01-11-2010 07:40 AM - edited 03-06-2019 09:14 AM
Hi
I have a 6509 which just wont ntp sync no matter which synced up device I point it too, I think it's something to do with a server that should be getting it's ntp update from my switch which you can see in paste below. This switch is connected to a router which is synced up with another router which in turn is synced up to a ntp server, it doesn't matter which device I point my switch at, the stratum is always 16 and it's not blocked by an acl.
config of ntp switch
ntp clock-period 17180032
ntp source Loopback0
ntp update-calendar
ntp server 10.231.223.130 prefer
ntp server 10.181.206.209
sh ntp status
Clock is unsynchronized, stratum 16, no reference clock
nominal freq is 250.0000 Hz, actual freq is 249.9976 Hz, precision is 2**18
reference time is CED80B6F.E15D73F7 (02:33:19.880 GMT Sun Dec 20 2009)
clock offset is 2.6046 msec, root delay is 59.16 msec
root dispersion is 4.65 msec, peer dispersion is 0.81 msec
sh ntp associations
address ref clock st when poll reach delay offset disp
10.231.65.6 .LOCL. 1 13 64 101 0.0 0.00 16000.
~10.231.223.130 0.0.0.0 16 - 64 0 0.0 0.00 16000.
~10.181.206.209 0.0.0.0 16 - 64 0 0.0 0.00 16000.
* master (synced), # master (unsynced), + selected, - candidate, ~ configured
cheers guys
Kevin
Solved! Go to Solution.
01-12-2010 02:24 AM
Hi,
If you see the ntp associaion output it says
The 'reach' counter shows a value of 0 for the following configured NTP
server IP address(es):
10.228.171.169
10.231.223.130
This means that the device did not receive at least the last eight NTP packets it expects to receive. Usually this counter shows a value of "377" which means that device has received at least the last eight NTP packets.
Try the following steps
Make sure that NTP server IP address(es) mentioned above is reachable by pinging
the server IP address(es).
Enable the debug ntp packet command to make sure that NTP packets are received
Issue the command show ntp status on the server(s) to make sure that NTP server
has synched itself. If it is not synched, verify the server NTP configuration.
The show ntp status of the server should display a status of 'sync' before
clients can sync their clock with the server. If the NTP server is not synchronized
itself try to disable and re-enable the NTP configuration on the server.
Verify that the 'stratum' value configured on the server is valid for your setup.
Configure a high stratum number to ensure that this router does not override
the clock on another system with a lower stratum number. The lower stratum number
indicates a more reliable clock.
After these steps if no use just delete the ntp configuration and then configure once then check what is the status.
Hope that helps out your query !!
Regards
Ganesh.H
01-11-2010 09:09 AM
Hi,
Have you checked for ACLs?
01-11-2010 04:36 PM
Does your switch have an ip default-gateway configured?
01-12-2010 12:28 AM
Hi
No it's not an acl problem and we don't have a default gateway configure (where was you going with that?)
The core router which is synced up is directly connected to the switch, pings of 1ms as you would expect, all other traffic runs fine so it's an good connection (plus I've checked anyway).
What I don't understand is this local that is coming up st a st of 1, 1st I haven't configured any local devices and no commands to try and move it.
Cheers
Kev
01-12-2010 01:15 AM
ktwaddell wrote:
Hi
No it's not an acl problem and we don't have a default gateway configure (where was you going with that?)
The core router which is synced up is directly connected to the switch, pings of 1ms as you would expect, all other traffic runs fine so it's an good connection (plus I've checked anyway).
What I don't understand is this local that is coming up st a st of 1, 1st I haven't configured any local devices and no commands to try and move it.
Cheers
Kev
Who really cares
I sent you an e-mail a while back as my e-mail has changed so i thought you'd left.
Can you post NTP config from 10.231.223.130.
Also when you ping from the 6500 are you doing an extended ping with the source as loopback0 ?
Edit - what version of IOS are you running on the 6500 ?
Jon
01-12-2010 01:39 AM
Well no doubt it's your NTP design mate
I never got that email Jon!!!!!!!! re-email me mate
Right
10.231.223.130 is bbp-cr01 and the ntp config is
ntp clock-period 17179972
ntp source Loopback1
ntp update-calendar
ntp server 10.228.171.169
ntp server 10.182.167.15
ntp server 10.231.223.130 (don't know why it has it self)
# sh ntp associations
address ref clock st when poll reach delay offset disp
~10.228.171.169 0.0.0.0 16 974 1024 0 0.0 0.00 16000.
*~10.182.167.15 .MSF. 1 4 1024 377 32.1 -8.11 13.5
~10.231.223.130 0.0.0.0 16 - 1024 0 0.0 0.00 16000.
* master (synced), # master (unsynced), + selected, - candidate, ~ configured
The switch is buc-cs1 (cs2 isn't syncing up either for that matter)
ver is 12.2(18)S
yes loopback 0 is fully reachable and I have tried other ip addreses as well, including the point to point with the router.
cheers
Kev
01-12-2010 01:50 AM
ktwaddell wrote:
Well no doubt it's your NTP design mate
I never got that email Jon!!!!!!!! re-email me mate
Right
10.231.223.130 is bbp-cr01 and the ntp config is
ntp clock-period 17179972
ntp source Loopback1
ntp update-calendar
ntp server 10.228.171.169
ntp server 10.182.167.15
ntp server 10.231.223.130 (don't know why it has it self)# sh ntp associations
address ref clock st when poll reach delay offset disp
~10.228.171.169 0.0.0.0 16 974 1024 0 0.0 0.00 16000.
*~10.182.167.15 .MSF. 1 4 1024 377 32.1 -8.11 13.5
~10.231.223.130 0.0.0.0 16 - 1024 0 0.0 0.00 16000.
* master (synced), # master (unsynced), + selected, - candidate, ~ configuredThe switch is buc-cs1 (cs2 isn't syncing up either for that matter)
ver is 12.2(18)S
yes loopback 0 is fully reachable and I have tried other ip addreses as well, including the point to point with the router.
cheers
Kev
Hmmm, probably is something to do with me, damn it
Not entirely sure what your'e e-mail is as i lost all my old mail. I have a new address so drop me a quick line.
Right i'm off to get breakfast so i'll have a think about the NTP thing. To be honest i have seen this before. Could you perhaps turn on debugging for NTP and then remove and add the config to the switch again to see what happens.
Jon
01-12-2010 02:24 AM
Hi,
If you see the ntp associaion output it says
The 'reach' counter shows a value of 0 for the following configured NTP
server IP address(es):
10.228.171.169
10.231.223.130
This means that the device did not receive at least the last eight NTP packets it expects to receive. Usually this counter shows a value of "377" which means that device has received at least the last eight NTP packets.
Try the following steps
Make sure that NTP server IP address(es) mentioned above is reachable by pinging
the server IP address(es).
Enable the debug ntp packet command to make sure that NTP packets are received
Issue the command show ntp status on the server(s) to make sure that NTP server
has synched itself. If it is not synched, verify the server NTP configuration.
The show ntp status of the server should display a status of 'sync' before
clients can sync their clock with the server. If the NTP server is not synchronized
itself try to disable and re-enable the NTP configuration on the server.
Verify that the 'stratum' value configured on the server is valid for your setup.
Configure a high stratum number to ensure that this router does not override
the clock on another system with a lower stratum number. The lower stratum number
indicates a more reliable clock.
After these steps if no use just delete the ntp configuration and then configure once then check what is the status.
Hope that helps out your query !!
Regards
Ganesh.H
01-12-2010 06:19 AM
Hi
A no ntp, wait a few mins then re-apply the config on the devices that were syncing has made the devices sync up.
Now the server connected still isn't syncing with now synced device, but we are getting there
Thanks everyone
Kev
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: