📖 ~1 min read
Table of contents
Symptom & Impact
Clock drift breaks certificate validation and distributed service coordination.
Environment & Reproduction
pkg fetch reports certificate not yet valid or expired, and logs show significant time jumps.
Root Cause Analysis
Physical hosts and VMs where ntpd is disabled or blocked from upstream servers.
Quick Triage
Outbound UDP/123 access, root shell, and approved NTP server list.
Step-by-Step Diagnosis
[image_ref: 0] Run date -u; service ntpd status; ntpq -pn; sockstat -4 -6 | grep ntpd; grep -v ‘^#’ /etc/ntp.conf.
Solution – Primary Fix
[image_ref: 1] Set ntpd_enable=”YES” and ntpd_sync_on_start=”YES” in /etc/rc.conf; ensure valid pool/server lines in ntp.conf.
Still having issues? Our IT Solutions & Services team can diagnose and resolve this for you. Get in touch for a free consultation.
Solution – Alternative Approaches
Apply settings with sysrc, restart daemon via service ntpd restart, and force initial correction if needed using service ntpd onerestart after stop.
Verification & Acceptance Criteria
ntpq -pn shows reachable peers and offset converges to low milliseconds over time.
Rollback Plan
Revert to previous ntp.conf and remove custom servers if they caused stratum instability.
Prevention & Hardening
Monitor time offset and alert when drift exceeds policy thresholds.
Related Errors & Cross-Refs
Escalate when hypervisor clock or hardware RTC errors repeatedly override ntpd corrections.
Related tutorial: View the step-by-step tutorial for freebsd-14.
View all freebsd-14 tutorials on the Tutorials Hub →
Browse all common problems & solutions on the Tutorials Hub.
References & Further Reading
ntpd(8), ntp.conf(5), rc.conf(5), FreeBSD time services documentation.
Need Expert Help?
If you cannot resolve this yourself, our team offers hands-on Server Management, Managed IT Services, and flexible Support Plans. Contact us today — we respond within one business day.
