On my network i have one 3750-E and rest of the switches are 2960. I want ntp to be configured on 3750-E, but i have come to know that 3750-E cannot be a ntp master. how can i configure NTP on my domain.
Your switch cannot be an NTP master however this does not stop your 2960 switches getting their time from the 3750-E switch. All it means is that your 3750-E must get it's time from an external source.
However you can still configure all your 2960 switches to get their time from the 3750-E.
Cisco recommend using an external Internet time server to get the time.
please help me , how can i configure my 2960 switches to get their time from 3750-E. and how 3750-E gets its time from external source.
Please use the link below for configuration :
Configure Switch1 as NTP server and switch2 as client, you must configure switch1 as a both a client and a master. First, use the ntp server command to point to the NTP server. you can also configure the router as an NTP master. To accomplish this, use the ntp master command if avaliable in your ios. Setup the timezone and configure switch2 as client.
switch1(config-if)ip address 192.168.2.1 255.255.255.0
switch1(config)#clock timezone GMT 0
switch1(config)#ntp server 22.214.171.124 version 2 (Maybe something external on the web, a reliable ntp server)
switch1(config)#ntp master (Not sure if supported on your switch. if not leave out)
switch2(config)#ntp server 192.168.2.1
use "sh ntp associations detail" to verify your config is working...
not sure how your network if setup if you have a dedicated switch doing inter-vlan routing between your access layers but need to have ip reachability from your acess layer to the NTP server.
how do you manage your access layer switches? dont you have a SVI for your management vlan on the access switches for managment.
for example if vlan 1 is your managment vlan, make sure each access layer switch have SVI for vlan 1
access swith 1
"int vlan 1"
ip address 192.168.1.1
ip default-gateway 192.168.1.254
int vlan 1
ip address 192.168.1.254
make sure vlan 1 is allow on our trunk between the access and core for ip reachability.
Thanks for your reply. Actually for now i only have one vlan through out my network, on access switches and on core switch i have configured SVI interface. but why should i give "ip default-gateway " command.
Is your NTP now working?
you can use the "show ntp association" to verify.
the concept of having a core layer is to route traffic as fast as it can via layer 3 routing. if your core switche have ip reachabilty to the internet via your firewall then that should not be a problem.
perhaps you should upload a network diagram inclduing your switches config so we can better assist you.