Strange ntp problem

Answered Question
Jan 11th, 2010

Hi

I have a 6509 which just wont ntp sync no matter which synced up device I point it too, I think it's something to do with a server that should be getting it's ntp update from my switch which you can see in paste below. This switch is connected to a router which is synced up with another router which in turn is synced up to a ntp server, it doesn't matter which device I point my switch at, the stratum is always 16 and it's not blocked by an acl.

config of ntp switch

ntp clock-period 17180032
ntp source Loopback0
ntp update-calendar
ntp server 10.231.223.130 prefer
ntp server 10.181.206.209

sh ntp status
Clock is unsynchronized, stratum 16, no reference clock
nominal freq is 250.0000 Hz, actual freq is 249.9976 Hz, precision is 2**18
reference time is CED80B6F.E15D73F7 (02:33:19.880 GMT Sun Dec 20 2009)
clock offset is 2.6046 msec, root delay is 59.16 msec
root dispersion is 4.65 msec, peer dispersion is 0.81 msec

sh ntp associations

      address         ref clock     st  when  poll reach  delay  offset    disp
  10.231.65.6      .LOCL.            1    13    64  101     0.0    0.00  16000.
~10.231.223.130   0.0.0.0          16     -    64    0     0.0    0.00  16000.
~10.181.206.209   0.0.0.0          16     -    64    0     0.0    0.00  16000.
* master (synced), # master (unsynced), + selected, - candidate, ~ configured

cheers guys

Kevin

I have this problem too.
0 votes
Correct Answer by Ganesh Hariharan about 7 years 2 weeks ago

Hi,

If you see the ntp associaion output it says

The 'reach' counter shows a value of 0 for the following configured NTP
server IP address(es):
  10.228.171.169
  10.231.223.130
This means that the device did not receive at least the last eight NTP packets it expects to receive. Usually this counter shows a value of "377" which means that device has received at least the last eight NTP packets.

Try the following steps

Make sure that NTP server IP address(es) mentioned above is reachable by pinging
the server IP address(es).

Enable the debug ntp packet command to make sure that NTP packets are received

Issue the command show ntp status on the server(s) to make sure that NTP server
has synched itself. If it is not synched, verify the server NTP configuration.
The show ntp status of the server should display a status of 'sync' before
clients can sync their clock with the server. If the NTP server is not synchronized
itself try to disable and re-enable the NTP configuration on the server.

Verify that the 'stratum' value configured on the server is valid for your setup.
Configure a high stratum number to ensure that this router does not override
the clock on another system with a lower stratum number. The lower stratum number
indicates a more reliable clock.

After these steps if no use just delete the ntp configuration and then configure once then check what is the status.

Hope that helps out your query !!

Regards

Ganesh.H

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
ktwaddell Tue, 01/12/2010 - 00:28

Hi

No it's not an acl problem and we don't have a default gateway configure (where was you going with that?)

The core router which is synced up is directly connected to the switch, pings of 1ms as you would expect, all other traffic runs fine so it's an good connection (plus I've checked anyway).

What I don't understand is this local that is coming up st a st of 1, 1st I haven't configured any local devices and no commands to try and move it.

Cheers

Kev

Jon Marshall Tue, 01/12/2010 - 01:15

ktwaddell wrote:

Hi

No it's not an acl problem and we don't have a default gateway configure (where was you going with that?)

The core router which is synced up is directly connected to the switch, pings of 1ms as you would expect, all other traffic runs fine so it's an good connection (plus I've checked anyway).

What I don't understand is this local that is coming up st a st of 1, 1st I haven't configured any local devices and no commands to try and move it.

Cheers

Kev

Who really cares

I sent you an e-mail a while back as my e-mail has changed so i thought you'd left.

Can you post NTP config from 10.231.223.130.

Also when you ping from the 6500 are you doing an extended ping with the source as loopback0 ?

Edit - what version of IOS are you running on the 6500 ?

Jon

ktwaddell Tue, 01/12/2010 - 01:39

Well no doubt it's your NTP design mate

I never got that email Jon!!!!!!!! re-email me mate

Right

10.231.223.130 is bbp-cr01 and the ntp config is

ntp clock-period 17179972
ntp source Loopback1
ntp update-calendar
ntp server 10.228.171.169
ntp server 10.182.167.15
ntp server 10.231.223.130 (don't know why it has it self)

# sh ntp associations

      address         ref clock     st  when  poll reach  delay  offset    disp
~10.228.171.169   0.0.0.0          16   974  1024    0     0.0    0.00  16000.
*~10.182.167.15    .MSF.             1     4  1024  377    32.1   -8.11    13.5
~10.231.223.130   0.0.0.0          16     -  1024    0     0.0    0.00  16000.
* master (synced), # master (unsynced), + selected, - candidate, ~ configured

The switch is buc-cs1 (cs2 isn't syncing up either for that matter)

ver is 12.2(18)S

yes loopback 0 is fully reachable and I have tried other ip addreses as well, including the point to point with the router.

cheers

Kev

Jon Marshall Tue, 01/12/2010 - 01:50

ktwaddell wrote:

Well no doubt it's your NTP design mate

I never got that email Jon!!!!!!!! re-email me mate

Right

10.231.223.130 is bbp-cr01 and the ntp config is

ntp clock-period 17179972
ntp source Loopback1
ntp update-calendar
ntp server 10.228.171.169
ntp server 10.182.167.15
ntp server 10.231.223.130 (don't know why it has it self)

# sh ntp associations

      address         ref clock     st  when  poll reach  delay  offset    disp
~10.228.171.169   0.0.0.0          16   974  1024    0     0.0    0.00  16000.
*~10.182.167.15    .MSF.             1     4  1024  377    32.1   -8.11    13.5
~10.231.223.130   0.0.0.0          16     -  1024    0     0.0    0.00  16000.
* master (synced), # master (unsynced), + selected, - candidate, ~ configured

The switch is buc-cs1 (cs2 isn't syncing up either for that matter)

ver is 12.2(18)S

yes loopback 0 is fully reachable and I have tried other ip addreses as well, including the point to point with the router.

cheers

Kev

Hmmm, probably is something to do with me, damn it

Not entirely sure what your'e e-mail is as i lost all my old mail. I have a new address so drop me a quick line.

[email protected]

Right i'm off to get breakfast so i'll have a think about the NTP thing. To be honest i have seen this before. Could you perhaps turn on debugging for NTP and then remove and add the config to the switch again to see what happens.

Jon

Correct Answer
Ganesh Hariharan Tue, 01/12/2010 - 02:24

Hi,

If you see the ntp associaion output it says

The 'reach' counter shows a value of 0 for the following configured NTP
server IP address(es):
  10.228.171.169
  10.231.223.130
This means that the device did not receive at least the last eight NTP packets it expects to receive. Usually this counter shows a value of "377" which means that device has received at least the last eight NTP packets.

Try the following steps

Make sure that NTP server IP address(es) mentioned above is reachable by pinging
the server IP address(es).

Enable the debug ntp packet command to make sure that NTP packets are received

Issue the command show ntp status on the server(s) to make sure that NTP server
has synched itself. If it is not synched, verify the server NTP configuration.
The show ntp status of the server should display a status of 'sync' before
clients can sync their clock with the server. If the NTP server is not synchronized
itself try to disable and re-enable the NTP configuration on the server.

Verify that the 'stratum' value configured on the server is valid for your setup.
Configure a high stratum number to ensure that this router does not override
the clock on another system with a lower stratum number. The lower stratum number
indicates a more reliable clock.

After these steps if no use just delete the ntp configuration and then configure once then check what is the status.

Hope that helps out your query !!

Regards

Ganesh.H

ktwaddell Tue, 01/12/2010 - 06:19

Hi

A no ntp, wait a few mins then re-apply the config on the devices that were syncing has made the devices sync up.

Now the server connected still isn't syncing with now synced device, but we are getting there

Thanks everyone

Kev

Actions

This Discussion