cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4454
Views
0
Helpful
3
Replies

NTP on Nexus 7700 with VDCs

Kevin Dorrell
Level 10
Level 10

I am have some difficulty configuring NTP on Nexus 7700 with VDCs.  I have four Nexus 7700, and each has four VDCs: admin, aggr, otv, and core.  I decided to run the NTP on the core vdc, as that was the one closest to my NTP reference sources.  That is working perfectly: I have got the core vdc synchronising to my NTP sources.  I presume there is only one clock in the box, so it applies to all VDCs.

Now, I am having problems at my aggr vdc.  I want my data center servers to synchronise to their local default router address, i.e. the VLAN SVI.  (Or more strictly, the HSRP address of the SVI).  But I cannot get the servers to synchronise.  It appears that the aggregation VDC is unwilling to act as NTP server.  (I tried synchronising to both the SVI address and the HSRP address, but neither works.)

I can get the servers to synchronise to the loopback addresses of the core vdc, but not to the svi address in the aggregation VDC.  But I don't want to do that because it means re-configuring all the servers and that would not make me popular with the server teams.

Any ideas anyone?

Kevin Dorrell

Luxembourg

3 Replies 3

Richard Burts
Hall of Fame
Hall of Fame

Kevin

You assume that there is one clock and so if one VDC is sync to an NTP server that all VDC will be sync. I do not share that assumption. Perhaps this output from a 7706 that I recently configured will shed some light. From the default/management VDC I get this output

nexus-2# sho ntp peer-status
Total peers : 2
* - selected for sync, + -  peer mode(active),
- - peer mode(passive), = - polled in client mode
    remote               local                 st   poll   reach delay   vrf
-------------------------------------------------------------------------------
*172.19.100.58         172.19.127.84          1   64     377   0.00070 management
=172.19.121.58         172.19.127.84          1   64     377   0.00159 management

So clearly NTP is successful here and would respond to any NTP request. But from another VDC on this Nexus where NTP is not configured I get this


nexus-2_core# sho ntp peer-status
INFO: System clock is not controlled by NTP in this VDC
      You can use "clock protocol <protocol> vdc <vdc_id>"
      to change the current setting.

So clearly any NTP request in this VDC will fail.

HTH

Rick

 

HTH

Rick

Hi Rick.

Yes, that's what I get too.  But if the clocks were independent, I should be able to configure NTP independently on each VDC, and have them synchronize to the core VDC.  But it seems you are only allowed to configure NTP on one of the VDCs, (you can choose which one) which is why I thought there must be a common clock.

The "clock protocol" command, which allows you to choose which VDC does the NTP, can only be configured from the admin VDC.  Maybe you can have several "clock protocol" commands", one for each VDC?  I shall try that tomorrow.

Otherwise, it's got me stumped.  I think I might have to open a TAC case.

Kevin

https://supportforums.cisco.com/discussion/11322751/ntp-problem-nexus-7000

in the default vdc, the "clock protocol ntp vdc x" command is needed

Review Cisco Networking for a $25 gift card