11-24-2010 08:54 AM - edited 03-10-2019 05:11 AM
My IPS appliance is not synchronizing with the NTP, below are the logs that I am getting.
NTP Statistics
= remote refid st t when poll reach delay offset jitter
= 172.21.3.137 172.21.1.10 5 u 746 1024 377 1.409 -13801. 532.147
= *LOCAL(0) 73.78.73.84 5 l 8 64 377 0.000 0.000 0.001
= ind assID status conf reach auth condition last_event cnt
= 1 20556 b0f4 yes yes none reject reachable 15
= 2 20557 96f4 yes yes none sys.peer reachable 15
status = Not Synchronized
........
Nov 20 21:53:37 sensor daemon.info ntpd[15975]: synchronized to 172.21.3.137, stratum=5
Nov 20 22:10:42 sensor daemon.info ntpd[15975]: synchronized to LOCAL(0), stratum=5
Nov 20 22:11:48 sensor daemon.info ntpd[15975]: synchronized to 172.21.3.137, stratum=5
Nov 20 22:27:35 sensor daemon.notice ntpd[15975]: time reset -3.797142 s
Nov 20 22:31:56 sensor daemon.info ntpd[15975]: synchronized to LOCAL(0), stratum=5
Nov 21 02:44:59 sensor daemon.info ntpd[15975]: synchronized to 172.21.3.137, stratum=5
Nov 21 03:02:05 sensor daemon.info ntpd[15975]: synchronized to LOCAL(0), stratum=5
Nov 21 03:10:38 sensor daemon.info ntpd[15975]: synchronized to 172.21.3.137, stratum=5
Nov 21 03:26:34 sensor daemon.notice ntpd[15975]: time reset -9.364510 s
Nov 21 03:30:58 sensor daemon.info ntpd[15975]: synchronized to LOCAL(0), stratum=5
...............
I tried changing the NTP server to other Cisco Devices, but still the IPS is not syncronizing with any NTP. How can I fix this.
Please help,
Thanks
11-24-2010 06:49 PM
What version of IPS do you have? Is your NTP server a Cisco router? Could you please attach your IPS config and your NTP server configuration.
Please notice that IPS 6.x supports only Cisco routers as NTP servers.
11-24-2010 11:15 PM
11-24-2010 10:13 PM
Hello!
It seems that your problem is that your ips internal ntp server and ntp server at 172.21.3.137 both have the same ntp stratum - 5. From sent logs we see that your ips gets synchronized with both ntp servers:
Nov 20 21:53:37 sensor daemon.info ntpd[15975]: synchronized to 172.21.3.137, stratum=5
Nov 20 22:10:42 sensor daemon.info ntpd[15975]: synchronized to LOCAL(0), stratum=5
Nov 20 22:11:48 sensor daemon.info ntpd[15975]: synchronized to 172.21.3.137, stratum=5
Nov 20 22:27:35 sensor daemon.notice ntpd[15975]: time reset -3.797142 s
NTP stratum is like route metric - how far is your ntp server from a most accurate clock?(http://en.wikipedia.org/wiki/Network_Time_Protocol)
Please, try to set up ntp server 172.21.1.10 at you ips. This ntp server apparently will have 4 as ntp stratum.
With best regards
11-24-2010 11:24 PM
Thanks mzimovets,
We even get the logs where 172.21.3.137 shows a stratum of 10, but the router is on the same network.
sensor daemon.info ntpd[15975]: synchronized to 172.21.3.137, stratum=10
sensor daemon.notice ntpd[15975]: time reset -8.712638 s
sensor daemon.info ntpd[15975]: synchronized to LOCAL(0), stratum=5
We had tried setting up 172.21.1.10 as NTP for the IPS, but still it is not syncronizing.
11-25-2010 06:58 AM
So your router is 172.21.3.137, right? Your router don't need the command "ntp server 172.21.1.10".
By the way, what device have the IP 172.21.1.10 ? Do you have another NTP server besides 172.21.3.137 ?
Also, your configuration says router router have a stratum 10, and your logs says apparently there is another NTP server with stratum 4.
Take into account that a NTP server with lower stratum is better.
12-12-2010 01:43 PM
05-03-2013 05:23 AM
folks
i have had similiar issues with a cople of aip-ssm cards not synchronising ntp to a non cisco ntp server
i tried a hw-module reset to sort it out but no joy
so far my only successful option has been to remove the ntp config on the aip-ssm and then reconfigure it
hope this helps
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: