cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4833
Views
5
Helpful
19
Replies

NTP is showing unsyncronized in cisco 3650

Noovi
Level 1
Level 1

KABZ1016#sh run | i ntp

ntp source Vlan260

ntp server 10.162.251.72

ntp server 10.162.251.71

KABZ1016#

 

KABZ1016#sh ntp status

Clock is unsynchronized, stratum 16, no reference clock

nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**10

ntp uptime is 16310500 (1/100 of seconds), resolution is 4000

reference time is 00000000.00000000 (00:00:00.000 GMT Mon Jan 1 1900)

clock offset is 0.0000 msec, root delay is 0.00 msec

root dispersion is 0.58 msec, peer dispersion is 0.00 msec

loopfilter state is 'NSET' (Never set), drift is 0.000000000 s/s

system poll interval is 64, never updated.

KABZ1016#sh ntp ass

 

  address         ref clock       st   when   poll reach  delay  offset   disp

 ~10.162.251.72   10.162.251.71    2     49     64   377  0.996 3567718  1.923

 ~10.162.251.71   .LOCL.           1     45     64     7  0.997 3567717  1.692

 * sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured

KABZ1016#

 

KABZ1016#ping 10.162.251.71

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.162.251.71, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms

KABZ1016#ping 10.162.251.72

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.162.251.72, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms

 

Please help me to resolve this, i have attached debugs logs too

19 Replies 19

johnd2310
Level 8
Level 8

Hi,

 

You have configured these switches  to serve time to each other when none of them has the correct time  or is authoritative.

Configure your switches to get time from an external ntp server. If you do not have Internet access and would like to manage time manually, then configure your switches or one of you switches to be NTP master.

The recommendation is  to configure your switches to sync to and external ntp server.

 

Thanks

John

**Please rate posts you find helpful**

Hi John,

 

thanks for quick response.

 

10.162.251.71/72 are hardware servers. Are you saying these serves have issue?

 

To use external NTP server, these switch is after firewall. And customer is not allowing to do any port opening in Firewall. 

Hi, 

After the IOS 12.<X> NTP version 4 is the NTP version default. Can you check that is your server is supporting to version 4?

 

Otherwise, you can go with V3 from the router itself.

NTP server 10.162.251.71 version 3

 

Regards,

Deepak Kumar

 

 

 

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

Hi Deepak,

 

yes , default version is 4. I have set to 3 too but still didn't works.

 

Actually 10.162.251.71/72 are VM severs. are there any known NTP sync issue between them

Hi, 

Please share the output of below commands:

  • debug ip packets <acl>
  • debug ntp packets
  • debug ntp validity
  • debug ntp sync
  • debug ntp events

 

ACL for debugging setup like this: 

permit udp any eq 123 any eq 123

 

And make sure, there is no ACL or firewall is blocking the UDP port 123.

 

Thanks, 

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

Hi Deepak,

 

i have attached output for given commands. But below commands are not taking.

Also 10.162.251.71/72 are directly connected and no ACL is configured.

 

  • debug ntp validity
  • debug ntp syn

 

 

Hi,

thanks for output and there is some bug reported for the same issue:

 NTP Core(INFO): 10.162.251.72 902D 8D popcorn popcorn

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCug48022

 

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

Hi,

 

Where are these servers getting time from? i.e. What is the NTP configuration of these servers? What OS is  running on the VMs

 

Thanks

John

**Please rate posts you find helpful**

Hi John,

Will share you asked details soon.

 

Hi deepak,

 

If you are saying this is bug but how other devices with same c3650 model are working.

Hello

Note:

ntp server x.x.x.  this client need to be pointed to an authoritative time server
ntp peer x.x.x.   peers are non authoritative with each other , they should agree on a time

 

 

So if your NTP master isnt authoritative for the network then it wont work, Also check if you are not being prohibited by access-listing or authentication key

 

res

Paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Dear Paul,

i have checked with NTP peer but no luck.

As of now i am suspecting issue from 10.162.251.71/72.

Will post progressive update.

There was a question about what OS is running on the server and I do not see an answer to that. I would also ask what is the source of time on the server? If it is using Windows time service then that could explain this issue. Windows time service is sufficient to offer time to Windows devices but is not a full implementation of NTP and Cisco IOS devices will typically not sync to a device using Windows time service.

 

HTH

 

Rick

HTH

Rick

Hi, 

@Richard Burts I disagree on your point "Cisco IOS devices will typically not sync to a device using Windows time service." 

I implemented the same in many places with windows server 2008/2012. It is working fine. Even same setup is working in my office. 

 

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

Hi Guys,

I have received below response. Can you please guide me further.

 

  1. Are 10.162.251.71/72 NTP capable? - yes
  2. Which platform they are using? – Windows Server 2016
  3. Is there any authentication used? - No

4.Where are these servers getting time from? – Internal (Enterprise NTP service)

5.What is the NTP configuration(version) of these servers?  - ??

6.What OS is  running on the VMs? – Server 2016

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco