NEXUS 5000 mgmt0

pokwan · ‎02-18-2014

Hi,

We have 2 x N5K as core/dist/access switches. The mgmt0 int of these 2 N5k are directly connected. I have a problem with ntp. I cannot access the NTP server via the default VRF and I read somewhere that the access has to be via the management VRF. With the way the mgmt 0 is connected, how can I resolve the problem with the NTP without any additional switch?

TIA

PF

Mahadev Patil · ‎02-18-2014

Enable vlan routing and connect your Network.

Sent from Cisco Technical Support Android App

pokwan · ‎02-19-2014

Mahadev,

Thanks for your reply. Can you please elaborate on your answer? All is working except NTP.

Thanks.

PF

sean_evershed · ‎02-19-2014

Hi,. Does the route to the NTP server exist in your default VRF?

Check the config guide for NTP. You need to specify where the route to the NTP server exists.

Configuring a VRF for NTP is optional. Furthermore you can use any VRF you wish.

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5500/sw/system_management/6x/b_5500_System_Mgmt_Config_6x/b_5500_System_Mgmt_Config_6x_chapter_010010.html

Don't forget to rate all helpful posts.

pokwan · ‎02-19-2014

Sean,

Thanks for your reply. I have the following configured

ntp server 192.168.1.10 use-vrf default.

The ntp resides on another site. Vrf default is where the connection to the this site is.

Thanks.

PF

sean_evershed · ‎02-20-2014

- Does the route exist to 192.168.1.0 in the default vrf?

- Can you ping the NTP server from the default vrf?

- What results do you get when you issue the debug ntp all?

- Is there a firewall in between the switch and the NTP server that could be dropping NTP packets?

pokwan · ‎02-20-2014

Sean,

Forgot to mention that the ntp traffic is not even hitting the firewall.

Thanks.

PF

pokwan · ‎02-20-2014

Sean,

Thanks.

Yes there is a route (default) to 192.168.1.0 on the default vrf

We can ping the NTP server from the default vrf

Below is the result from debug

TEST# debug ntp all

Terminal monitor is currently disabled on this terminal.

To observe Debugs/Syslogs, please run the command "terminal monitor"

TEST# term mon

TEST# sh debug ntp

NTP Module:

MTS Receive Packets debugging is on

MTS Transmit Packets debugging is on

MTS Receive Packet header/payload debugging is on

MTS Transmit Packet header/payload debugging is on

NTP Errors debugging is on

NTP Info debugging is on

NTP Log debugging is on

TEST# 2014 Feb 21 12:19:23.023096 ntp: Processed a sdwrap msg (MTS_OPC_DEBUG_WRAP_MSG)

2014 Feb 21 12:19:50.016424 ntp: ntp_sigchld_wait_and_fetch_status: waitpid() returns with status of 2391

2014 Feb 21 12:19:50.016494 ntp: ntp_sigchld_wait_and_fetch_status: Non-ntp child exited ! Dont care !

2014 Feb 21 12:20:19.313199 ntp: Sending Time of day upd to standby

2014 Feb 21 12:20:39 TEST last message repeated 2 times

2014 Feb 21 12:21:49.322655 ntp: Sending Time of day upd to standby

There is a firewall between the the NTP server and the switch but currently all ports are opened.

Thanks.

PF

Mahadev Patil · ‎02-20-2014

pokwan

Thanks,

first you can provide tracert NTP server(N5K to NTP Server).

pokwan · ‎02-20-2014

Mahadev,

Thanks. We can trace all the to the NTP server via the default VRF

Thanks.

PF

Mahadev Patil · ‎02-20-2014

Thanks

Please provide tracert report...

Mahadev

pokwan · ‎02-24-2014

Problem resolved. NTP bug with software version used.

Thanks all for helping.

PF

sbhadrav@cisco.com · ‎03-19-2018

Check the config guide for NTP. You need to specify where the route to the NTP server exists.

Configuring a VRF for NTP is optional. Furthermore you can use any VRF you wish.

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5500/sw/system_management/6x/b_5500_System_Mgmt_Config_6x/b_5500_System_Mgmt_Config_6x_chapter_010010.html