10-15-2012 02:16 AM
Hi Networkers,
I would like your help on diagonosis the NTP problem on a 6500 switch.
I have configured a single NTP public server and three peers on Switch 'A' and two server and two peer on the 6500 switches with the following straight forward commands. The "sh ntp association" shows the switches are sync with NTP server xx.xx.xx.xx.
ntp logging
ntp clock-period xxx
ntp source Loopback0
ntp access-group peer x
ntp access-group serve-only x
ntp update-calendar
ntp server xx.xx.xx.xx
ntp peer x.x.x.x
ntp peer y.y.y.y
ntp peer z.z.z.z
On switch 'A', I see following NTP logging 7-8 times a day "NTP synced to peer" but on the second switch, it is quite stable, I dont see such messages on switch A. both switch A (12.2(50r)SYS2) & B (12.2(17r)SX3) uses different IoS.
Oct 15 08:36:41.324: %NTP-5-PEERSYNC: NTP synced to peer xx.xx.xx.xx
Please help me why I see different behaviour provided the same ntp server is configured on both switch ?
Regards,
Umair
Message was edited by: Syed Umair Ali
10-15-2012 02:25 AM
DId u check the link that is being used by NTP server to access server time..??
If there is no issue with that then it could be issue with the IOS on switch A.
Can you post show ntp assosciation of both the switches..
Regards,
Amit
********Keep rated helpful posts*******
10-15-2012 05:30 AM
Hi
here is the output of sh ntp associations. I dont understand why switch keep on coming with "peersync" when there is no reachability issues. What could be the reason of "peersync" log messags ?
switch A#sh ntp associations
address ref clock st when poll reach delay offset disp
*~xx.xx.xx.xx .GPS. 1 743 1024 357 32.0 -5.77 16.4
+~192.x.x.xx x.x.x.x 2 987 1024 376 17.2 6.05 24.3
+~192.xx.x.xx x.x.x.x 2 532 1024 377 0.8 -2.27 16.1
+~192.xx.xx.xx x.x.x.x 2 448 1024 332 0.2 -0.62 6.7
* master (synced), # master (unsynced), + selected, - candidate, ~ configured
swictB #sh ntp associations
address ref clock st when poll reach delay offset disp
*~x.x.x.x. .GPS. 1 502 512 377 29.642 -1.229 11.017
-~x.x.x.x. x.x.x.x. 2 441 512 377 0.725 0.926 12.927
-~x.x.x.x x.x.x.x 2 463 512 377 0.900 0.039 11.034
+~y.y.y.y .GPS. 1 3 256 377 21.414 -0.518 9.115
* sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured
One thing to add here is the switch B is having 2 server & 2 peer while switch A has one server and two peer.
Message was edited by: Syed Umair Ali
10-15-2012 05:56 AM
Dear Syed,
You can
TRY THIS:
1. Make sure that above mentioned NTP server(s) is reachable by pinging the server
IP address(es).
2. Issue the command
show ntp status
on the server(s) to make sure that NTP server
has synched itself. If it is not synched, verify the server NTP configuration.
The
show ntp status
of the server should display a status of 'sync' before
clients can sync their clock with the server. If the NTP server is not synchronized
itself try to disable and re-enable the NTP configuration on the server.
3. Verify that the 'stratum' value configured on the server is valid for your setup.
Configure a high stratum number to ensure that this router does not override
the clock on another system with a lower stratum number. The lower stratum number
indicates a more reliable clock.
4. If authentication is configured between the server and the client, make sure
that authentication-key
number
and md5
key
value matches. Also, verify that
the command
ntp server {server_address} key {key}
is included in the client
configuration.
5. Make sure that NTP packets are not blocked by the access-list statement
switch A#sh ntp associations
address ref clock st when poll reach delay offset disp
*~xx.xx.xx.xx .GPS. 1 743 1024 357 32.0 -5.77 16.4
+~192.x.x.xx x.x.x.x 2 987 1024 376 17.2 6.05 24.3
+~192.xx.x.xx x.x.x.x 2 532 1024 377 0.8 -2.27 16.1
+~192.xx.xx.xx x.x.x.x 2 448 1024 332 0.2 -0.62 6.7
* master (synced), # master (unsynced), + selected, - candidate, ~ configured
swictB #sh ntp associations
address ref clock st when poll reach delay offset disp
*~x.x.x.x. .GPS. 1 502 512 377 29.642 -1.229 11.017
-~x.x.x.x. x.x.x.x. 2 441 512 377 0.725 0.926 12.927
-~x.x.x.x x.x.x.x 2 463 512 377 0.900 0.039 11.034
+~y.y.y.y .GPS. 1 3 256 377 21.414 -0.518 9.115
* sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured
TRY THIS:
1. Make sure that above mentioned NTP server(s) is reachable by pinging the server
IP address(es).
2. Issue the command show ntp status on the server(s) to make sure that NTP server
has synched itself. If it is not synched, verify the server NTP configuration.
The show ntp status of the server should display a status of 'sync' before
clients can sync their clock with the server. If the NTP server is not synchronized
itself try to disable and re-enable the NTP configuration on the server.
3. Verify that the 'stratum' value configured on the server is valid for your setup.
Configure a high stratum number to ensure that this router does not override
the clock on another system with a lower stratum number. The lower stratum number
indicates a more reliable clock.
4. If authentication is configured between the server and the client, make sure
that authentication-key number and md5 key value matches. Also, verify that
the command ntp server {server_address} key {key} is included in the client
configuration.
5. Make sure that NTP packets are not blocked by the access-list statement
If all these statement is not helpful then do a ping long reply ping test to check the stability of the network...
Hope this would be helpful to you...
And aaccording to the output--
switch A#sh ntp associations
address ref clock st when poll reach delay offset disp
*~xx.xx.xx.xx .GPS. 1 743 1024 357 32.0 -5.77 16.4
+~192.x.x.xx x.x.x.x 2 987 1024 376 17.2 6.05 24.3
+~192.xx.x.xx x.x.x.x 2 532 1024 377 0.8 -2.27 16.1
+~192.xx.xx.xx x.x.x.x 2 448 1024 332 0.2 -0.62 6.7
* master (synced), # master (unsynced), + selected, - candidate, ~ configured
swictB #sh ntp associations
address ref clock st when poll reach delay offset disp
*~x.x.x.x. .GPS. 1 502 512 377 29.642 -1.229 11.017 <<<<<
-~x.x.x.x. x.x.x.x. 2 441 512 377 0.725 0.926 12.927
-~x.x.x.x x.x.x.x 2 463 512 377 0.900 0.039 11.034
+~y.y.y.y .GPS. 1 3 256 377 21.414 -0.518 9.115
* sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured
You can refer below diagnostics link that may help you---
http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080a23d02.shtml
https://supportforums.cisco.com/docs/DOC-1263
Hope all will be helpful to u...
Please keep us updated about ur issue and if solved then pls inform...and rate the helpful post...
Amit
10-15-2012 06:24 AM
Hi Amit
you deadly pointed the cause and I can see the peer-sync logs on switch A. but the question is why switch A has synching problem while Switch B doesnot ?
Regards,
Umair
10-15-2012 08:44 AM
Umair,
I have seen ur show ntp associations command on primary switch and found the port number is not right as it should 377.
Please use debug commands mentioned in the second link...it will definitely help you to indentify the issue...
Let me know ur further steps..
Amit
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide