NTP Authentication 15 character limit?

R_Acuti · ‎07-10-2019

Hey all,

We've bought some Nexus 3172 switches for our data center.

Our NTP appliances generate a random key for NTP authentication. We cannot alter these keys in any way. We use the keys that appliance generates. These keys are greater than 15 characters.

When we attempt to apply the keys to the Nexus 3172, using the "ntp authentication-key" command, we get a "string exceeds max length of 15" error. We're using the latest NXOS of NX.7.0.3.I7.6.bin which shows an NTP version of 4.2.6P2.

All of our other Cisco products allow us to use NTP authentication keys greater than 15 characters. Are we doing something wrong? Would a earlier NXOS allow us to use a longer key?

Appreciate any advice!

Seb Rupik · ‎07-10-2019

Hi there,

Looking back through the configuration guides, if you went to an earlier release <5.2(3) you would end up with a limit of only 8 alphanumerics.

You need to be using >7.3(0)D1(1) to be able to use 32 alphanumerics.

Oddly if you jump to 9.x release for the Nexus 3000 you go back to 8 characters. It would be reassuring that there was some sane reason for this limitation between versions!

cheers,

Seb.

R_Acuti · ‎07-11-2019

Hi Seb,

7.3 is shown as for 7000 series, not the 3000's which is where I'm having my difficulties. Your point is well taken though. We are looking for an NXOS for the 3000 series that is analogous to 7.3. If we find one, we'll try it and report back on the results.