This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Firewall Leap Second and Leap Year Compliance

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Firewall Leap Second and Leap Year Compliance

jperry1
L5 Sessionator

on ‎02-12-2015 03:53 PM - edited on ‎01-31-2020 07:14 AM by Retired Member

50% helpful (1/2)
Article updated on January 31, 2020. Updated Leap Second dates.

 

A leap second is a one-second adjustment that is applied to Coordinated Universal Time (UTC) in order to synchronize atomic clocks with astronomical clocks. The Earth's rotation around its own axis is slowing down gradually so a second is often added to compensate for this. Without this adjustment, there will be an increasing gap in the time between atomic time and astronomical time.

 

NOTE: The last leap second was added on December 31, 2016 at 23:59:60. The next possible Leap Second may be added on December 31, 2020.

 

The Palo Alto Networks firewall handles the leap second, as well as the leap year, in the following manner:

  • Leap second insertions should be picked up by time keeping NTP servers and devices acting as NTP clients will be able to synchronize their clocks with the servers.
  • Palo Alto Networks devices are NTP clients and will pick up the change from any in-house or global server.
  • If your IT department maintains an in-house NTP server, then make sure the leap second insertion has been picked up by this server in order for the clients to be properly synchronized.

 

Rate this article:
(1)
Comments
enyuan.wu
L2 Linker
‎01-11-2017 07:37 AM

Dear there,

 

How about the leap second handling of 31.12.2016 to 01.01.2017? On one active Panaroma server, we noticed that one higher CPU jump from 5%  to 20% during the lead second insertion, and it keeps the higher cpu ( average 20% )  since then until now, it lasts 11 days for  and  it even jumps to 80-90 percent for a while this morning during the business hour, one case is already open by PA, i have the feeling that this higher CPU is caused or related to that leap second. 

 

What do you think? Could you please verify with Panorama product developers?

 

Thank you for your cross-check and feedback.

 

Kind regards

Enyuan

reaper
Cyber Elite
Cyber Elite
‎01-11-2017 07:55 AM

Hi @enyuan.wu

 

An NTP update with a leap second should not cause much impact on the CPU. TAC should be able to confirm what is going and resolve the issue for you.

 

regards

Tom

  • 14568 Views
  • 2 comments
  • 1 Likes
Register or Sign-in
Contributors
Labels
Article Dashboard
Version history
Last Updated:
‎01-31-2020 07:14 AM
Updated by:
Retired Member
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks