11-08-2019 06:15 AM
Community,
We recently implemented a bunch of WS-C3560CX-12PC-S as credenza switches for AV.
We can't get these specific devices to stay synchronized with our NTP server.
The NTP server is a Cisco Nexus box and all other devices (cisco or not) are syncing just fine including (ASR's, 4500e's, 3650's 3560x's).
The config we are using on the 3560CX-12 is:
ntp logging
ntp access-group peer ACL-NTP-PEER
ntp access-group serve ACL-NTP-SERVE
ntp update-calendar
ntp server 10.1.1.1
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
clock timezone EST -5 0
ip access-list standard ACL-NTP-PEER
permit 10.1.1.1
deny any log
ip access-list standard ACL-NTP-SERVE
deny any log
This is the status:
SW#show ntp associations detail
Load for five secs: 22%/0%; one minute: 23%; five minutes: 23%
Time source is NTP, .09:12:45.429 EST Fri Nov 8 2019
10.1.1.1 configured, ipv4, our_master, sane, valid, stratum 4
ref ID 8.8.8.8 , time E16FE2C4.51F2ED2F (07:49:08.320 EST Fri Nov 8 2019)
our mode client, peer mode server, our poll intvl 64, peer poll intvl 64
root delay 25.46 msec, root disp 23.31, reach 1, sync dist 8049.26
delay 1.24 msec, offset 128.2183 msec, dispersion 7937.50, jitter 0.00 msec
precision 2**20, version 4
assoc id 28448, assoc name 10.200.1.1
assoc in packets 22446, assoc out packets 22447, assoc error packets 0
org time 00000000.00000000 (19:00:00.000 EST Thu Dec 31 1899)
rec time E16FE2CF.5760A6BE (07:49:19.341 EST Fri Nov 8 2019)
xmt time E16FE2CF.5760A6BE (07:49:19.341 EST Fri Nov 8 2019)
filtdelay = 1.24 0.00 0.00 0.00 0.00 0.00 0.00 0.00
filtoffset = 128.21 0.00 0.00 0.00 0.00 0.00 0.00 0.00
filterror = 0.00 16000.0 16000.0 16000.0 16000.0 16000.0 16000.0 16000.0
minpoll = 6, maxpoll = 10
SW#show ntp status
Load for five secs: 22%/0%; one minute: 23%; five minutes: 23%
Time source is NTP, .09:14:25.872 EST Fri Nov 8 2019
Clock is unsynchronized, stratum 5, reference is 10.200.1.1
nominal freq is 286.1023 Hz, actual freq is 286.0438 Hz, precision is 2**20
ntp uptime is 137766600 (1/100 of seconds), resolution is 3496
reference time is E16FE2CF.36B68FAA (07:49:19.213 EST Fri Nov 8 2019)
clock offset is 128.2183 msec, root delay is 26.71 msec
root dispersion is 8165.62 msec, peer dispersion is 7937.50 msec
loopfilter state is 'SPIK' (Spike), drift is 0.000204253 s/s
system poll interval is 64, last update was 5106 sec ago
Appreciate any help on this before I go down the TAC route.
11-08-2019 07:22 AM
ntp access-group peer ACL-NTP-PEER
ntp access-group serve ACL-NTP-SERVE
this seems odd???
my guess is the
ntp access-group peer ACL-NTP-PEER
is overruled by
ntp access-group serve ACL-NTP-SERVE
so only the ACL-NTP-SERVE (which is deny any) is active
11-08-2019 04:10 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide