11-30-2015 08:00 PM - edited 03-08-2019 02:54 AM
Hi,
Recently I rebooted our swithc and saw the clock was now wrong. It seems that it is not synchronizing with it's NTP server.
I've tried configuring a new NTP server of 131.107.13.100 which I understand to be a public internet time server, but it does not seem to have synchronised to this either.
In the meantime I've manually set the time on the device, but assume this would be lost if the machine were to be rebooted again.
Any ideas on what could be stopping synchronization?
Solved! Go to Solution.
11-30-2015 11:02 PM
what are the commands on the switch to configure NTP?
can you ping 203.14.0.250 from the switch?
11-30-2015 10:35 PM
what switch are you using? what is the ntp config?
what do you get when you do a "sh ntp Assoc" command on the switch?
is 131.107.13.100 reachable on your network, it doesn't respond to pings for me but that might be nothing. I use tic.ntp.telstra.net( 203.14.0.250) and toc.ntp.telstra.net (203.14.0.251) for my public ntp servers, they will respond to pings, so you can check reachability.
11-30-2015 10:56 PM
The switch is a cisco 3560x
The result of sh ntp assoc:
address ref clock st when poll reach delay offset disp
~10.245.4.1 0.0.0.0 16 - 64 0 0.0 0.00 16000.
~131.107.1.10 0.0.0.0 16 - 64 0 0.0 0.00 16000.
~203.14.0.250 0.0.0.0 16 - 64 0 0.0 0.00 16000.
~150.101.217.196 0.0.0.0 16 - 64 0 0.0 0.00 16000.
* master (synced), # master (unsynced), + selected, - candidate, ~ configured
I'm afraid I don't understand what you mean by the ntp config.
11-30-2015 11:02 PM
what are the commands on the switch to configure NTP?
can you ping 203.14.0.250 from the switch?
12-01-2015 02:15 PM
I'm actually not sure of what was origonally used to configure ntp on this switch. I wasn't around when it was set up, and have just kind of inherited the running and startup config.
As far as I can tell it does have NTP enabled (as show clock detail states source is ntp) I do not believe that this switch is set up to be an NTP master either.
interestingly The switch can not ping 203.14.0.250 (or any of it's other ntp addresses) but my local workstation can.
There is another switch on our network which does nto have ntp enabled currently and can reach these addresses via ping. The problem switch can in turn ping that one, perhaps I can experiment setting up a master - peer relationship between these two?
12-01-2015 02:24 PM
Is the bad switch on the same subnet as the switch that works? if not you most probably need to let that subnet access the Internet thru your firewall
12-01-2015 02:31 PM
Yes they should both be on the same subnet. They are both 192.168.0.x addresses
12-01-2015 03:00 PM
its strange then that one can get thru to the Internet and the other can't, Might be individual IP addresses allowed out on the firewall.Also might be other ACLs blocking it on other devices.
12-01-2015 03:15 PM
Yeah I'll have to look into it, as individual IP addresses being allowed seems like wha is probably going on.
I'm ok with it as is as it is for now as both of them are synchronized to corrrect time. Though of course it's not an ideal system
12-01-2015 02:27 PM
Ok So seeing that my problem switch couldn't ping online ntp sources (thanks for pointing out that i should test that) I configured a different switch to use tic.telstra.com as it's ntp master. and this problem one to sync with the working swithc on our network.
This appears to have both devices correctly synchronized
11-30-2015 10:50 PM
What time difference is between your device and ntp server? Also please check the article - http://www.cisco.com/c/en/us/support/docs/ip/network-time-protocol-ntp/116161-trouble-ntp-00.html
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide