w32tm/NTP timeout after 1000ms - Satellite link RRS feed

  • Question

  • Hi all,

    I have a problem with NTP sync from our HQ to a lot of our small branch sites. The sites uses satellite links to connect to HQ, they are not part of the domain and on the outside of our firewall. Until now the time on the branch sites haven't been synced, so sometimes you got mail delivered before the it was sent and other stupid, time related, non critical problems :)

    The problem got worse after we stopped installing our branch servers on bare metal, but its still just a bit annoying.  

    As an easy fix I configured a NTPserver and started syncing branch servers. And for the most part its working flawlessly. However if the latency is over 1000ms i just get a "Error 0x800705B4" when i try to sync. If the site sometimes have a lower latency its all fine, but as soon as it get over 1000ms w32tm just gives up.

    This is a problem for the sites that always have a latency over 1000ms.  So is it possible to get w32tm to work a bit harder? Is it possible to configure the latency threshold?

    Or do I need to rely on third-party solutions? 

    The servers in question are win2003 standard.  I configured them with this "script":

    echo current setup:
    net time /querysntp
    echo TimeZone should be UTC:
    w32tm /tz
    echo Continue to configure NTP:
    w32tm /config /manualpeerlist:NTPserverIP,0x9 /syncfromflags:MANUAL /reliable:yes
    w32tm /config /update
    net stop w32time
    net start w32time
    w32tm /resync
    echo Verify setup, should be: NTPserverIP,0x9 and under 0 sec drift.
    net time /querysntp
    w32tm /stripchart /computer:NTPserverIP /samples:5 /dataonly
    timeout 10

    • Edited by And-Ros Monday, November 19, 2012 2:58 PM
    Monday, November 19, 2012 2:40 PM

All replies

  • Your main DC sync where ? on a ntp on the internet in exemple ?

    I ask because if you sync via a VPN's tunnel on a satellite site, it will always go over such stat, but did you tried to sync with the same's one that your main office use. To bypass all the VPN's tunnelling load.

    MCP | MCTS 70-236: Exchange Server 2007, Configuring

    Want to follow me ?  |  Blog: http://www.jabea.net | http://blogs.technet.com/b/wikininjas/

    • Marked as answer by Andy Qi Tuesday, December 4, 2012 9:00 AM
    • Unmarked as answer by And-Ros Tuesday, December 4, 2012 9:04 AM
    Tuesday, November 20, 2012 1:47 AM
  • And-Ros, When you will get time, please let us know more detail. It's ok to un-mark, but we can't help much if you don't give detail.

    In my own experiance, I never achieved good tunneling with satellite's office, but bear in mind that the tunelling cause longer delay.

    Thats why, dropping the ntp via the tunnel might help you out. If you don't need the tunnel for anything else, then you will save a lot of bandwidth to drop the tunnel and sync the server as the same outside ntp server than your dc.

    ELSE, if you really need the tunnel, then check your router at the remote office. Make it priorise the vpn tunnel, by keeping like 75% of the wan link. And make QoS inside for ntp's traffic

    MCP | MCTS 70-236: Exchange Server 2007, Configuring

    Twitter - @yagmoth555 ()
    Blog: http://www.jabea.net | http://blogs.technet.com/b/wikininjas/

    Tuesday, December 4, 2012 4:54 PM