Solved: Re: NTP Peer NXOS

Steven-Williams-83 · ‎09-25-2023

Where is this 127 address coming from in my ntp peer list?

93180-01-CORE# show ntp peer-status
Total peers : 6
* - selected for sync, + - peer mode(active),
- - peer mode(passive), = - polled in client mode
remote local st poll reach delay vrf
-----------------------------------------------------------------------------------------------------------------------
=10.20.0.202 172.24.254.9 2 64 377 0.00191default
=10.254.6.26 172.24.254.9 16 64 0 0.00000default
*127.127.1.0 172.24.254.9 3 64 377 0.00000
=10.20.0.222 172.24.254.9 2 64 377 0.00175default
=172.24.0.200 172.24.254.9 1 64 377 0.00050default
=172.24.0.201 172.24.254.9 2 64 377 0.00060default
93180-01-CORE# show run | sec ntp
ntp server 10.20.0.202 use-vrf default
ntp server 10.20.0.222 use-vrf default
ntp server 10.254.6.26 prefer use-vrf default
ntp server 172.24.0.200 use-vrf default
ntp server 172.24.0.201 use-vrf default
ntp source-interface loopback0
ntp logging
ntp master 3
93180-01-CORE#

Richard Burts · ‎10-14-2023

The most important part of the partial config that you posted is this "ntp master 3". Unless you find a stratum 1 or 2 peer then you declare that your device is the master. The 127 address is used when you are the master. I suggest that you remove the ntp master command or reconfigure it to use a much lower priority.

HTH

Rick

View solution in original post

M02@rt37 · ‎09-25-2023

Hello @Steven-Williams-83,

The address 127.127.1.0 is reserved for this purpose in NTP, and it's used when a direct external time source isn't available. In your configuration, line "*127.127.1.0 172.24.254.9 3 64 377 0.00000" indicates that this local reference clock (127.127.1.0) is selected for synchronization.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

Steven-Williams-83 · ‎09-25-2023

But local to what? I want my nexus to look upstream to my firewall.

M02@rt37 · ‎09-25-2023

@Steven-Williams-83

Because ntp sync to your Firewall is unavailable, Nexus sync to "itself".

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

Steven-Williams-83 · ‎09-25-2023

But that doesn't make sense If I want to build a ntp tree. You wouldnt want your nexus syncing to itself but yet an internal strat 2 or 3.

M02@rt37 · ‎09-25-2023

Yes @Steven-Williams-83 you're correct.

Please delete all ntp config and reconfigure first ntp server commands to see if your nexus choose Firewall IP address as ntp server (prefer).

After that check if nexus is synchronised thanks to the desired ntp server and after add your ntp master 3 command.

Check again.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

MHM Cisco World · ‎09-25-2023

I send you message can check it

Steven-Williams-83 · ‎10-10-2023

i sent info.

Richard Burts · ‎10-14-2023

The most important part of the partial config that you posted is this "ntp master 3". Unless you find a stratum 1 or 2 peer then you declare that your device is the master. The 127 address is used when you are the master. I suggest that you remove the ntp master command or reconfigure it to use a much lower priority.

HTH

Rick

Richard Burts · ‎11-01-2023

I am glad that our suggestions have been helpful. Thank you for marking this question as solved. This will help other participants in the community to identify discussions which have helpful information. This community is an excellent place to ask questions and to learn about networking. I hope to see you continue to be active in the community.

HTH

Rick

MHM Cisco World · ‎10-15-2023

So NTP tree will be

FW(server)-NSK('client) and NSK(master) for other network device.

There are free IP you use which one is the FW IP

Also master st 3 and it critical for some NTP server' so instead increase st to be 17 or more ( there is server use st 16).

And check again.