cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

221
Views
0
Helpful
8
Replies
Beginner

NTP stratum is 6 , need to minimize the stratum to 3

Hi all,

I am using my core switch cisco 4500E as NTP server for CUCM servers . the core switch sync its time with WAN firewall by stratum 6  which makes the core switch as stratum 7 for CUCM servers and this is not accepted.

how to make the core switch shows a valid NTP server with stratum 3 to my CUCM servers? 

8 REPLIES 8
Rising star

Re: NTP stratum is 6 , need to minimize the stratum to 3

 

 - First of all you would be violating the NTP protocol by this requirement and introduce a 'spoofed' server to the CUCM servers. Besides that the NTP protocol must support 16-stratum levels. If the CUCM servers don't want  that then they are at fault and the problem should be  resolved at their site of the fence....

 M.

Beginner

Re: NTP stratum is 6 , need to minimize the stratum to 3

Thanks Marce ,
cisco call manager wants the stratum with maximum level 5 it is not fault.
cisco call manager can sync its time with any level under 16 however cisco recommend to keeb it under level 6
Highlighted
Rising star

Re: NTP stratum is 6 , need to minimize the stratum to 3

 

 - Consider this to be a recommendation only.

    M.

Collaborator

Re: NTP stratum is 6 , need to minimize the stratum to 3

Hi,

You need to configure your core switch or WAN firewall to sync with an NTP server with better stratum.

What is the firewall syncing to? If the firewall is syncing to the Internet, you should be able to find stratum 1 servers.

Ideally, you should be able to buy your own stratum 1 appliance for you network

 

Thanks

John

**Please rate posts you find helpful**
Beginner

Re: NTP stratum is 6 , need to minimize the stratum to 3

Thanks Johnd ,
the main NTP server is in HQ and my firewall sync with . the problem is there is many firewalls on the path so my local Firewall sees the NTP with level 5 . I can NOT use stratum 1 locally as there is security constraints only I can use the NTP through HQ-WAN link.
I thought there is way to force my core switch to act as lower Stratum level.
Rising star

Re: NTP stratum is 6 , need to minimize the stratum to 3

                >I thought there is way to force my core switch to act as lower Stratum level.

 - Because of the solidness of the NTP standard that is both not allowed and not possible.

 M.

Collaborator

Re: NTP stratum is 6 , need to minimize the stratum to 3

Hi,

If the NTP server is in HQ why can you not point your switch to the NTP server in HQ instead of the firewall?

 

Thanks

John

**Please rate posts you find helpful**
Beginner

Re: NTP stratum is 6 , need to minimize the stratum to 3

Hi Johnd ,
for security reason , the access is allowed only to WAN-firewall to reach the HQ-NTP server . the devices behind wan-FW in all branches are not alllowed to communicate directly with HQ-NTP server.
CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards