Re: Clock is unsynchronized, stratum 16, no reference clock

Sharanjeet_Kumar · ‎06-04-2025

Hi,

I have a cisco 9200 switch which is not syncing to NTP server (Linux based).

No firewall is in between switch and NTP server

Switch is able to ping NTP server IP

Using management vlan, not an vrf

Switch9200#sh ntp status
Clock is unsynchronized, stratum 16, no reference clock
nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**10
ntp uptime is 6003500 (1/100 of seconds), resolution is 4000
reference time is 00000000.00000000 (05:30:00.000 IST Mon Jan 1 1900)
clock offset is 0.0000 msec, root delay is 0.00 msec
root dispersion is 900.53 msec, peer dispersion is 0.00 msec
loopfilter state is 'NSET' (Never set), drift is 0.000000000 s/s
system poll interval is 8, never updated.

-----------------------------------------

Switch9200#sh ntp associations

address ref clock st when poll reach delay offset disp
~192.168.100.19 .TIME. 16 - 64 0 0.000 0.000 15937.
* sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured

----------------------------------------

switch9200#sh ntp packets
Ntp In packets : 0
Ntp Out packets : 921
Ntp old version packets : 0
Ntp protocol error packets : 0
---------------------------------------------

switch9200#sh run int vlan 11
Building configuration...

Current configuration : 104 bytes
!
interface Vlan11
description **Mgmt**
ip address 10.168.164.132 255.255.255.0
no ip route-cache
end

-----------------------------------------------

switch9200#ping 192.168.100.19 source vlan 11
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.100.19, timeout is 2 seconds:
Packet sent with a source address of 10.168.164.132
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms

PHH!!!

paul driver · ‎06-04-2025

Hello

@Sharanjeet_Kumar wrote:

Switch is able to ping NTP server IP

Initiate an ntp debug and post the results please?

ip access list extended 100
permit udp host 10.168.164.132 host 192.168.100.19 eq ntp log
permit udp host 192.168.100.19 eq ntp host 10.168.164.132

debug ip packet detail 100
debug ntp packets

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Leo Laohoo · ‎06-05-2025

@Sharanjeet_Kumar wrote:
~192.168.100.19 

The "~" means an server is configured but no response from server.

Look at the Linux if ntpd is enabled or not with the command "systemctl is-active ntpd".

M02@rt37 · ‎06-05-2025

hello @Sharanjeet_Kumar

Do you have this command on your C9200? ntp source Vlan11

Or your Linux (NTP) server do you have already performed a tcpdump and see udp_123 packets ?

On your Linux server, NTP service (chrony ?) is started with no errors ?

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

Sharanjeet_Kumar · ‎06-05-2025

NTP source is already configured.

while debugging on switch, i didnot see any packets
For tcpdump on ntp server, i am checking

M02@rt37 · ‎06-05-2025

OK @Sharanjeet_Kumar

Thanks for you tcpdump checking.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

Jens Albrecht · ‎06-05-2025

Hello @Sharanjeet_Kumar,

when you verify that the NTP service is actually running on your server, you should also check its config.

Does the NTP server require authentication? If yes, you need to adjust the switch config accordingly.

HTH!