KABZ1016#sh run | i ntp
ntp source Vlan260
ntp server 10.162.251.72
ntp server 10.162.251.71
KABZ1016#sh ntp status
Clock is unsynchronized, stratum 16, no reference clock
nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**10
ntp uptime is 16310500 (1/100 of seconds), resolution is 4000
reference time is 00000000.00000000 (00:00:00.000 GMT Mon Jan 1 1900)
clock offset is 0.0000 msec, root delay is 0.00 msec
root dispersion is 0.58 msec, peer dispersion is 0.00 msec
loopfilter state is 'NSET' (Never set), drift is 0.000000000 s/s
system poll interval is 64, never updated.
KABZ1016#sh ntp ass
address ref clock st when poll reach delay offset disp
~10.162.251.72 10.162.251.71 2 49 64 377 0.996 3567718 1.923
~10.162.251.71 .LOCL. 1 45 64 7 0.997 3567717 1.692
* sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.162.251.71, timeout is 2 seconds:
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.162.251.72, timeout is 2 seconds:
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
Please help me to resolve this, i have attached debugs logs too
You have configured these switches to serve time to each other when none of them has the correct time or is authoritative.
Configure your switches to get time from an external ntp server. If you do not have Internet access and would like to manage time manually, then configure your switches or one of you switches to be NTP master.
The recommendation is to configure your switches to sync to and external ntp server.
thanks for quick response.
10.162.251.71/72 are hardware servers. Are you saying these serves have issue?
To use external NTP server, these switch is after firewall. And customer is not allowing to do any port opening in Firewall.
After the IOS 12.<X> NTP version 4 is the NTP version default. Can you check that is your server is supporting to version 4?
Otherwise, you can go with V3 from the router itself.
NTP server 10.162.251.71 version 3
yes , default version is 4. I have set to 3 too but still didn't works.
Actually 10.162.251.71/72 are VM severs. are there any known NTP sync issue between them
Please share the output of below commands:
ACL for debugging setup like this:
permit udp any eq 123 any eq 123
And make sure, there is no ACL or firewall is blocking the UDP port 123.
thanks for output and there is some bug reported for the same issue:
NTP Core(INFO): 10.162.251.72 902D 8D popcorn popcorn
Where are these servers getting time from? i.e. What is the NTP configuration of these servers? What OS is running on the VMs
ntp server x.x.x. this client need to be pointed to an authoritative time server
ntp peer x.x.x. peers are non authoritative with each other , they should agree on a time
So if your NTP master isnt authoritative for the network then it wont work, Also check if you are not being prohibited by access-listing or authentication key
There was a question about what OS is running on the server and I do not see an answer to that. I would also ask what is the source of time on the server? If it is using Windows time service then that could explain this issue. Windows time service is sufficient to offer time to Windows devices but is not a full implementation of NTP and Cisco IOS devices will typically not sync to a device using Windows time service.
@Richard Burts I disagree on your point "Cisco IOS devices will typically not sync to a device using Windows time service."
I implemented the same in many places with windows server 2008/2012. It is working fine. Even same setup is working in my office.
I have received below response. Can you please guide me further.
4.Where are these servers getting time from? – Internal (Enterprise NTP service)
5.What is the NTP configuration(version) of these servers? - ??
6.What OS is running on the VMs? – Server 2016