Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
849
Views
5
Helpful
1
Replies

how to find if nexus switch is using ntpv1?

gavinhans
Level 1
Level 1

‎08-28-2020 02:33 PM

how to find if nexus switch is using ntpv1? or receiving ntpv1 packets?

Labels:
0 Helpful
1 Reply 1

Christopher Hart
Cisco Employee
Cisco Employee

‎09-07-2020 05:53 AM

Hi Gavin!

Based on my research, there does not appear to be any NTP CLI command that explicitly shows the version of NTP packets being sent to a peer or received from a peer.

However, one can use the Ethanalyzer control plane packet capture utility to capture NTP traffic matching a specific NTP version number. An example of this is shown below from my lab, where the switch owns an IP address of 192.0.2.10 and is configured to poll time via NTPv2 from 192.0.2.20 and 192.0.2.21.

RTP-HOM-VTEP-1# ethanalyzer local interface mgmt display-filter ntp.flags.vn==2 limit-captured-frames 0
Capturing on mgmt0
2020-09-07 12:48:10.018899 192.0.2.10 -> 192.0.2.20 NTP NTP client
2020-09-07 12:48:10.027238 192.0.2.20 -> 192.0.2.10 NTP NTP server
2020-09-07 12:48:12.018793 192.0.2.10 -> 192.0.2.20 NTP NTP client
2020-09-07 12:48:12.027296 192.0.2.20 -> 192.0.2.10 NTP NTP server
2020-09-07 12:48:14.018801 192.0.2.10 -> 192.0.2.20 NTP NTP client
2020-09-07 12:48:14.027228 192.0.2.20 -> 192.0.2.10 NTP NTP server
2020-09-07 12:48:16.018820 192.0.2.10 -> 192.0.2.20 NTP NTP client
2020-09-07 12:48:16.027353 192.0.2.20 -> 192.0.2.10 NTP NTP server
2020-09-07 12:48:25.018707 192.0.2.10 -> 192.0.2.21 NTP NTP client
2020-09-07 12:48:25.025964 192.0.2.21 -> 192.0.2.10 NTP NTP server
2020-09-07 12:48:27.018905 192.0.2.10 -> 192.0.2.21 NTP NTP client
2020-09-07 12:48:27.025959 192.0.2.21 -> 192.0.2.10 NTP NTP server
2020-09-07 12:48:29.018692 192.0.2.10 -> 192.0.2.21 NTP NTP client
2020-09-07 12:48:29.025933 192.0.2.21 -> 192.0.2.10 NTP NTP server
2020-09-07 12:48:31.018704 192.0.2.10 -> 192.0.2.21 NTP NTP client
2020-09-07 12:48:31.026100 192.0.2.21 -> 192.0.2.10 NTP NTP server

16 packets captured

Note that the above command will only capture NTPv2 traffic sent and received on the switch's mgmt0 interface. If you are polling time via NTP through an inband interface (such as a routed interface or an SVI), you will need to use the below command:

switch# ethanalyzer local interface inband display-filter ntp.flags.vn==2 limit-captured-frames 0

If you would like to see if the switch is receiving any NTPv1 traffic via inband interfaces, you can use the below command:

switch# ethanalyzer local interface inband display-filter ntp.flags.vn==1 limit-captured-frames 0

If you would like to see if the switch is receiving any NTPv1 traffic via the mgmt0 interface, you can use the below command:

switch# ethanalyzer local interface mgmt display-filter ntp.flags.vn==1 limit-captured-frames 0

I hope this helps - thank you!

 

-Christopher

Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card