OPNsense.png)
Date Message
Nov 28 10:52:47 ntpd[6708]: receive: Unexpected origin timestamp 0xe18a95d1.631c8f0c does not match aorg 0000000000.00000000 from server@72.30.35.89 xmt 0xe18a95ff.6c85933f
Nov 28 10:06:51 ntpd[6708]: receive: Unexpected origin timestamp 0xe18a8b0d.5e27dd79 does not match aorg 0000000000.00000000 from server@108.61.73.244 xmt 0xe18a8b3b.511790d3
Nov 28 10:06:51 ntpd[6708]: receive: Unexpected origin timestamp 0xe18a8b0d.5e2102df does not match aorg 0xe18a8b3b.4861524a from server@184.60.28.49 xmt 0xe18a8b3b.4d92ba88
Nov 28 08:23:33 ntpd[6708]: receive: Unexpected origin timestamp 0xe18a72d7.a0952c7f does not match aorg 0xe18a7305.7a93e2f1 from server@184.60.28.49 xmt 0xe18a7305.7d7905a7
Nov 28 08:17:46 ntpd[6708]: receive: Unexpected origin timestamp 0xe18a717c.b16a1cec does not match aorg 0xe18a71aa.90de33a7 from server@72.30.35.89 xmt 0xe18a71aa.88e8005e
Nov 28 07:30:32 ntpd[6708]: receive: Unexpected origin timestamp 0xe18a666a.6a99dc2c does not match aorg 0000000000.00000000 from server@184.60.28.49 xmt 0xe18a6698.3efb2d80
Nov 28 06:58:25 ntpd[6708]: receive: Unexpected origin timestamp 0xe18a5ee3.ba57b5e5 does not match aorg 0000000000.00000000 from server@72.30.35.89 xmt 0xe18a5f11.86af40bb
Nov 28 06:01:23 ntpd[6708]: receive: Unexpected origin timestamp 0xe18a5185.aa776b4c does not match aorg 0000000000.00000000 from server@184.60.28.49 xmt 0xe18a51b3.6bda5042
Nov 28 05:04:14 ntpd[6708]: receive: Unexpected origin timestamp 0xe18a4420.78c8503b does not match aorg 0xe18a444e.1d8f1bd9 from server@108.61.73.244 xmt 0xe18a444e.1fd24683
Nov 28 03:59:41 ntpd[6708]: receive: Unexpected origin timestamp 0xe18a3500.2ae3ac85 does not match aorg 0000000000.00000000 from server@184.60.28.49 xmt 0xe18a352d.caa14f40
Nov 28 03:30:55 ntpd[6708]: receive: Unexpected origin timestamp 0xe18a2e41.6ac7cf31 does not match aorg 0xe18a2e6f.027e9698 from server@184.60.28.49 xmt 0xe18a2e6f.0b703387
Nov 28 02:37:30 ntpd[6708]: receive: Unexpected origin timestamp 0xe18a21bc.f113ab69 does not match aorg 0000000000.00000000 from server@72.30.35.89 xmt 0xe18a21ea.889fa0ec
Nov 28 01:32:20 ntpd[6708]: receive: Unexpected origin timestamp 0xe18a1276.8a261ad6 does not match aorg 0000000000.00000000 from server@184.60.28.49 xmt 0xe18a12a3.fd05ef14
Nov 28 01:12:34 ntpd[6708]: receive: Unexpected origin timestamp 0xe18a0dd4.e9842520 does not match aorg 0000000000.00000000 from server@72.30.35.89 xmt 0xe18a0e02.6fdb8bdd
Nov 28 00:05:40 ntpd[6708]: receive: Unexpected origin timestamp 0xe189fe26.bab19831 does not match aorg 0000000000.00000000 from server@72.30.35.89 xmt 0xe189fe54.2fa70970
Nov 27 21:50:10 ntpd[6708]: receive: Unexpected origin timestamp 0xe189de64.ba34facb does not match aorg 0xe189de92.0088703e from server@72.30.35.89 xmt 0xe189de92.07378714
Nov 27 21:50:10 ntpd[6708]: receive: Unexpected origin timestamp 0xe189de64.ba2e0a90 does not match aorg 0xe189de92.008723d8 from server@108.61.73.244 xmt 0xe189de92.050536dd
Nov 27 20:00:58 ntpd[6708]: receive: Unexpected origin timestamp 0xe189c4cd.0cad8995 does not match aorg 0000000000.00000000 from server@184.60.28.49 xmt 0xe189c4fa.43ef2fcc
Nov 27 19:54:04 ntpd[6708]: receive: Unexpected origin timestamp 0xe189c32e.d28079a9 does not match aorg 0xe189c35c.09dde8c0 from server@184.60.28.49 xmt 0xe189c35c.088b0407
Nov 27 19:39:35 ntpd[6708]: kernel reports TIME_ERROR: 0x2041: Clock Unsynchronized
Nov 27 19:39:35 ntpd[6708]: kernel reports TIME_ERROR: 0x2041: Clock Unsynchronized
Nov 27 19:39:35 ntpd[6708]: Listening on routing socket on fd #27 for interface updates
Nov 27 19:39:35 ntpd[6708]: Listen normally on 6 hn0 [2001:558:600a:c2:68a4:27a9:c44c:5b0f]:123
Nov 27 19:39:35 ntpd[6708]: Listen normally on 5 hn0 73.19.35.19:123
Nov 27 19:39:35 ntpd[6708]: Listen normally on 4 hn0 [fe80::215:5dff:fe01:fd19%5]:123
Nov 27 19:39:35 ntpd[6708]: Listen normally on 3 lo0 127.0.0.1:123
Nov 27 19:39:35 ntpd[6708]: Listen normally on 2 lo0 [::1]:123
Nov 27 19:39:35 ntpd[6708]: Listen and drop on 1 v4wildcard 0.0.0.0:123
Nov 27 19:39:35 ntpd[6708]: Listen and drop on 0 v6wildcard [::]:123
Nov 27 19:39:35 ntpd[6708]: restrict: 'monitor' cannot be disabled while 'limited' is enabled
Nov 27 19:39:35 ntpd[6708]: gps base set to 2019-11-10 (week 2079)
Nov 27 19:39:35 ntpd[6708]: basedate set to 2019-11-08
Nov 27 19:39:35 ntpd[6708]: proto: precision = 0.099 usec (-23)
Nov 27 19:39:35 ntpd[71464]: Command line: /usr/local/sbin/ntpd -g -c /var/etc/ntpd.conf -p /var/run/ntpd.pid
Nov 27 19:39:35 ntpd[71464]: ntpd 4.2.8p13@1.3847-o Wed Nov 20 03:44:23 UTC 2019 (1): Starting
Nov 27 19:39:35 ntpd[66154]: 132.163.96.2 local addr 73.19.35.19 -> <null>
Nov 27 19:39:35 ntpd[66154]: 216.239.35.12 local addr 73.19.35.19 -> <null>
Nov 27 19:39:35 ntpd[66154]: 96.245.170.99 local addr 73.19.35.19 -> <null>
Nov 27 19:39:35 ntpd[66154]: 129.250.35.250 local addr 73.19.35.19 -> <null>
Nov 27 19:39:35 ntpd[66154]: 162.159.200.123 local addr 73.19.35.19 -> <null>
Nov 27 19:39:35 ntpd[66154]: 69.89.207.199 local addr 73.19.35.19 -> <null>
Nov 27 19:39:35 ntpd[66154]: ntpd exiting on signal 15 (Terminated)
(https://i.ibb.co/KjQpxZw/NTP-General.png)
-
Hyper-V will force the time so you could try to disable NTP (clear the servers in the settings).
But then again if Hyper-V wants to sync it a minute in the past / future the time of the Windows running Hyper-V is simply off and that could be fixed.
Another approach would be to disable Hyper-V time sync in the host. No idea how to do that.
Cheers,
Franco
-
Okay, I'll try that today. Thank you!
Sent from my Pixel 3 XL using Tapatalk
-
Disabling NTP in OPNsense and letting the Hyper-V time sync integration service do its magic is definitely the way to go. No configuration required. The Hyper-V host's clock needs to be accurate, so make sure Windows syncs to a reliable time server.
Cheers
Maurice
-
Hyper-V will force the time so you could try to disable NTP (clear the servers in the settings).
But then again if Hyper-V wants to sync it a minute in the past / future the time of the Windows running Hyper-V is simply off and that could be fixed.
Another approach would be to disable Hyper-V time sync in the host. No idea how to do that.
Cheers,
Franco
This did the trick. Thank you folks!