Using an ESX host as an NTP server
search cancel

Using an ESX host as an NTP server


Article ID: 340475


Updated On:


VMware vSphere ESXi


ESX hosts, by default, are not configured to act as an NTP server and do not respond to NTP queries from client machines.


VMware ESX 4.0.x
VMware ESX Server 3.0.x
VMware ESX 4.1.x
VMware ESX Server 3.5.x


Before performing the following steps, configure the ESX Server host as an NTP client. For more information, see Installing and Configuring NTP on VMware ESX Server (1339) .

  1. Edit the /etc/ntp.conf file to remove the restrictions preventing client access to the ESX Server host.
    1. Make a backup copy of the /etc/ntp.conf file:

      cp /etc/ntp.conf /etc/ntp.conf.bk

    2. Use an editor such as nano or vi and edit the /etc/ntp.conf file and comment out the following line by placing a hash at the beginning:

      #restrict default ignore

    3. Add a line for each network that accesses the ESX Server host as an NTP source:

      restrict mask nomodify notrap

    4. Save the /etc/ntp.conf file and quit the editor.

  2. Create a custom service for the NTP server on the ESX Server host.

    The custom service does not go into the /etc/vmware/firewall/services.xml file. Instead, create a new file in the same directory, such as custom.xml . In this file, place the following, specifying a unique ID.

    <service id='0045'>
    <port type='dst'>123</port>

    Caution: Do not keep backups or copies of any files in the /etc/vmware/firewall/ directory as all files in this directory are parsed and duplicates may cause hostd to crash.

  3. Restart the ESX Server Management and NTP services for the changes to take effect:

    [root@server root]# service mgmt-vmware restart

    [root@server root]# service ntpd restart

    For more information on restarting management agents, see Restarting the Management agents on an ESX or ESXi Server (1003490).
To configure NTP clients from VI client:
  1. Connect to the ESX host or vCenter Server using VI Client.
  2. Click Configuration > Time Configuration.
  3. Click Properties.
  4. In the NTP Configuration section, select the NTP Client Enabled checkbox.
  5. In the General section, click Options and select Start and Stop with Host.
  6. In the NTP Configuration section, click Add to add an NTP server (or multiple servers). Remove which is the local system clock.
  7. Click OK to apply your changes and start the service.

    Note: Built-in ESX Server firewall rules will automatically be modified to allow outgoing connections on port 123. Your server clock should start shortly after syncing with the NTP server you selected. You can check the current time by clicking the Refresh link in the VI Client.