cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1785
Views
0
Helpful
7
Replies

IPS not syncronizing with NTP

jennyjohn
Level 1
Level 1

My IPS appliance is not synchronizing with the NTP, below are the logs that I am getting.

NTP Statistics
    =      remote           refid      st t when poll reach   delay   offset  jitter
    =  172.21.3.137    172.21.1.10      5 u  746 1024  377    1.409  -13801. 532.147
    = *LOCAL(0)        73.78.73.84      5 l    8   64  377    0.000    0.000   0.001
    = ind assID status  conf reach auth condition  last_event cnt
    =   1 20556  b0f4   yes   yes  none    reject   reachable 15
    =   2 20557  96f4   yes   yes  none  sys.peer   reachable 15
   status = Not Synchronized

........

Nov 20 21:53:37 sensor daemon.info ntpd[15975]: synchronized to 172.21.3.137, stratum=5
Nov 20 22:10:42 sensor daemon.info ntpd[15975]: synchronized to LOCAL(0), stratum=5
Nov 20 22:11:48 sensor daemon.info ntpd[15975]: synchronized to 172.21.3.137, stratum=5
Nov 20 22:27:35 sensor daemon.notice ntpd[15975]: time reset -3.797142 s
Nov 20 22:31:56 sensor daemon.info ntpd[15975]: synchronized to LOCAL(0), stratum=5
Nov 21 02:44:59 sensor daemon.info ntpd[15975]: synchronized to 172.21.3.137, stratum=5
Nov 21 03:02:05 sensor daemon.info ntpd[15975]: synchronized to LOCAL(0), stratum=5
Nov 21 03:10:38 sensor daemon.info ntpd[15975]: synchronized to 172.21.3.137, stratum=5
Nov 21 03:26:34 sensor daemon.notice ntpd[15975]: time reset -9.364510 s
Nov 21 03:30:58 sensor daemon.info ntpd[15975]: synchronized to LOCAL(0), stratum=5

...............

I tried changing the NTP server to other Cisco Devices, but still the IPS is not syncronizing with any NTP. How can I fix this.

Please help,

Thanks

7 Replies 7

Eduardo Aliaga
Level 4
Level 4

What version of IPS do you have? Is your NTP server a Cisco router? Could you please attach your IPS config and your NTP server configuration.

Please notice that IPS 6.x supports only Cisco routers as NTP servers.

Thank you eduardoaliaga for replying,

The IPS version is 7.0(4)E4,  and we are using a Cisco router as the NTP server.

The IPS NTP configuration is attached. and NTP configuration on the router is

ntp source FastEthernet0/0
ntp master 10
ntp server 172.21.1.10
clock timezone AST 3

Maxim Zimovets
Level 1
Level 1

Hello!

It seems that your problem is that your ips internal ntp server and ntp server at 172.21.3.137 both have the same ntp stratum - 5. From sent logs we see that your ips gets synchronized with both ntp servers:

Nov 20 21:53:37 sensor daemon.info ntpd[15975]: synchronized to 172.21.3.137, stratum=5
Nov 20 22:10:42 sensor daemon.info ntpd[15975]: synchronized to LOCAL(0), stratum=5
Nov 20 22:11:48 sensor daemon.info ntpd[15975]: synchronized to 172.21.3.137, stratum=5
Nov 20 22:27:35 sensor daemon.notice ntpd[15975]: time reset -3.797142 s


NTP stratum is like route metric - how far is your ntp server from a most accurate clock?(http://en.wikipedia.org/wiki/Network_Time_Protocol)

Please, try to set up ntp server 172.21.1.10 at you ips. This ntp server apparently will have 4 as ntp stratum.

With best regards

Thanks mzimovets,

We even get the logs where 172.21.3.137 shows a stratum of 10, but the router is on the same network.

sensor daemon.info ntpd[15975]: synchronized to 172.21.3.137, stratum=10
sensor daemon.notice ntpd[15975]: time reset -8.712638 s
sensor daemon.info ntpd[15975]: synchronized to LOCAL(0), stratum=5

We had tried setting up 172.21.1.10 as NTP for the IPS, but still it is not syncronizing.

So your router is 172.21.3.137, right? Your router don't need the command "ntp server 172.21.1.10".

By the way, what device have the IP 172.21.1.10 ? Do you have another NTP server besides 172.21.3.137 ?

Also, your configuration says router router have a stratum 10, and your logs says apparently there is another NTP server  with stratum 4.

Take into account that a NTP server with lower stratum is better.

We had raised a Service Request with Cisco TAC for this issue. They have mentioned that it matches with Bug CSCtf02842 (details attached).

But the solution they mentioned did not help us.

mulhollandm
Level 1
Level 1

folks

i have had similiar issues with a cople of aip-ssm cards not synchronising ntp to a non cisco ntp server

i tried a hw-module reset to sort it out but no joy

so far my only successful option has been to remove the ntp config on the aip-ssm and then reconfigure it

hope this helps

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: