12-30-2008 07:55 AM - edited 03-06-2019 03:11 AM
Hi all,
We'd like to use a Catalyst 6500 as NTP server for all devices in the network.
On the 6500, we added the following commands :
ntp trusted-key 10
ntp authenticate
ntp authentication-key 10 md5 xxx
ntp master
On the client :
ntp server <IP_loopback_6500>
ntp source l0
ntp authentication-key 10 md5 xxx
we have the following output on the client
SW_1#sh ntp associations
address ref clock st when poll reach delay offset disp
~172.255.254.161 0.0.0.0 16 101 64 0 0.0 0.00 16000.
* master (synced), # master (unsynced), + selected, - candidate, ~ configured
SW_1#sh ntp associations d
172.255.254.161 configured, insane, invalid, unsynced, stratum 16
ref ID 0.0.0.0, time 00000000.00000000 (00:00:00.000 UTC Mon Jan 1 1900)
our mode client, peer mode unspec, our poll intvl 64, peer poll intvl 64
root delay 0.00 msec, root disp 0.00, reach 0, sync dist 0.000
delay 0.00 msec, offset 0.0000 msec, dispersion 16000.00
precision 2**5, version 3
org time CD04D7BE.25C861C4 (17:24:14.147 UTC Tue Dec 30 2008)
rcv time AF3C2A00.EDD4E899 (06:21:52.929 UTC Mon Mar 1 1993)
xmt time AF3C2A40.ECB62DF3 (06:22:56.924 UTC Mon Mar 1 1993)
filtdelay = 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
filtoffset = 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
filterror = 16000.0 16000.0 16000.0 16000.0 16000.0 16000.0 16000.0 16000.0
What should be the right command to use so that other devices could have time from the 6500?
Solved! Go to Solution.
12-31-2008 07:31 AM
Does it work if you remove the NTP authentication on both client and server?
If so, then we can troubleshoot the authentication piece.
__
Edison.
12-30-2008 08:02 AM
I know it's a bit obvious but just a quick sanity check -
SW_1 can ping the 6500 loopback address
The 6500 can ping SW_1 loopback address
Jon
12-30-2008 08:06 AM
The client is seeing the NTP server as stratum 16. Can we see the show ntp asso and show ntp sta from the 6500?
__
Edison.
12-30-2008 08:21 AM
Hi, I think you need to configure an authorative time source on the 6500 for it to sync it's clock to before it's seen as anything other than stratum 16 and insane.
You will need to find a public NTP server in your location and point the 6500 at that with the
!
ntp server
!
command. Make sure you allow NTP through any acls you have between 6500 and internet.
Google public NTP servers for a list and check whether the admins of the servers require notification before use.
Hope this helps
12-31-2008 12:29 AM
Hi all,
Server and client can ping each other.
Here is the conf of ntp and ntp status
SWT_Client#sh ntp status
Clock is unsynchronized, stratum 16, no reference clock
nominal freq is 119.2092 Hz, actual freq is 119.2092 Hz, precision is 2**18
reference time is 00000000.00000000 (00:00:00.000 UTC Mon Jan 1 1900)
clock offset is 0.0000 msec, root delay is 0.00 msec
root dispersion is 0.00 msec, peer dispersion is 0.00 msec
SWT_Client#sh run | inc ntp
ntp authentication-key 10 md5 09625A1932000E32090F096B 7
ntp trusted-key 10
ntp source Loopback0
ntp server 172.255.254.161 key 10 prefer
SWT_Client#sh ntp associations d
172.255.254.161 configured, insane, invalid, unsynced, stratum 16
ref ID 0.0.0.0, time 00000000.00000000 (00:00:00.000 UTC Mon Jan 1 1900)
our mode client, peer mode unspec, our poll intvl 64, peer poll intvl 64
root delay 0.00 msec, root disp 0.00, reach 0, sync dist 0.000
delay 0.00 msec, offset 0.0000 msec, dispersion 16000.00
precision 2**5, version 3
org time CD04D7BE.25C861C4 (17:24:14.147 UTC Tue Dec 30 2008)
rcv time AF3C2A00.EDD4E899 (06:21:52.929 UTC Mon Mar 1 1993)
xmt time AF3D2800.ED745EBA (00:25:36.927 UTC Tue Mar 2 1993)
filtdelay = 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
filtoffset = 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
filterror = 16000.0 16000.0 16000.0 16000.0 16000.0 16000.0 16000.0 16000.0
SWT_Server#sh ntp st
Clock is synchronized, stratum 1, reference is .LOCL.
nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**24
reference time is CD05A9E7.8F467E74 (08:20:55.559 UTC Wed Dec 31 2008)
clock offset is 0.0000 msec, root delay is 0.00 msec
root dispersion is 0.02 msec, peer dispersion is 0.02 msec
SWT_Server#sh run | inc ntp
ntp authentication-key 10 md5 0525121F0A4957291B061A53 7
ntp broadcastdelay 1
ntp source Loopback0
ntp master 1
ntp update-calendar
SWT_Server#sh ntp ass d
127.127.7.1 configured, our_master, sane, valid, stratum 0
ref ID .LOCL., time CD05AB27.8F44B099 (08:26:15.559 UTC Wed Dec 31 2008)
our mode active, peer mode passive, our poll intvl 64, peer poll intvl 64
root delay 0.00 msec, root disp 0.00, reach 377, sync dist 0.015
delay 0.00 msec, offset 0.0000 msec, dispersion 0.02
precision 2**18, version 3
org time CD05AB27.8F44B099 (08:26:15.559 UTC Wed Dec 31 2008)
rcv time CD05AB27.8F44B099 (08:26:15.559 UTC Wed Dec 31 2008)
xmt time CD05AB27.8F44269D (08:26:15.559 UTC Wed Dec 31 2008)
filtdelay = 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
filtoffset = 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
filterror = 0.02 0.99 1.97 2.94 3.92 4.90 5.87 6.85
Reference clock status: Running normally
Timecode:
12-31-2008 07:31 AM
Does it work if you remove the NTP authentication on both client and server?
If so, then we can troubleshoot the authentication piece.
__
Edison.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: