Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1403
Views
0
Helpful
10
Replies

Cisco N5k NTP cannot sync

kevinang74
Level 1
Level 1

‎04-26-2019 05:37 AM

Anyone face this error before?

 

I have a pair of N5K connecting to 1 pair of FW. FW acts as my ntp server.

N5K also connect to a few N2K

Our config is:

ntp server x.x.x.x use-vrf management

ntp source-interface mgmt 0

 

Strange thing is SAN switch connected to N2K can sync with FW but N5K cannot.

I'm getting stratum 2 but it is not syncing.

 

Labels:
0 Helpful
10 Replies 10

Mark Malone
VIP Alumni
VIP Alumni

‎04-26-2019 05:45 AM

Hi
whats does the show ntp peer-status give ?
what nx-os version are you on , as the config is right thats all you need and reach ability to it , i presume thats right


show ntp peer-status
Total peers : 3
* - selected for sync, + - peer mode(active),
- - peer mode(passive), = - polled in client mode
remote local st poll reach delay vrf
-------------------------------------------------------------------------------
=172.21.17.xxx 0.0.0.0 3 64 377 0.00063 management
*172.21.7.xxx 0.0.0.0 3 64 377 0.00066 management
=172.21.7.xxx 0.0.0.0 3 64 377 0.00060 management

0 Helpful

shaps
Level 3
Level 3
In response to Mark Malone

‎04-26-2019 05:52 AM

May also be worth checking the FW logs or captures to see the requests coming in from the nexus
0 Helpful

kevinang74
Level 1
Level 1
In response to shaps

‎04-26-2019 09:24 AM

Yes, can see request from nexus

0 Helpful

kevinang74
Level 1
Level 1
In response to Mark Malone

‎04-26-2019 05:52 AM

Hi

My nx-os is 7.3.4(n1)1


My show ntp peer-status
Total peers : 1
* - selected for sync, + - peer mode(active),
- - peer mode(passive), = - polled in client mode
remote local st poll reach delay vrf
-------------------------------------------------------------------------------
=x.x.x.x y.y.y.y 2 16 377 0.00063 management

0 Helpful

Mark Malone
VIP Alumni
VIP Alumni
In response to kevinang74

‎04-26-2019 06:02 AM

Quick search of that release 7.x shows good few NTP bugs , none specific to your release or issue though but it could be still software issues or as Shaps said the firewall may not be responding to it , is there another device you could point to as a test to rule the FW out ?

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5500/sw/release/notes/7x/Nexus5500_Release_Notes_7x.html
0 Helpful

shaps
Level 3
Level 3
In response to Mark Malone

‎04-26-2019 06:14 AM

The lack of NTP requests on the FW will certainly point to an NTP bug on the Nexus
0 Helpful

kevinang74
Level 1
Level 1
In response to Mark Malone

‎04-26-2019 09:28 AM

I'm also suspecting it's a bug but i have catalyst 9300 running 16.10 that connects directly to the same firewall which is also not syncing.

What is syncing are SAN storage and SAN switches which are connected to N2K which are connected to N5K.

0 Helpful

Jaderson Pessoa
VIP Alumni
VIP Alumni

‎04-26-2019 06:38 AM - edited ‎04-26-2019 06:40 AM

Hi there,

 

Could you sets your correctly TIMEZONE

 

Example:

switch(config)# clock timezone EST -5 0

 

and check if your has synchronized?

 

Regards

 

Jaderson Pessoa
*** Rate All Helpful Responses ***
0 Helpful

kevinang74
Level 1
Level 1
In response to Jaderson Pessoa

‎04-26-2019 09:26 AM

Yes, time zone set correctly

0 Helpful

kevinang74
Level 1
Level 1
In response to kevinang74

‎04-27-2019 08:01 AM

Besides timezone, any other things I should check?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card