Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2022
Views
0
Helpful
5
Replies

3800 as NTP server

saurabh joshi
Level 1
Level 1

‎09-02-2011 02:57 AM - edited ‎03-04-2019 01:29 PM

I am trying to configure cisco 3800 as NTP server for all Juniper MX router clients

Perpose is to server the clock to all Juniper routers.

But i m facing weird issue.. All Juniper routers are getting synch with Cisco 3800 but there is difference of 30 mins between client and server time.

Cisco config

ntp authentication-key 100 md5 11201D00163B0C1E 7

ntp trusted-key 100

ntp source Loopback1

ntp master

end

pls suggest

Labels:
0 Helpful
5 Replies 5

lgijssel
Level 9
Level 9

‎09-02-2011 03:26 AM

What timezone(s) are the systems in?

There should be (or was) a part of the world where the differnce between timezones is 30 mins.

I believe it is somewhere in the south pacific.

Either you are operating in that theater or the time zones on the J-boxes are misconfigured.

regards,

Leo

0 Helpful

Amit Aneja
Level 3
Level 3

‎09-02-2011 06:29 AM

Saurabh,

As Leo mentioned that either the timezone configuration is different on Cisco & juniper.

If that's not an issue, please share the following o/p from Cisco router:

show ntp status

show ntp asso det

show ver

Regards,

Amit

0 Helpful

ajoseph_usmc
Level 1
Level 1
In response to Amit Aneja

‎12-07-2011 03:16 PM

I am having a similar issue, except that my Juniper devices will not synch with the Cisco NTP server at all ...

I don't see how showing ntp association detail will help, as that only shows servers that the local NTP client is associated with, and not what remote NTP clients (Junipers) are synchronizing with the local NTP server (Cisco IOS NTP server). The debug output has not been especially helpful either ... (below)

ios-ntp# show run | i ntp

ntp authentication-key 70 md5 encryptedkey 7
ntp trusted-key 70
ntp clock-period 17365569
ntp source Loopback10

ntp access-group peer 93
ntp master 2

ios-ntp# show ip access 93
Standard IP access list 93

    20 permit 2.2.0.5 (217 matches)
    80 deny   any log (34312 matches)

jun-client# run show configuration | display set | match ntp
set system ntp authentication-key 70 type md5
set system ntp authentication-key 70 value "encryptedkey"
set system ntp server 1.1.1.1
set system ntp trusted-key 70

{master:0}[edit]

jun-client# run show ntp associations   
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
1.1.1.1   .INIT.          16 -    - 1024    0    0.000    0.000 4000.00

ios-ntp#show logg | b 2.2.0.5

Dec  7 23:01:49 192.156.34.96 13281366: 13265494: Dec  7 23:01:49 GMT: NTP: rcv packet from 2.2.0.5 to 1.1.1.1 on Loopback10:

Dec  7 23:01:49 192.156.34.96 13281367: 13265495: Dec  7 23:01:49 GMT:  leap 3, mode 3, version 4, stratum 0, ppoll 128

Dec  7 23:01:49 192.156.34.96 13281368: 13265496: Dec  7 23:01:49 GMT:  rtdel 0000 (0.000), rtdsp 005A (1.373), refid 494E4954 (73.78.73.84)

Dec  7 23:01:49 192.156.34.96 13281369: 13265497: Dec  7 23:01:49 GMT:  ref 00000000.00000000 (00:00:00.000 GMT Mon Jan 1 1900)

Dec  7 23:01:49 192.156.34.96 13281370: 13265498: Dec  7 23:01:49 GMT:  org 00000000.00000000 (00:00:00.000 GMT Mon Jan 1 1900)

Dec  7 23:01:49 192.156.34.96 13281371: 13265499: Dec  7 23:01:49 GMT:  rec 00000000.00000000 (00:00:00.000 GMT Mon Jan 1 1900)

Dec  7 23:01:49 192.156.34.96 13281372: 13265500: Dec  7 23:01:49 GMT:  xmt D23791F2.CDFD86E9 (02:33:22.804 GMT Thu Oct 6 2011)

Dec  7 23:01:49 192.156.34.96 13281373: 13265501: Dec  7 23:01:49 GMT:  inp D28A6EDD.36872B98 (23:01:49.213 GMT Wed Dec 7 2011)

Dec  7 23:01:49 192.156.34.96 13281374: 13265502: Dec  7 23:01:49 GMT: NTP: stateless xmit packet to 2.2.0.5:

Dec  7 23:01:49 192.156.34.96 13281375: 13265503: Dec  7 23:01:49 GMT:  leap 0, mode 4, version 4, stratum 2, ppoll 128

Dec  7 23:01:49 192.156.34.96 13281376: 13265504: Dec  7 23:01:49 GMT:  rtdel 22C9 (135.880), rtdsp 00CB (3.098), refid C0052928 (1.1.41.40)

Dec  7 23:01:49 192.156.34.96 13281377: 13265505: Dec  7 23:01:49 GMT:  ref D28A6EC7.26A7F008 (23:01:27.151 GMT Wed Dec 7 2011)

Dec  7 23:01:49 192.156.34.96 13281378: 13265506: Dec  7 23:01:49 GMT:  org D23791F2.CDFD86E9 (02:33:22.804 GMT Thu Oct 6 2011)

Dec  7 23:01:49 192.156.34.96 13281379: 13265507: Dec  7 23:01:49 GMT:  rec D28A6EDD.36872B98 (23:01:49.213 GMT Wed Dec 7 2011)

Dec  7 23:01:49 192.156.34.96 13281380: 13265508: Dec  7 23:01:49 GMT:  xmt D28A6EDD.36872B98 (23:01:49.213 GMT Wed Dec 7 2011)

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame

‎12-07-2011 03:45 PM 

ntp master 2

Try to avoid using this command.

Next, where are you getting a definitive NTP source?

0 Helpful

ajoseph_usmc
Level 1
Level 1
In response to Leo Laohoo

‎12-07-2011 05:02 PM

I left our definitive NTP stratum 1 source out, though we do have one to which the Cisco router is synched. You can actually see it in the reply from the debug ntp packet: 1.1.41.40.

My problem was easy ... everything was actually configured correctly, I just had a firewall filter on the Juniper to which I needed to add the IP address of the IOS NTP server for the return traffic.

set firewall family inet filter 70 term T1 from source-address 1.1.1.1

Then the Juniper synched right up.

0 Helpful
Customers Also Viewed These Support Documents