NTP Server on 6509

Answered Question
Jul 21st, 2010
User Badges:

Hi

I wanted to know how can i turn my 6509 switch into an NTP Sever for my network because all the time is off on all the gear that we have right now.

Correct Answer by Leo Laohoo about 6 years 9 months ago

I'm with Jon.  Thus my initial response of "I wouldn't configure Cisco appliance as an authoritative NTP server."


Sure, all of your switches can get their time sync on your 6500 but you don't have to configure "ntp master" to it.  Just point your switches to it using the command "ntp server [prefer]".


The reason why I don't recommend a Cisco appliance as an authoritative NTP/SNTP server is because the clock chip is similar to a PC.  It doesn't have a dedicated method of verifying.  You can, however, let your 6500 synchronize it's own clock with something that is authoritative.  You can get a cheap NTP server that uses GPS (best method so far).  Another option is to open a port in the firewall to allow the 6500 to talk to world-wide NTP pool.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (3 ratings)
Loading.
Siddharth Chand... Wed, 07/21/2010 - 14:20
User Badges:
  • Cisco Employee,

Hi,


I do not know if you are running CatOS or IOS:


For CatOS follow the link below:

http://www.cisco.com/en/US/partner/docs/switches/lan/catalyst6500/catos/5.x/configuration/guide/ntp.html


For 6500 running native check the link below. It explains configuration for HA if you have dual Supervisors, but you can understand the NTP configuration from it.


http://www.cisco.com/en/US/partner/products/hw/switches/ps700/products_tech_note09186a008010e97e.shtml


/* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;}

Sid Chandrachud

Customer Support Engineer

Cisco TAC

Leo Laohoo Wed, 07/21/2010 - 19:17
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

I wouldn't configure Cisco appliance as an authoritative NTP server.


If you have Windows servers, you can configure them to be an authoritative NTP server.


How to configure an authoritative time server in Windows XP
http://support.microsoft.com/kb/314054


How to configure an authoritative time server in Windows Server
http://support.microsoft.com/kb/816042


How to configure an authoritative time server in Windows 2000
http://support.microsoft.com/kb/216734


Otherwise, use a dedicated NTP server that synchronizes itself using GPS.

Ganesh Hariharan Wed, 07/21/2010 - 23:07
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Member's Choice, February 2016

Hi

I wanted to know how can i turn my 6509 switch into an NTP Sever for my network because all the time is off on all the gear that we have right now.


Hi,


If you are using cisco ios then issue the command in the config mode


ntp master 2

ntp source Loopback10


With ntp master the switch will be ntp master server for the lan and clinet needs to have reachbilty to ntp server on port 123 from client and on client end side just configure ntp server "ip address of the ntp server "


Hope to Help !!


Ganesh.H


Remember to rate the helpful post

scooter817 Thu, 07/22/2010 - 07:49
User Badges:

They really don't want to use a windows server for the NTP service,they want the 6509 to be the primary device for the time sync.

So what needs to happen is i will go to the 6509 and make it's internal clock the one that all other devices sync to and in order

to do this do i just add these commands ntp master 2   ntp source loopback 10. So would the IP address of my switch itself

be the IP address that goes into the other devices or do i get a free time server address and have them point to that instead.

Jon Marshall Thu, 07/22/2010 - 14:58
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

scooter817 wrote:


They really don't want to use a windows server for the NTP service,they want the 6509 to be the primary device for the time sync.

So what needs to happen is i will go to the 6509 and make it's internal clock the one that all other devices sync to and in order

to do this do i just add these commands ntp master 2   ntp source loopback 10. So would the IP address of my switch itself

be the IP address that goes into the other devices or do i get a free time server address and have them point to that instead.


If you want all your other switches to get the time from the 6500 then you configure the IP of the 6500 on the other switches when you configure them for NTP.


Be aware though that this will keep all your devices in sync with the 6500 so they all see the same time but this time might not be accurate to "real" time as you are not syncing to an independent time server.


Jon

Correct Answer
Leo Laohoo Thu, 07/22/2010 - 15:18
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

I'm with Jon.  Thus my initial response of "I wouldn't configure Cisco appliance as an authoritative NTP server."


Sure, all of your switches can get their time sync on your 6500 but you don't have to configure "ntp master" to it.  Just point your switches to it using the command "ntp server [prefer]".


The reason why I don't recommend a Cisco appliance as an authoritative NTP/SNTP server is because the clock chip is similar to a PC.  It doesn't have a dedicated method of verifying.  You can, however, let your 6500 synchronize it's own clock with something that is authoritative.  You can get a cheap NTP server that uses GPS (best method so far).  Another option is to open a port in the firewall to allow the 6500 to talk to world-wide NTP pool.

Leo Laohoo Thu, 07/22/2010 - 21:22
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

Thanks for the ratings.

Actions

This Discussion