Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
513
Views
0
Helpful
3
Replies

ISSUE in Date and Time Setting| Application Centric Infrastructure

MalavSharma
Level 1
Level 1

‎12-18-2024 03:37 AM

Hi Guys, i am doing ACI multipod, and i am able to successfully discover the SPINE and LEAF for POD2 . The only problem i am getting is POD2 spine and leaf going into inactive state.

I am using ACI version 15.2.

There is a command in Leaf and Spine cli to initiate command "setup-date.sh" but that is giving me error called as "permission denied"

I am not able to set new time and date for POD2 spine and leaf .

There is a difference of 2 hrs between POD1 and POD2 devices due to which it is going under Inactive state

 

Can anyone help me that what i can do to execute the "setup-date.sh" command

Labels:
0 Helpful
3 Replies 3

AshSe
VIP
VIP

‎12-18-2024 10:08 PM

Hello @MalavSharma 

The issue you're facing with the setup-date.sh command and the time difference between POD1 and POD2 is a common problem in ACI multipod setups. Time synchronization is critical in ACI environments, especially in multipod deployments, as it ensures proper communication and avoids issues like the one you're experiencing.

Here are some steps and suggestions to resolve the issue:

1. Permission Denied for setup-date.sh

The setup-date.sh script requires elevated privileges to execute. If you're getting a "permission denied" error, it likely means you're not running the command as a privileged user. To resolve this:

  • Switch to the root user:

    sudo su

    Then try running the setup-date.sh command again.

  • Alternatively, prepend sudo to the command:

    sudo setup-date.sh

If you still encounter issues, it could be that the script is not executable. You can make it executable by running:

chmod +x /path/to/setup-date.sh

Then try running the script again.

2. Time Synchronization in ACI Multipod

In ACI multipod setups, all devices (spines, leaves, and APICs) must have synchronized time. This is typically achieved using NTP (Network Time Protocol). If there is a time difference between POD1 and POD2, it can cause the devices in POD2 to go into an inactive state.

Steps to Fix Time Synchronization:

  1. Verify NTP Configuration:

    • Log in to the APIC and check the NTP configuration:
      show ntp
    • Ensure that all devices in both POD1 and POD2 are using the same NTP server.

  2. Manually Set the Time (if NTP is not working):

    • If NTP is not configured or not working, you can manually set the time on the devices in POD2. Use the following command on the spine and leaf switches:
      clock set <hh:mm:ss> <month> <day> <year>
      For example:
      clock set 10:30:00 Dec 19 2024

  3. Restart NTP Service:

    • After setting the time, restart the NTP service to ensure it syncs correctly:
      ntp restart

  4. Verify Time Synchronization:

    • Check the time on the devices in POD2 to ensure they are synchronized with POD1:
      show clock

3. Check Multipod Configuration

Ensure that the multipod configuration is correct and that the intersite connectivity is functioning properly. Verify the following:

  1. IPN (Inter-Pod Network) Configuration:

    • Ensure that the IPN devices are configured correctly and that the MTU size is set to 9150 bytes or higher.
    • Verify that the IPN devices are allowing multicast traffic (PIM is configured).

  2. Multipod Policy:

    • Check the multipod policy in the APIC and ensure that the POD2 devices are properly registered.

4. Debugging and Logs

If the above steps do not resolve the issue, collect logs and debug information to identify the root cause:

  • Check the logs on the APIC:

    show logging

  • Check the status of the POD2 devices:

    show fabric membership

  • Look for any errors related to time synchronization or multipod communication.

5. Upgrade to a Stable Version

ACI version 15.2 might have bugs or issues related to multipod setups. If the problem persists, consider upgrading to a more stable version of ACI (if available) after checking the Cisco release notes for known issues and fixes.

Summary

  • Use sudo or switch to the root user to execute the setup-date.sh command.
  • Ensure NTP is configured and working correctly across all devices.
  • Manually set the time if NTP is not working.
  • Verify the multipod configuration and IPN connectivity.
  • Collect logs and debug information if the issue persists.

By addressing the time synchronization issue, you should be able to bring the POD2 devices into an active state. Let me know if you need further assistance!

Hope This Helps!!!

 

AshSe

Forum Tips: 

  1. Insert photos/images inline - don't attach.
  1. Always mark helpful and correct answers, it helps others find what they need.
  2. For a prompt reply, kindly tag @name. An email will be automatically sent to the member.
0 Helpful

MalavSharma
Level 1
Level 1
In response to AshSe

‎12-19-2024 03:23 AM

Hi AshSe

 

Option 1 is not working . Direct "sudo su" command is not getting accepted but "su" command is working in Switches , then its asking for password, but there is no password only . on the switches and empty password not working.

0 Helpful

AshSe
VIP
VIP

‎01-07-2025 01:34 AM

Hello @MalavSharma 

It seems like the switches are configured in a way that does not allow you to switch to the root user (su) or use sudo directly. This is a common scenario in Cisco ACI environments, as the switches (spines and leaves) are designed to have restricted access for security reasons. By default, Cisco ACI switches do not allow direct root access or passwordless su commands.

Since you cannot use sudo or su to execute the setup-date.sh script, you will need to address the time synchronization issue using alternative methods. Below are some steps to resolve the issue:

1. Use the Built-in Commands to Set the Time

Cisco ACI switches (spines and leaves) do not typically allow direct execution of Linux-level scripts like setup-date.sh. Instead, you can use the built-in clock command to manually set the time on the switches.

Steps:

  1. Log in to the spine or leaf switch CLI.
  2. Use the clock set command to manually set the time:
    clock set <hh:mm:ss> <month> <day> <year>
    For example:
    clock set 10:30:00 Jan 7 2025
  3. Verify the time after setting it:
    show clock

This will temporarily fix the time difference issue. However, this is not a permanent solution, as the time may drift again if NTP is not configured.

2. Configure NTP on the Switches

The best way to resolve time synchronization issues is to configure NTP (Network Time Protocol) on all devices in the fabric, including the spines and leaves in POD2. This ensures that the time is automatically synchronized across all devices.

Steps:

  1. Log in to the APIC.
  2. Navigate to System > System Settings > NTP in the GUI.
  3. Add a reliable NTP server (e.g., a public NTP server or an internal NTP server in your network).
  4. Ensure that all devices in POD1 and POD2 are using the same NTP server.

Once NTP is configured, the time on all devices should automatically synchronize.

3. Verify NTP Status

After configuring NTP, verify that the switches in POD2 are synchronized with the NTP server.

Command:

On the spine or leaf switches, run:

show ntp

This will display the NTP status and confirm whether the device is synchronized with the NTP server.

4. Check for Connectivity Issues

If NTP is configured but the time is still not synchronized, there may be connectivity issues between the switches and the NTP server. Verify the following:

  • Ensure that the switches in POD2 can reach the NTP server (e.g., by using ping or traceroute commands).
  • Check the IPN (Inter-Pod Network) configuration to ensure that multicast and unicast traffic is allowed between POD1 and POD2.

5. Workaround for setup-date.sh

If you still want to use the setup-date.sh script but cannot gain root access, you can try the following workaround:

  1. Check the Script Location:

    • Locate the setup-date.sh script on the switch. It is usually found in /usr/local/bin/ or a similar directory.

  2. Run the Script as a Non-Root User:

    • If the script does not require root privileges for all operations, you may be able to run it as the current user:
      ./setup-date.sh

  3. Modify the Script:

    • If you have access to the script, you can modify it to remove any commands that require root privileges. However, this is not recommended unless you fully understand the script's functionality.

6. Contact Cisco TAC

If none of the above solutions work, and you are still unable to resolve the issue, it is recommended to contact Cisco TAC (Technical Assistance Center) for further assistance. They can help you troubleshoot the issue and provide guidance specific to your ACI version (15.2) and environment.

Summary

  • Use the clock set command to manually set the time on the switches.
  • Configure NTP on all devices in the fabric to ensure automatic time synchronization.
  • Verify NTP status and check for connectivity issues.
  • If necessary, contact Cisco TAC for further support.

Let me know if you need additional help!

 

Hope This Helps!!!

 

AshSe

Forum Tips: 

  1. Insert photos/images inline - don't attach.
  2. Always mark helpful and correct answers, it helps others find what they need.
  3. For a prompt reply, kindly tag @name. An email will be automatically sent to the member.
0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card

Save 25% on Day-2 Operations Add-On License