cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2968
Views
0
Helpful
10
Replies

NTP synchronization problem

Kieran___
Level 1
Level 1

Hi,

Recently I rebooted our swithc and saw the clock was now wrong. It seems that it is not synchronizing with it's NTP server.

I've tried configuring a new NTP server of 131.107.13.100 which I understand to be a public internet time server, but it does not seem to have synchronised to this either. 

In the meantime I've manually set the time on the device, but assume this would be lost if the machine were to be rebooted again.

Any ideas on what could be stopping synchronization?

1 Accepted Solution

Accepted Solutions

what are the commands on the switch to configure NTP?

can you ping 203.14.0.250 from the switch?

 

View solution in original post

10 Replies 10

what switch are you using? what is the ntp config?

what do you get when you do a "sh ntp Assoc" command on the switch?

is 131.107.13.100 reachable on your network, it doesn't respond to pings for me but that might be nothing. I use tic.ntp.telstra.net( 203.14.0.250) and toc.ntp.telstra.net (203.14.0.251) for my public ntp servers, they will respond to pings, so you can check reachability.

The switch is a cisco 3560x

The result of sh ntp assoc:

address ref clock st when poll reach delay offset disp
~10.245.4.1 0.0.0.0 16 - 64 0 0.0 0.00 16000.
~131.107.1.10 0.0.0.0 16 - 64 0 0.0 0.00 16000.
~203.14.0.250 0.0.0.0 16 - 64 0 0.0 0.00 16000.
~150.101.217.196 0.0.0.0 16 - 64 0 0.0 0.00 16000.
* master (synced), # master (unsynced), + selected, - candidate, ~ configured

I'm afraid I don't understand what you mean by the ntp config.

what are the commands on the switch to configure NTP?

can you ping 203.14.0.250 from the switch?

 

I'm actually not sure of what was origonally used to configure ntp on this switch. I wasn't around when it was set up, and have just kind of  inherited the running and startup config. 

As far as I can tell it does have NTP enabled (as show clock detail states source is ntp) I do not believe that this switch is set up to be an NTP master either.

interestingly The switch can not ping 203.14.0.250 (or any of it's other ntp addresses) but my local workstation can.

There is another switch on our network which does nto have ntp enabled currently and can reach these addresses via ping. The problem switch can in turn ping that one, perhaps I can experiment setting up a master - peer relationship between these two?

Is the bad switch on the same subnet as the switch that works? if not you most probably need to let that subnet access the Internet thru your firewall

Yes they should both be on the same subnet. They are both 192.168.0.x addresses

its strange then that one can get thru to the Internet and the other can't, Might be individual  IP addresses allowed out on the firewall.Also might be other ACLs blocking it on other devices.

Yeah I'll have to look into it, as individual IP addresses being allowed seems like wha is probably going on. 

I'm ok with it as is as it is for now as both of them are synchronized to corrrect time. Though of course it's not an ideal system

Ok So seeing that my problem switch couldn't ping online ntp sources (thanks for pointing out that i should test that) I configured a different switch to use tic.telstra.com as it's ntp master. and this problem one to sync with the working swithc on our network. 

This appears to have both devices correctly synchronized

What time difference is between your device and ntp server? Also please check the article - http://www.cisco.com/c/en/us/support/docs/ip/network-time-protocol-ntp/116161-trouble-ntp-00.html

Review Cisco Networking for a $25 gift card