Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Sync issue from Windows server 2008R2 PDC to Cisco 4500

I'd like to point my 2008 DC's to our core switches for NTP, but we're getting errors. The servers are sending and receiving NTP traffic successfully from the Cisco 4500's, yet they won't accept the time setting.

My initial guess has to do with the servers not recognizing the 4500's as authoritative, but wanted to get some clarity.

 

Thanks!

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

That's good to know Jeff. You

That's good to know Jeff. You're welcome.

Please mark your question as answered if it has been. It improves of community content and encourages contributors.

7 REPLIES
Hall of Fame Super Silver

What stratum are your 4500

What stratum are your 4500 switches? ("show ntp assoc")

Also, if your servers are guests on a VMware ESXi server, make sure you aren't set in VMware tools to sync to the host.

New Member

Looks like it's at 3 CORE#sh

Looks like it's at 3

 

CORE#sh ntp assoc

      address         ref clock     st  when  poll reach  delay  offset    disp
*~x.x.x.x     65.60.126.149     3   752  1024  377    -0.0    3.18    11.1
 * master (synced), # master (unsynced), + selected, - candidate, ~ configured

Hall of Fame Super Silver

Check what stratum the

Check what stratum the Windows server believes it is at:

w32tm /query /status

If it's at 3 (or 2) it won't accept the 4500 as authoritative.

New Member

Is there any way to set the

Is there any way to set the 4500 to promote itself as 'authoritative'?

Hall of Fame Super Silver

I don't think that's

I don't think that's available on the 4500 platform. It has to do with the accuracy of the clock in the supervisors (i.e. it's ability not to drift over time once set to a certain level). If you get time from an external source, you are generally limited to being one stratum level less precise than your source

On a 6500, we have the command available:

CORE_01(config)#ntp master ?
  <1-15>  Stratum number
  <cr>

CORE_01(config)#

New Member

Thanks for the help Marvin!

Thanks for the help Marvin! Looks like the issue we were having was due to a Windows domain GPO that was forcing too tight of restrictions on our DC's NTP requirements. Corrected that this morning, and all is well.

Hall of Fame Super Silver

That's good to know Jeff. You

That's good to know Jeff. You're welcome.

Please mark your question as answered if it has been. It improves of community content and encourages contributors.

221
Views
0
Helpful
7
Replies
CreatePlease login to create content