cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
7225
Views
1
Helpful
1
Replies

NTP: Invalid_NAK

ChuckMcF
Level 1
Level 1

We recently stood up two new Linux NTP servers. They are serving time to the network without issue until we add the MD5 key. Once we do we get the following error:

NTP Core(INFO): 10.1.1.1 C01C 8C bad_auth Invalid_NAK
NTP Core (ERROR): Invalid-NAK error at 79049 192.168.1.1<-10.1.1.1

 

Does anyone know what an invalid NAK is? I can only think that NAK stands for NTP Authentication Key but not sure and I've found nothing on Google. We've narrowed the issue to the Linux server however I'd love to know what this error message means. If anyone has a Linux background and could share some thoughts they would be appreciated as well.

Thank you,
Chuck

Additional information:

Please see the attached drawing and configs for a simplified version of our network.

The SDA to Fusion Router NTP syncs without issue using the MD5 key. Also the Fusion Routers sync to the OLD NTP servers (Linux) without issue.

When we compare the configs in the NEW Linux NTP servers to the OLD they are the same. We have verified that the MD5 keys are configured the same as the are on the switch.

 

1 Reply 1

darolwmoore
Level 1
Level 1

Hi Chuck, I have also had this exact same error recently, this is caused by a mismatch of the authentication key number between server and client.

Eg - I had configured

NTP authentication-key 1 md5 xxxxx

NTP trusted-key 1 

NTP server x.x.x.x key 1

 

This is incorrect as key value on the server side is 9

To correct I needed

NTP authentication-key 9 md5 xxxxx

NTP trusted-key 9

NTP server x.x.x.x key 9

 

Hope this helps

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: