Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
733
Views
0
Helpful
3
Replies

NTP through CSS

emilyharris
Level 1
Level 1

‎06-02-2005 06:44 AM

I can see from the threads in the forum that it is a bit of a struggle to get servers behind the CSS to successfully hit time (NTP) servers out in the real world. I want the four servers behind the CSS to each hit an outside server independantly.

I did read this thread, and implemented this workaround:

http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Emerging%20Technologies&topic=Content%20Networking&CommCmd=MB%3Fcmd%3Dpass_through%26location%3Doutline%40%5E1%40%40.ee905c2

Of course, the workaround only allows one server to synchronize time. It would work for us this way - we could set the one server as the NTP server for the remaining 3 behind the CSS, but for me it isn't ideal; I'd rather each server hit the NTP on the outside world.

Are there any additional solutions / workarounds to this issue?

Thank you!

Labels:
0 Helpful
3 Replies 3

Gilles Dufour
Cisco Employee
Cisco Employee

‎06-03-2005 12:03 AM

could you disable source nating for NTP ?

Could you nat each server to a different ip ?

Do you control the source port of NTP application ?

The problem is the source port being equal to destination port 123, the fact that all servers uses the same source port and finally the source nating.

If you can change one of these parameters it will work.

Gilles.

0 Helpful

emilyharris
Level 1
Level 1
In response to Gilles Dufour

‎06-03-2005 08:29 AM

If I disable source nating for NTP, how will the server behind the CSS get NTP from the outside world?

Theoretically I could NAT each server to a different IP, but am I able to then to make four content rules, each for NTP, each for a different VIP, and a different inside server? And I just answered my question while typing, which is yes, of course I can...I'll have to think about that.

We don't control the NTP source port, that isn't an option.

I like the ability to use ONE external IP address for all servers to talk to the outside world, instead of one per server. I'll mull this whole thing over.

Thanks, Gilles!

0 Helpful

jfoerster
Level 4
Level 4
In response to emilyharris

‎08-09-2005 12:22 AM

HI emily,

have you solved that? if not is the CSS/the servers behind a Firewall? If yes just do source-nat on the firewall (offer an internal address on the firewall for that purpose) and let all servers access this IP and that this one to a certain outside IP and use the CSS as a "router" towards the internet via the firewall.

Kind regards,

joerg

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card