I've read the NTP section of the user guide for the Catalyst 3750, but was unable to get a clear answer to the following.
As far as I now it should be no problem configuring the 3750 model to synchronize with a local NTP time server. The command "ntp server <ip-address>" looks like it will do the trick, but is it also possible to synchronize two Windows 2003 servers with the 3750 (layer 3) switch?
Furthermore, is it possible to supply 2 time servers? The idea is to provide some degree of redundancy, using a backup time server when the primary one fails? I'm not sure if executing the command "ntp server <ip-address>" twice with a different ip-address will work.
Any help is appreciated.
You can enter multiple NTP servers. When you do that you can do "sh ntp associations" to see them and which one is the better clock.
As for syncing the Win2003 servers, point them to the same ntp servers your 3750's are, or set them up to be a NTP server and point your 3750 to them.
Yes you can supply two time server for redundancy and both will be used.
You can point devices to the 3750 to get their time but i'm not sure whether windows 2003 uses NTP or SNTP.
Be aware that the 3750 does not have a hardware supported clock so it cannot act as a master server. You can sync devices to it but for accurate time you need to sync the 3750 to a reliable master clock.
Not possible. Windows 2003 NTP uses netbios for Timesync not NTP
It is like doing this from your router
net time \\DC /SNTP:IP address
not cisco, but i thought it was interesting considering I am not a windows admin...
Synchronizing Computers with Time Sources
Use the following procedures to synchronize the internal time server with an external time source, and to synchronize the client time with a time server.
To Synchronize an Internal Time Server with an External Time Source
To open a command prompt, click Start, click Run, type cmd, and then click OK.
Type the following, where PeerList is a comma-separated list of Domain Name System (DNS) names or Internet protocol (IP) addresses of the desired time sources:
w32tm /config /syncfromflags:manual /manualpeerlist:PeerList
and then press ENTER.
Type w32tm /config /update, and then press ENTER.
Notes: The most common use of this procedure is to synchronize the internal network's authoritative time source with precise external time source. This procedure can be run on any computer running Windows 2000, Windows XP, or an operating system in the Windows Server 2003 family. If the computer cannot reach the servers, the procedure fails and an entry is written to the Windows System event log.
According to the article posted by avmade, it seems that Windows 2000 used SNTP, but the Windows 2003 family used NTP.
It looks like it should be possible for the Windows 2003 servers to synchronize with the 3750, if it is reachable.
Thanks for the reply.
We have two atomic clocks available to the 3750, but these are not reachable for the two servers that we have.
I was planning to synchronize the 3750 with the atomic clocks and then let the two (windows 2003) servers synchronize with the 3750.
i've always used the following command on windows boxes w/o any problems, and it syncs just fine (once you restart the windows time service):
net time /setsntp:x.x.x.x
I'm assuming you have synchronized with a Cisco switch/router? Did you configure anything in the switch itself.
It looks like you also have to configure the switch, in my case the 3750, to establish a (NTP) connection with the machine that you want to synchronize. The user guide mentions the following command: 'ntp peer 188.8.131.52'?
From Cisco documentation, you cannot synchronize windows servers (or any others for that matter) to the Cisco 3750.
The switch does not have a hardware-supported clock and cannot function as an NTP master clock to which peers synchronize themselves when an external NTP source is not available.
You will need to sync the windows servers to something other than the 3750. You can, however, setup the windows servers to be a NTP server and point the 3750's to them.
True, but according to that same documentation, the 3750 can have an NTP peer association that enables the switch to synchronize OTHER devices and synchronize TO other devices.
In my case, I want to see if the 3750 switch can synchronize to 2 atomic clocks that the client has and have the Windows 2003 servers synchronize to the 3750 switch. The Windows 2003 servers can not directly access the atomic clocks themselves.
hmmm... You could try the peer association, but I suspect that will not work on the win2k3 server. Hey, give it a shot though ;)
Is there any way to open up a rule to allow your server to get NTP through your fw? I'm assuming that is why it can't get to a NTP server.
Well, the Windows 2003 servers are in a different subnet then the time servers. The Windows 2003 servers are part of a LAN that uses private addressing. The time servers are part of the client's subnet, which doesn't use private addressing.
The problem now is that the Windows 2003 servers send requests to the time servers, but no replies are received because the time servers do not know what to do with packets that have this private address.
The client does not allow private addressing to be used in their devices (switches, routers etc.), so nothing can be opened up to allow the Windows 2003 server to reach the time servers.
The 3750 model also does not support NAT, so there is also no possibility to translate the private address of the server.
At this point i'm trying to find a different solution by using the 3750 as the 'master' for the Windows 2003 server.
Another solution might be to add a router between the 3750 and the client network.