08-15-2012 03:18 AM - edited 03-10-2019 07:25 PM
Dear Folks,
I have 6500 VSS Core Switch configured as NTP Server .I have installed ACS 5.2 vmware and sucessfuly integrated with the AD . I have noticed in some case, i lose connectivity between ACS and AD and when i say test connection , it shows clock skew error . Reboot of ACS sometimes solves the issue, else it comes up automatically after some hours . In core switch , i have configured time as PST +4 and in ACS it is configured as PST +4 , which automatically goes to GST .
Could you please tell me , why i get this error ' Clock Skew Error' ?
Regards,
Siddarth
08-15-2012 09:28 AM
When you issue a "show ntp" what does the offset and jitter show? Maybe there are some issues with the ntp source but give that a check first.
Tarik Admani
*Please rate helpful posts*
08-15-2012 10:13 AM
Hi ,
Thanks for the reply. When i see show ntp in ACS , it gives offset -14.434 and jitter 2.971 .
What does this mean ?
Regards,
SID
08-15-2012 10:38 AM
Can you post the output:
"When repeatedly reading the time, the difference may vary almost randomly. The difference of these differences (second derivation) is called jitter."
Offset is a value that is calculated between the local time and the referenced time.
Basically they are used in order to track the quality of the ntp source.
Thanks,
Tarik Admani
*Please rate helpful posts*
08-15-2012 10:42 AM
I did reload on the ACS , thinking it may work, but it still shows disconnected , with error showing as clock skew
Attached below is output of NTP
sh ntp
Primary NTP : 10.10.1.1
synchronised to NTP server (10.10.1.1) at stratum 2
time correct to within 20 ms
polling server every 64 s
remote refid st t when poll reach delay offset jitter
==============================================================================
127.127.1.0 LOCAL(0) 10 l 52 64 377 0.000 0.000 0.001
*10.10.1.1 .LOCL. 1 u 51 64 377 0.001 6.769 9.799
Warning: Output results may conflict during periods of changing synchronization.
Regards,
SID
08-15-2012 10:46 AM
Can you post the output of 'show timezones'? Along with 'show clock'?
Also when you enter the timezone how are you entering the command? What timezone are you currently in and do you observer DST?
Thanks,
Tarik Admani
*Please rate helpful posts*
08-15-2012 11:32 AM
Hi,
Please find the commands below . i was in timezone PST+4 (GST) , then later changed to Etc/GMT+4 . DST was not considered. and the command line entered was as follows
clock set month time year .
sh ntp
Primary NTP : 10.10.1.1
synchronised to NTP server (10.10.1.1) at stratum 2
time correct to within 20 ms
polling server every 256 s
remote refid st t when poll reach delay offset jitter
==============================================================================
127.127.1.0 LOCAL(0) 10 l 50 64 377 0.000 0.000 0.001
*10.10.1.1 .LOCL. 1 u 192 256 377 0.001 -2.576 4.449
Warning: Output results may conflict during periods of changing synchronization.
XXX-ACS/admin# sh time
timezone timezones
XXX-ACS/admin# sh timezone
Etc/GMT+4
XXX-ACS/admin# sh clock
Wed Aug 15 14:28:08 GMT+4 2012
08-15-2012 11:40 AM
Hi,
What is the correct time in the location that you are at? The current time that you posted below looks like it is in the eastern time zone here in the US.
Thanks,
Tarik Admani
*Please rate helpful posts*
08-15-2012 11:45 AM
Hi ,
Its in dubai . I tried using Asia/Dubai . Any suggestions please.
Regards,
SID
08-15-2012 11:50 AM
Try running the command:
clock timezone Asia/Dubai
This should force you to restart the services, then after you enter this command type in write memory.
Also what patch level are you on?
thanks,
Tarik Admani
*Please rate helpful posts*
08-15-2012 11:52 AM
Hi,
Thanks for the response so far .
I have did the command as you have mentioned. By the way related with the patch , how can i check that ?
Regards
SID
08-15-2012 11:54 AM
Show version will get this information.
Can you try to remove the ntp configuration, restart the services, enter the timezone and then the ntp configuration?
Thanks,
Tarik Admani
*Please rate helpful posts*
08-15-2012 12:04 PM
Hi Tarik ,
Below is the version and build of ACS
Cisco ACS VERSION INFORMATION
-----------------------------
Version : 5.2.0.26
Internal Build ID : B.3075
By the way, is there no command for NTP . I tried to do that, it seems its not in the CLI. so i re-entered NTP Server command, with timezone and I have restarted .
Still the same error ( clock skew) and disconnected .
Regards,
SID
08-15-2012 12:10 PM
I just executed the 'no ntp server 1.1.1.1' and it allowed me to execute it. I am on version 5.3 patch 4, if this is not letting you run this command please install the latest patch on your appliance and see if that fixes your issue.
Thanks,
Tarik Admani
*Please rate helpful posts*
08-15-2012 12:20 PM
Hi Tarik,
I am in downloads site and i found out that there were 10 patches. should i install as increment from 1 to 10 ...or i can install 10, which contains all the other versions .
Second thing , you have mentioned you were using 5.3 patch 4, so is it possible i can upgrade directly from 5.2 to 5.3
Regards,
SID
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: