We have several 3750G-48PS switches that we recently configured as stub routers for some buildings identified as mission-critical. This decision was made to enable the simultaneous utilization of the redundant uplinks. It is also a requirement that we use keys to authenticate routing updates so we have a key chain configured with two 6-month keys and a backup infinite key. The infinite key has an earliest possible date of something like the year 2000 however, one of the switches lost power and when it booted it started with a system date of something like 1996. Thus, we encountered a paradox: the 3750 could not recieve routing updates as none of the keys can possibly be valid (including the backup infinite key) due to the time being wrong and the time cannot be updated via NTP because no routing updates could be recieved. We had this issue several months ago with some 3745 routers which we fixed with the command "clock save interval" but this command appears to be unrecognized by a 3750 (IOS 12.2(53)SE). As the 3750 does not have support for a hardware clock or calendar the alternative, (which is available on our 6500s) "ntp update-calendar", is also not available. The command "clock save interval" was supposedly introduced in 12.2SRA and 12.2SX but neither of those IOS trains are available for a 3750.
Is there any recourse, other than removing the routing authentication, which will prevent this situation from occurring in the future? Any help is appreciated.
As of now, lower end catalyst switches cannot save the clock information internally. So, everytime they reboot, their clock will be reset back to the original date. However, in your case, you could add a static route on the switch towards the NTP server. This will ensure that the switch knows how to update its clock from the NTP server. Once the clock is updated, all your keys will be valid and you should not have any issues with routing.
Hope this helps.