Why does router synch to non-preferred NTP server?

jmellone · ‎02-10-2006

All,

I set up NTP on one router such that it prefers the local NTP time source and will use the remote NTP time source as a backup. Why doesn't it synch to the preferred time source? Is it because the preferred time source is stratum 1 and the backup is stratum 2? The router itself is stratum 2. I can see the stratums with "show ntp association". I know there are debug commands for ntp, but which one do I use, and what do I look for?

ntp source Loopback0

ntp update-calendar

ntp server 10.a.70.198 prefer (local-stratum2)

ntp server 10.b.70.4 (remote-stratum1)

- Jennifer Mellone

pkhatri · ‎02-10-2006

Hi Jennifer,

Would you be able post the output of show ntp associations and show ntp status.

Also, have you tried with just a single NTP server (the preferred one) to see if it works at all ?

Paresh

nethelper · ‎02-11-2006

Hello,

the default version of NTP Cisco routers is version 3, some (Internet) NTP servers are running version 2, so you might want to try:

´ntp server x.x.x.x prefer version 2´

and see if your preferred time source synchronizes then.

Regards,

Nethelper

Richard Burts · ‎02-11-2006

It would be helpful to verify IP connectivity to the preferred NTP server. Use extended ping (so you can specify the source address) and specify the destination as the address of the server and specify the source address as the loopback (which is what your NTP packets will be addressed from).

I have recently seen a situation where an NTP server (router) was configured with an access list that controlled addresses to which it would offer time. It might be worth it to check the preferred server and make sure that it is not configured with restrictions.

HTH

Rick

HTH

Rick

jmellone · ‎02-24-2006

Hello,

I tried setting it to ntp version 1, 2, 3 to see if it made the difference. No dice.

The preferred NTP server is simply a Unix platform.

There are no access lists on this router where NTP is configured. I can ping the NTP server just fine, but I'll have to go back and try the extended ping.

Here is the output after I went back to my normal config:

!

ntp clock-period 17180011

ntp source Loopback0

ntp update-calendar

ntp server 10.32.70.198 prefer

ntp server 10.34.70.4

no cns aaa enable

end

#sh ntp as

address ref clock st when poll reach delay offset disp

+~10.32.70.198 144.115.52.11 2 39 1024 377 1.3 -5.69 0.0

*~10.34.70.4 .GPS. 1 861 1024 377 64.8 0.00 0.0

10.34.4.1 10.34.70.4 2 3d 1024 0 61.9 0.41 16000.

* master (synced), # master (unsynced), + selected, - candidate, ~ configured

#sh ntp stat

Clock is synchronized, stratum 2, reference is 10.34.70.4

nominal freq is 250.0000 Hz, actual freq is 249.9979 Hz, precision is 2**24

reference time is C7A9E4F4.FC86315C (20:03:00.986 UTC Fri Feb 24 2006)

clock offset is 0.0000 msec, root delay is 64.79 msec

root dispersion is 4.18 msec, peer dispersion is 4.18 msec

Richard Burts · ‎02-25-2006

Jennifer

It might be interesting to see the results of the extended ping, but I believe that the output of show ntp association indicates that your router is communicating successfully with the server 10.32.70.198 (since we see what its reference clock is).

I believe that the output you posted gives some insight into the problem: your router is at stratum 2 which means that the server 10.34.70.4 is stratum 1 (which is probably supported by the indication that its reference clock is GPS). What stratum is the server 10.32.70.198? Unless it is also a stratum 1 server we may have the explanation for the observed behavior. If your router is learning time from a stratum 1 server and from a server at a lesser stratum, it will prefer the stratum 1.

HTH

Rick

HTH

Rick

jmellone · ‎02-27-2006

Hi Rick and Group,

I did the extended ping from the router just for grins, and the NTP server is reachable from the router's source lo0.

What you said makes sense, that the router would select a stratum 1 source (GPS) over a stratum 2 source (Unix box) even if the local Unix box is preferred.

But when I change the config to get rid of the alternate source (GPS), the router synchs to nothing, as shown below:

no ntp server 10.34.70.4:

ntp clock-period 17180011

ntp source Loopback0

ntp update-calendar

ntp server 10.32.70.198 prefer

#sh ntp assoc

address ref clock st when poll reach delay offset disp

+~10.32.70.198 144.115.52.11 2 484 1024 377 1.6 -2.98 0.9

10.34.4.1 10.34.70.4 2 6d 1024 0 61.9 0.41 16000.

* master (synced), # master (unsynced), + selected, - candidate, ~ configured

#sh ntp stat

Clock is unsynchronized, stratum 16, no reference clock

nominal freq is 250.0000 Hz, actual freq is 249.9979 Hz, precision is 2**24

reference time is C7AE0443.393FEB24 (23:05:39.223 UTC Mon Feb 27 2006)

clock offset is 0.8374 msec, root delay is 64.83 msec

root dispersion is 3.34 msec, peer dispersion is 2.52 msec

- Jennifer

Richard Burts · ‎02-28-2006

Jennifer

The fact that the show ntp association shows that the router knows the reference clock from the ntp server is an indication that they are communicating. I am puzzled about why the router is not getting in sync. Would you be able to post the output of show ntp association detail? Perhaps there will be some clue in that output.

Another suggestion might be to save this config and reboot the router. I have seen some situations where ntp did not want to sync and after a reboot it got sync just fine.

HTH

Rick

HTH

Rick