Peter,

Seems strange, but we cannot exclude some  interaction based on AD NTP broadcasts, causing the switch to adopt time.

http://technet.microsoft.com/en-us/library/cc773013%28WS.10%29.aspx

Perhaps an ACL could help in avoiding the undesired synchronization.

Hello,

Here is the output.

CS02#SHOW NTP ASSOC

      address         ref clock     st  when  poll reach  delay  offset    disp
*~127.127.7.1      127.127.7.1       2    42    64  377     0.0    0.00     0.0
* master (synced), # master (unsynced), + selected, - candidate, ~ configured

CS02#SHOW NTP STATUS
Clock is synchronized, stratum 3, reference is 127.127.7.1
nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**19
reference time is D09C52AC.37091E20 (08:01:48.214 GST Sun Nov 28 2010)
clock offset is 0.0000 msec, root delay is 0.00 msec
root dispersion is 0.02 msec, peer dispersion is 0.02 msec

Thanks

Hello,

There is definitely some explicit NTP configuration on your device. This output declares that the switch is configured as an NTP server and is providing NTP services to the network.

Can you post the entire configuration of the device (without, of course, sensitive data)?

Best regards,

Peter

Hello Paolo,

Absolutely agree - that's why I requested the configuration of the switch. But I assume that even for listening for AD time broadcasts, the switch would have to be configured explicitly, for example using the ntp broadcast client or ntp multicast client interface configuration command. I have not yet seen (though I am not sying that it is impossible) a switch without any explicit NTP configuration to "suddenly" synchronize its clock.

Best regards,

Peter

For what we know there may be a bug filed and solved already.

If not, the matter should be given to the TAC.

Hello Paolo,

I haven't seen the configuration of the device yet. I do not have any basis to suppose that this is an IOS bug or a case that "deserves" the attention of a TAC specialist. I will wait for the OP to post the configuration and then we'll see.

Best regards,

Peter

Per OP:

There is no NTP command in switch

May be it's my view, but in 18 years of working with Cisco products, I have seen so many bugs, that 1, 10 or 100 more do not surprise me a bit.

Hello Paolo,

Sure, I am not excluding the possibility of a bug per se. I am just trying to explore other possibilities before concluding that this is an errant behavior. I have also seen lots of bugs - surely not as many as you as you are working in the networking field considerably longer than me - and it would not surprise me neither, but I do not have enough reliable information to make any conclusion. If I stated that this is a bug basing on the scarce information available in this thread so far, I would be jumping to conclusions which is something I'd rather not do. Currently, I am not stating anything - I am just asking the OP to provide more information.

I find the OP's comment about "no NTP command present on the switch" somewhat suspicious and I'd like to verify that for myself (after all, the TAC person would do just the same). Note that the show ntp assoc produced an output that suggests that the switch is configured as NTP server (not default) with the stratum 3 (not default).

Best regards,

Peter

Leo, the point is that the OP does not want NTP, for whatever reason we are not called to judge.

Leo, the point is that the OP does not want NTP, for whatever reason we are not called to judge.

The IOS for swtich is System image file is "bootflash:cat4500e-entservices-mz.122-53.SG1.bin. After specifying the NTP commands on core,and treating core as a local time source still after 10 to 15 min it syn with AD time.

In switch there are no commands specifying AD as NTP source.

Here are the configs

Building configuration...

Current configuration : 22451 bytes
!
!
version 12.2
no service pad
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
no service password-encryption
service compress-config
service counters max age 10
!
hostname
!
boot-start-marker
boot-end-marker
!
logging buffered 8192

!

no aaa new-model
clock timezone GST 4
hw-module module 1 port-group 1 select gigabitethernet
hw-module module 1 port-group 2 select gigabitethernet
ip subnet-zero
ip domain-name XX
ip name-server 10.XX
ip name-server 10.XX
!
!
ip vrf mgmtVrf
!
!
power redundancy-mode redundant
!
!
!
!
!
!
spanning-tree mode mst
spanning-tree extend system-id
spanning-tree backbonefast
!
spanning-tree mst configuration
instance 1 vlan 1-8, 13, 20-25, 30-38
instance 2 vlan 9-12, 14-19, 26-29, 39-49
!
spanning-tree mst 1 priority 28672
spanning-tree mst 2 priority 24576
!
vlan internal allocation policy ascending
!
!
!
!
ip route 0.0.0.0 0.0.0.0 10.XXXXX

no ip http server
!
!
!
logging trap notifications
logging source-interface Vlan6
logging 10.XXX
!
!
snmp-server community XXX
snmp-server trap-source Vlan6
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps transceiver all
snmp-server enable traps call-home message-send-fail server-fail
snmp-server enable traps tty
snmp-server enable traps eigrp
snmp-server enable traps ospf state-change
snmp-server enable traps ospf errors
snmp-server enable traps ospf retransmit
snmp-server enable traps ospf lsa
snmp-server enable traps ospf cisco-specific state-change nssa-trans-change
snmp-server enable traps ospf cisco-specific state-change shamlink interface-old
snmp-server enable traps ospf cisco-specific state-change shamlink neighbor
snmp-server enable traps ospf cisco-specific errors
snmp-server enable traps ospf cisco-specific retransmit
snmp-server enable traps ospf cisco-specific lsa
snmp-server enable traps fru-ctrl
snmp-server enable traps entity
snmp-server enable traps ether-oam
snmp-server enable traps flash insertion removal
snmp-server enable traps power-ethernet police
snmp-server enable traps cpu threshold
snmp-server enable traps rep
snmp-server enable traps vtp
snmp-server enable traps vlancreate
snmp-server enable traps vlandelete
snmp-server enable traps auth-framework sec-violation
snmp-server enable traps dot1x auth-fail-vlan guest-vlan no-auth-fail-vlan no-guest-vlan
snmp-server enable traps envmon fan shutdown supply temperature status
snmp-server enable traps entity-diag boot-up-fail hm-test-recover hm-thresh-reached scheduled-test-fail
snmp-server enable traps port-security
snmp-server enable traps ethernet cfm cc mep-up mep-down cross-connect loop config
snmp-server enable traps ethernet cfm crosscheck mep-missing mep-unknown service-up
snmp-server enable traps ethernet cfm alarm
snmp-server enable traps ethernet evc status create delete
snmp-server enable traps energywise
snmp-server enable traps rtr
snmp-server enable traps bgp
snmp-server enable traps bulkstat collection transfer
snmp-server enable traps cef resource-failure peer-state-change peer-fib-state-change inconsistency
snmp-server enable traps config-copy
snmp-server enable traps config
snmp-server enable traps config-ctid
snmp-server enable traps event-manager
snmp-server enable traps hsrp
snmp-server enable traps ipmulticast
snmp-server enable traps isis
snmp-server enable traps msdp
snmp-server enable traps pim neighbor-change rp-mapping-change invalid-pim-message
snmp-server enable traps rf
snmp-server enable traps bridge newroot topologychange
snmp-server enable traps stpx inconsistency root-inconsistency loop-inconsistency
snmp-server enable traps syslog
snmp-server enable traps vlan-membership
snmp-server enable traps mac-notification change move threshold
snmp-server host 10.XXX
!
line con 0
password
stopbits 1
line vty 0 4
password
login local
line vty 5 15
login
!
ntp logging
ntp source Vlan6
ntp master 3
ntp update-calendar
end

Thanks

I believe that in vlan 6 is an equipment set ntp sync with AD. Find the equipment that has ntp peer 127.127.7.1