There are two things you need to do to get the correct time in your Mikrotik.  First is to set the Time Zone.

Setting the Time Zone

  1. Go to System, then Clock
  2. Click on the drop-down next to Time Zone Name: and select a city in your time zone.  For example, I’m in Baltimore, so I select America/New_York
  3. Click Apply
  4. You should see your GMT Offset change

Next you have to set up your Mikrotik to pull the time info from an NTP server.

Setting the SNTP Client — Simple Network Time Protocol

There are two parts to this.  One is really simple and will work fine, but isn’t the right way to do it, technically.  Here is the first step.

  1. Go to System, then SNTP Client
  2. Click the Enabled checkbox
  3. Click the Mode drop-down and set it to unicast
  4. (this is the quick way to do it that we will change later)
    1. In WinBox, in the NTP Server box, type in the address of an NTP server.  For example, I use 0.pool.ntp.org
      1. This will NOT work in WebFig (the web interface on your Mikrotik).  It will just kick back an error saying that it’s expecting a numeric entry.
    2. Click Apply and it will resolve 0.pool.ntp.org into a numerical IP address like 50.28.8.233
    3. Shortly after you should see the greyed-out boxes in that SNTP Client window populate as it pulls info from that NTP Server
    4. Click OK

The way you should do it… periodically grab different NTP servers…

The reason a lot of the NTP servers out there on the internet have the word pool in them, is because they are actually a pool of servers that share the load of thousands of devices asking them what time it is.  It also means that if a particular server is down, you have a pool of others to draw from.  If your computer occasionally checks in with 0.pool.ntp.org to see what time it is, it will first resolve that into a numerical IP address.  Since it’s a pool, the IP address that it gets back will be different from time to time.  It doesn’t really matter to your computer, it just wants something to tell it what time it is.

If you do the steps I posted above, your Mikrotik will check in with ONE NTP server and will not grab from a pool of servers.  It does this because when you added 0.pool.ntp.org, the Mirkotik resolved the IP address and saved it.  The numerical IP address got saved, not the name of the pool.  Clear as mud?

How to run a script that resolves your NTP server from a pool

If you haven’t played with Scripts or the Scheduler yet, now’s your chance.

First you need to set up a script that will resolve the NTP server’s IP address and set your SNTP Client to use it.

Setting up a Script to resolve a NTP Server’s IP for you

  1. I do NOT recommend entering Scripts in WebFig.  There is a high likelyhood that it will jack up your formatting and cause the script not to run.  Just stick to WinBox for this.  (and for everything else…)
  2. Go to System, then Scripts
  3. Click + to add a new script
  4. Give it a Name that makes sense like Update_NTP.  (Don’t use spaces. It’s just easier.)
  5. Owner will be the name of the User you are logged in as.  If you ever delete this User for some reason, your script may not run.  In other words, one of the first things you should do when setting up your router is give yourself the permanent login you want and delete the ‘admin’ login if you choose to… :)
  6. I leave all the Policy boxes checked.  To be honest, I haven’t tested which ones are actually needed, but it works this way.
  7. Enter the following as the Script, you can fill in whatever NTP Server names you want, these are just the ones I use
  8. :delay 60s
    /system ntp client set primary-ntp=[:resolve 0.pool.ntp.org]
    /system ntp client set secondary-ntp=[:resolve 1.pool.ntp.org]
  9. Click Apply or OK
  10. You can also click Run Script and 1 minute later your SNTP Client info will be filled in

That is the first step.  Step two is to run the script at a certain interval.  It can be at startup, when the router is restarted, once a day, once a week, whatever.  I don’t have any info on what is a recommended interval for changing NTP servers.  Note that this is not the interval that the router will check in for accurate time info.  It does that at automatic intervals.  This is just for CHANGING which NTP server it’s trying to talk to.  Currently my system shows a 900s (15 minute) Poll Interval.

The first step of the script obviously tells it to wait 60 seconds before performing the next step.  The reason for this is if you have it set up to run at Startup, which you should, there is a good chance that your router AND your cable/DSL modem were rebooted as well.  That 60 second delay gives the modem a chance to start up and get settled, THEN attempts to resolve the NTP servers.  This is a good tip for any script that you have set to run at startup.  Hats off to Springs for that little nugget.

Setting up a Scheduler event to run that Script for you

  1.  Go to System, then Scheduler
  2. Click + to add a new Scheduler event
  3. Click Start Time and select Startup
  4. For Interval, select the interval you want the script to run AFTER it has run at startup
  5. In the On Event: box, simply type in the EXACT name of the Script you set up.  It has to be exact.  Think of it like it’s a command you’re typing in, because it is.  If you named your script Update_NTP, only enter Update_NTP in that box.
  6. Click Apply or OK

Checking that your Script and Scheduler are working

Checking your Script

First you want to check that your Script actually works.  In WinBox, open the System / SNTP Client window.  Then open a System / Scripts window and align them so you can see both of them at the same time.  Highlight your Update_NTP script and hit the Run Script button at the top of the window.  You should see the Run Count counter go up by one.  Because of the 60 second delay, you will have to wait to see anything else happen.

After the 60 second delay, you should see the values in the SNTP Client window change or at least update.  If you’ve waited a minute or two and it looks like nothing is happening, then go back and check your Script.  If you have an error or mistake in your script, usually what happens is nothing.  It doesn’t run and you don’t know why.  If you had run it from Terminal you would have at least seen an error message, but normally you won’t ‘see’ anything happening.

Make sure your formatting is OK, there should be three separate lines.  Make sure you didn’t copy and paste and accidentally cut off a couple character.  Etc…

Checking your Scheduler

If you have your schedule set up to run at startup, then simply reboot your router.  (System / Reboot)

***need to finish this part… ***

 

Tagged:
  • Springs

    Fun Fact… The DNS TTL resolve is under 10 minutes depending on which server it picked for 0.pool.ntp.org and 1.pool.ntp.org.

    Thinking like a bad 80s movie. Having a delay in a script that runs on an interval. Won’t it eventually match?

    Time to start making scripts to enable and disable scripts… this is gonna be fun!

  • Springs

    May I present…
    RunOnce.

    /system scheduler

    add disabled=no interval=0s name=StartUp on-event=RunOnce policy=\
    ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \
    start-time=startup

    /system script
    add name=RunOnce policy=\
    ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \
    source=”:delay 00:00:50\r\
    \n/system script run NTP\r\
    \n:delay 00:00:10\r\
    \n/system script run DYNdns”

    At boot time…
    Wait 50 seconds
    Run NTP Script Updater
    Wait 10 Seconds
    Run DYNdns Updater

    This is done one time.

    After that the old scripts handle it.

    No exponential growth. :)

    “This car has many buttons… buttons inside of other buttons… buttons controlling other buttons… super button…”

    • admin

      I haven’t played with this yet, but I wanted to look into the ‘exponential growth’ idea. I thought of that, but never sat down and worked out what would happen. So I’m going to do it here and see what I come up with… lol…

      1:00:00 – Router is plugged in and Startup script runs, starting 1 min. timer. DynDNS updater script timer also starts (10 minute intervals) (We’ll call this #1).
      1:01:00 – The remainder of the Startup script starts because 1 minute has passed.
      1:10:00 – Script #1 timer expires. DynDNS updater script #1 executes, but the first step is a 1 minute delay. A new 10 minute interval starts (#2).
      1:11:00 – The remainder of DynDNS updater script #1 runs.
      1:20:00 – Script #2 timer expires. DynDNS updater script #2 executes, but the first step is a 1 minute delay. A new 10 minute interval starts (#3).
      1:21:00 – The remainder of DynDNS updater script #2 runs.
      1:30:00 – Script #3 timer expires. DynDNS updater script #3 executes, but the first step is a 1 minute delay. A new 10 minute interval starts (#4).
      1:31:00 – etc…

      So unless the timers can’t run concurrently, I don’t THINK there would be an issue. I also think it isn’t a real ‘countdown timer’, I’m pretty sure it just does ‘current time + 10 minutes’ and triggers at that time.

      I THINK this is how it works. I can’t see more than 2 timers running at any one time… and I don’t think they are true ‘timers’ like I said above. But I DEFINITELY thought about the possibility of exponential growth to infinity, which is why I only tried this at my own house so far and haven’t seen any crazy memory or CPU use, so I figured it was safe to release in the wild. :)

  • Springs

    If two scripts are called at the same time they run in order they are listed.

    In my wacky world… every 1 hour 40 minutes you stacked scripts/actions. Its theory mostly… but why chance it?

    HOLY SHIT THAT IS AN UGLY PICTURE!

  • Ryan Posner – Frog AV

    So, I assume that the “Secondary NTP Server” in the SNTP Client config is only a backup if the first one fails, as opposed to doing what the script accomplishes?

    • admin

      Right, the ‘primary’ and ‘secondary’ NTP servers don’t really have anything to do with the Mikrotik. The secondary just kicks in if the primary doesn’t respond. I’ve seen it myself where the primary SNTP kicks back errors and it goes over to the secondary.

  • http://www.premier-es.com Pedro Diaz

    Any ideas why my NTP Update script is showing in red in the scrip list and not running even when I force it manually?
    This is exactly what I have in the script:
    :delay 60s
    /system ntp client set primary-ntp=[:resolve 0.pool.ntp.org]
    /system ntp client set secondary-ntp=[:resolve 1.pool.ntp.org]

  • http://www.premier-es.com Pedro Diaz

    and also has an invalid (I) on the left column

  • http://www.premier-es.com Pedro Diaz

    OK, I found the issue. Instead of creating the script inside Windbox, I did drag and drop an rsc file that I had created in notepad into the files window and then did the import in new terminal. Somehow the file was showing as invalid.