Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Check NTP Synchronization Status

I have two border routers that get time from external NTP servers while delivering it to my internal network devices. Sometimes some or even all of the configured exrernal servers  go down, so we lose the sync.

I am trying to write a script that checks the NTP status and notifies me if NTP is either unsynchronized or synchronized to internal clock.

Polling OID "cntpSysSrvStatus" 1.3.6.1.4.1.9.9.168.1.1.11 (Part of CISCO-NTP-MIB) which according to Cisco reports exactly what I need:

1: server status is unknown

2: server is not running

3: server is not synchronized to any time source

4: server is synchronized to its own local clock

5: server is synchronized to a local hardware refclock (e.g. GPS)

6: server is synchronized to a remote NTP server

And this gives me a result snmp_entry_value_check: OID unavailable, value check skipped

The images I have tested it on are c7200-advipservicesk9-mz.152-4.M8 and asr1002x-universalk9.03.10.05.S.153-3.S5-ext.SPA.bin

One of my questions is: do I need to configure anything in the SNMP part on the device so that EEM could poll it?

Does any one has this task solved and how?

Everyone's tags (1)
2 ACCEPTED SOLUTIONS

Accepted Solutions
Cisco Employee

Try polling

Try polling ntpEntStatusCurrentMode  from the NTP-MIB.   Gives the same info as cntpSysSrvStatus.

Cisco Employee

Try changing the get-type

Try changing the get-type from exact to next.

5 REPLIES
Cisco Employee

Try polling

Try polling ntpEntStatusCurrentMode  from the NTP-MIB.   Gives the same info as cntpSysSrvStatus.

New Member

Same result:

Same result:

event manager applet checkntp authorization bypass
 event snmp oid 1.3.6.1.2.1.197.1.2.1 get-type exact entry-op eq entry-val "1" entry-type value poll-interval 30 ratelimit 60
 action 1.0 puts "OK"
 action 2.0 exit

Nov  2 06:33:19.055: fh_fd_snmp_process_async
Nov  2 06:33:19.055: fh_fd_snmp_process_poll_timer: re=0x6A837C00, timer_type=POLL
Nov  2 06:33:19.059: fh_fd_snmp_oid_val_fetch: storing OID value
Nov  2 06:33:19.059: snmp_entry_value_check: OID unavailable, value check skipped
Nov  2 06:33:19.059: fh_fd_snmp_start_poll_timer: start_t=30000

Cisco Employee

Try changing the get-type

Try changing the get-type from exact to next.

New Member

Thanks! It works well with

Thanks! It works well with OID 1.3.6.1.2.1.197.1.2.1 and get-type next.

I have tested the situations with NTP unsynchronized, synchronized to internal clock and synchronized to external server, all three statuses were returned correctly.

The whole script, just if anyone needs is:

event manager applet ntp-sync-check
 event tag 1 snmp oid 1.3.6.1.2.1.197.1.2.1 get-type next entry-op ne entry-val "6" entry-type value poll-interval 86400
 event tag 5 none
 trigger
  correlate event 1 or event 5
 action 0.10 info type routername
 action 1.00 cli command "enable"
 action 1.10 cli command "show ntp asso"
 action 1.20 set ntpa "$_cli_result"
 action 2.00 cli command "show ntp status"
 action 2.20 set ntpst "$_cli_result"
 action 3.00 syslog priority critical msg "NTP sync failed" facility "NTP"
 action 3.10 mail server "SERVER" to "MAIL@MAIL" from "$_info_routername@DOMAIN"  subject "** NTP Sync Failure **" body "$ntpst \015\012\015\012 $ntpa"
 action 3.20 snmp-trap strdata "NTP Sync failed"
 action 3.30 exit
New Member

what about an applet that

what about an applet that only sends an email when NTP is unsynchronized.  I have tried to edit this applet using "andnot" in the correlation configuration, but it will always email every 24 hours.

485
Views
0
Helpful
5
Replies