Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
9338
Views
4
Helpful
7
Replies

Microsoft Windows Server 2003 as NTP server for IOS clients

vigleik
Level 1
Level 1

‎05-14-2008 11:30 PM

I am trying to synchronize the clock in my switches using a Windows 2003 ntp server. Debugging shows that the switch receives an answer from the server, but will not accept it. Debugging shows "Failed validity tests 20" which I think means "bogus packet received".

On the server side I have changed the registry key HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Config\LocalClockDispersion from the default value 10 to 0, found that tip on the web. I also adjusted the switch clock manually so that the difference was less than a minute. Did not help.

I am currently testing with a 2960G with IOS 12.2(25)SEE3

Here is the debug output: (ntp events, ntp packets, ntp validity)

May 14 16:07:25: NTP: xmit packet to <server ip address> :

May 14 16:07:25: leap 3, mode 3, version 3, stratum 0, ppoll 64

May 14 16:07:25: rtdel 0000 (0.000), rtdsp 10001 (1000.015), refid 00000000 (0.0.0.0)

May 14 16:07:25: ref 00000000.00000000 (01:00:00.000 CET Mon Jan 1 1900)

May 14 16:07:25: org CBD57216.A8000000 (16:13:42.656 CEST Wed May 14 2008)

May 14 16:07:25: rec CBD5705D.5075BD5A (16:06:21.314 CEST Wed May 14 2008)

May 14 16:07:25: xmt CBD5709D.515717A2 (16:07:25.317 CEST Wed May 14 2008)

May 14 16:07:25: NTP: rcv packet from <server ip address> to <switch ip address> on Vlan5:

May 14 16:07:25: leap 3, mode 4, version 3, stratum 0, ppoll 64

May 14 16:07:25: rtdel 0000 (0.000), rtdsp 10400 (1015.625), refid 00000000 (0.0.0.0)

May 14 16:07:25: ref CBBA0238.40395810 (20:45:12.250 CEST Wed Apr 23 2008)

May 14 16:07:25: org CBD5709D.515717A2 (16:07:25.317 CEST Wed May 14 2008)

May 14 16:07:25: rec CBD57256.AC000000 (16:14:46.671 CEST Wed May 14 2008)

May 14 16:07:25: xmt CBD57256.AC000000 (16:14:46.671 CEST Wed May 14 2008)

May 14 16:07:25: inp CBD5709D.56C08EFA (16:07:25.338 CEST Wed May 14 2008)

May 14 16:07:25: NTP: packet from <server ip address> failed validity tests 20

May 14 16:07:25: Peer/Server Clock unsynchronized

Labels:
0 Helpful
7 Replies 7

Danilo Dy
VIP Alumni
VIP Alumni

‎05-15-2008 01:43 AM

Hi,

Try using MEINBERG http://www.meinberg.de/english/sw/ntp.htm install it in your Windows 2003.

Regards,

Dandy

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to Danilo Dy

‎05-15-2008 03:42 AM

VIGLEIK

I believe that the error code of 20 indicates that the peer clock is unsynchronized. Cisco will not sync to a time source that is not synchronized. I believe that the fundamental issue is that Windows runs a simplified implementation of the time protocol and not a full NTP implementation.

I believe that the suggestion from Dandy is good. If you have something like Meinberg on the Windows server that is running a full NTP implementation then Cisco would be able to sync to it.

HTH

Rick

HTH

Rick
0 Helpful

vigleik
Level 1
Level 1
In response to Richard Burts

‎05-15-2008 06:06 AM

Thank you. I didn't need to install the 3rdparty solution.

Turned out that my Windows server was not really synchronized after all. Fixed that, and now it's working.

Vigleik.

0 Helpful

lomonaco
Level 1
Level 1
In response to vigleik

‎05-15-2008 06:17 AM

Hi vigleik,

Congratulations...

If possible, please share the steps you

did to to synchronize the clock in yours

switches using a Windows 2003 ntp server

Thanks in Advanced

Andre Lomonaco

0 Helpful

sindan
Level 1
Level 1
In response to vigleik

‎05-15-2008 10:58 AM

Can you please show how did you syncronize the switches with the Windows server?

0 Helpful

vigleik
Level 1
Level 1
In response to sindan

‎05-15-2008 11:27 PM

Nothing much in the switch, just

clock timezone CET 1

clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 3:00

ntp server x.x.x.x

At the Windows 2003 server I changed two registry keys, but I think the first one was not needed.

HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Config\LocalClockDispersion changed from 10 to 0

w32tm /config /update

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\Type="NT5DS"

Restarted Windows time service

Note that NT5DS means that this server will get its time from another domain controller in my domain.

The point is to make sure that time really is synchronized at the server. If you want the server to sync from an external source, consider changing the source to something other than time.windows.com

net time /querysntp and net time /setsntp

Vigleik

Gavin Barber
Level 1
Level 1
In response to vigleik

‎03-04-2010 04:19 AM

This article just solved a problem where our NTP configured on W2K3 to our Cisco environment suddenly stoppped working, the final post about changing the registy key from 10 to 0 has resolved all our NTP issues so thanks

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents