Linux ntp server with cisco 3850

Similar Messages

• Configuring Radius server with Cisco MDS - 9606 switch

  Need help in configuring Radius server with cisco MDS - 9606
  please let me know if any document available

  rtt min/avg/max/mdev = 0.260/0.327/0.468/0.077 ms
  IFCBCCEMCSW2# sh version
  Cisco Storage Area Networking Operating System (SAN-OS) Software
  TAC support: http://www.cisco.com/tac
  Copyright (c) 2002-2008, Cisco Systems, Inc. All rights reserved.
  The copyrights to certain works contained herein are owned by
  other third parties and are used and distributed under license.
  Some parts of this software may be covered under the GNU Public
  License or the GNU Lesser General Public License. A copy of
  each such license is available at
  http://www.gnu.org/licenses/gpl.html and
  http://www.gnu.org/licenses/lgpl.html
  Software
  BIOS: version 1.1.0
  loader: version 1.2(2)
  kickstart: version 3.3(1c)
  system: version 3.3(1c)
  BIOS compile time: 10/24/03
  kickstart image file is: bootflash:/m9500-sf1ek9-kickstart-mz.3.3.1c.bin
  kickstart compile time: 5/23/2008 19:00:00 [06/19/2008 23:56:56]
  system image file is: bootflash:/m9500-sf1ek9-mz.3.3.1c.bin
  system compile time: 5/23/2008 19:00:00 [06/20/2008 00:26:51]
  Hardware
  cisco MDS 9506 ("Supervisor/Fabric-1")
  Intel(R) Pentium(R) III CPU with 1028596 kB of memory.
  Processor Board ID JAB094300ER
  bootflash: 250368 kB
  slot0: 0 kB

• Windows 2k8 Radius Server with Cisco Wireless Controllers

  We currently are using a Cisco 4400 wireless controller with an older Cisco Secure ACS appliance that is going EOL.  My hope was to just connect our 4400 Wireless Controller to a Windows Server 2008 Radius Server (Just using Microsoft's Network Policy Server) but have not had any luck in getting this to work.  Does anyone have an easy to follow set of instructions on configuration of Microsoft Windows Server 2008 NPS for use with Cisco Wireless Controllers?  Any advise would be greatly appreciated.
  Thank You,
  Jim

  Hi NPT,
  Here is the post which may help you!!
  https://supportforums.cisco.com/message/3073519
  Regards
  Surendra

• VPN Site-to-Site or VPN Client Server with Cisco IP Phone 8941 and 8945

  Hi everyone,
  I decide to deploy a CUCM (BE6K platform), SX20, and IP Phone 8941/8945 on Head Office and Cisco SX10 and IP Phone 8941/8945 for branch offices (actually 9 branch offices).
  The connection will use internet connection for HO and each branch offices.
  And the IT guy want to use kind a VPN client server or VPN site-to-site for the connection through internet,
  what kind of VPN client server or VPN site-to-site that recommended for this deployment?
  and what type of Cisco router that support that kind of VPN (the cheapest one will be great)?
  So the SX10 and IP Phone 8941/8945 in branch offices can work properly through internet connection?
  please advise
  Regards,
  Ovindo

  Hi Leo,
  technically, the ipsec users will not use up any premium license seats, so if you have 10 ipsec users connecting first, the premium seats are still free and so you can then still have 10 phones/anyconnect users connect.
  However, the 250 you mention is the global platform limit, so it refers to the sum of premium and non-premium connections. Or in other words, you can have 240 ipsec users and 10 phones,  but not 250 ipsec users and 10 phones.
  If 250 ipsec users and 10 phones would try to connect, it would be first-in, first-served, e.g. you could have 248 ipsec users and 2 phones connected.
  Note: since you have Essentials disabled I'm assuming you are referring to the legacy "Cisco vpnclient" (IKEv1 client) which does not require any license on the ASA. But for the benefit of others reading this thread: if  you do have Anyconnect clients (using SSL or IPsec/IKEv2) for which you currently have an Essentials license, then note that the Essentials and Premium license cannot co-exist. So for e.g. 240 Anyconnect users and no phones, you can use Essentials. For 240 Anyconnect users and 10 phones, you need a 250-seat Premium license (and a vpn phone license).
  hth
  Herbert

• How to use flash media server with cisco show n share live event module?

  hello all
  Is it  possible to use flash media server in show n share (non dme)live event ?  i 've configured flash media server, can receive  multicast streams, bu i have no idea what to write in video url fild in the live event basic setup.

  Hi Temur,
  You should be able to stream from a Flash Media Server.
  The URL should look like this:
  rtmp://xxx.yyy.com//flv:
  You can do some tests from a PC to get the exact URL that would suit your environment.
  Regards,
  Nicolas

• Xntpd on Solaris 10 gets synchronised with a higher stratum NTP server

  The Solaris 10 machine has the following configuration in etc/inet/ntp.conf
  server 10.24.179.33 prefer
  server 127.127.1.0
  fudge 127.127.1.0 stratum 8
  The Linux Fedora Core 4 test machine(10.24.179.33 ) configured as NTP server running ntpd V4 has the following configuration
  server 127.127.1.0
  fudge 127.127.1.0 stratum 10
  The solaris 10 xntpd get synchronised to Linux NTP server even though it is at a higher stratum level.
  # ntpq -p
  remote refid st t when poll reach delay offset disp
  ==============================================================================
  *10.24.179.33 LOCAL(0) 11 u 18 64 77 2.04 0.084 376.68
  LOCAL(0) LOCAL(0) 8 l 17 64 77 0.00 0.000 385.01
  The expectation was the solaris machine should not consider the server at a higher stratum level(11) for synchronistation. It should have got synchronised to the Local clock which is at stratum level 8.

  I now tried waiting for an hour, but the xntpd id still synchronised to the higher stratum clock from the NTP server 10.24.179.33. Please verify the logs below.
  Does the prefer keyword in line "server 10.24.179.33 prefer" has anything to do with this behaviour ?
  What does the RFC1305 say on process of selecting a synchronisation source ?
  My understanding was that xntpd should not be synchornising with a higher stratum clock from the NTP server (which is at stratum 11) when it already has as another server(here the local clock) which is at a lower stratum (we have simulated this by fudging the local clock to stratum 8).
  Please correct me on this.
  You have mentioned that "Stratum number is not absolute for choosing a clock. A higher stratum may be preferred in some situations."
  Could you explain me more on these situations and I also want to know the rules used by xntpd to choose a clock?
  Or you could provide any links where I can read more on this aspect.
  # ntpq -p
  remote refid st t when poll reach delay offset disp
  ==============================================================================
  10.24.179.33 LOCAL(0) 11 u 13 64 1 0.52 -0.001 15875.0
  LOCAL(0) LOCAL(0) 8 l 12 64 1 0.00 0.000 15885.0
  (WCCONGO02):(root) UTC 1:21:37 VER R-02.01.16.03
  # ntpq -p
  remote refid st t when poll reach delay offset disp
  ==============================================================================
  *10.24.179.33 LOCAL(0) 11 u 1 64 77 0.52 -0.244 376.77
  LOCAL(0) LOCAL(0) 8 l 64 64 37 0.00 0.000 885.01
  (WCCONGO02):(root) UTC 1:26:45 VER R-02.01.16.03
  # uname -a
  SunOS WCCONGO02 5.10 Generic_127127-11 sun4v sparc SUNW,Netra-T5440
  (WCCONGO02):(root) UTC 1:29:44 VER R-02.01.16.03
  # ntpq -p
  remote refid st t when poll reach delay offset disp
  ==============================================================================
  *10.24.179.33 LOCAL(0) 11 u 40 64 377 0.61 0.415 0.56
  LOCAL(0) LOCAL(0) 8 l 39 64 377 0.00 0.000 10.01
  (WCCONGO02):(root) UTC 2:7:56 VER R-02.01.16.03
  # ntpq -p
  remote refid st t when poll reach delay offset disp
  ==============================================================================
  *10.24.179.33 LOCAL(0) 11 u 13 64 377 2.26 1.289 0.66
  LOCAL(0) LOCAL(0) 8 l 12 64 377 0.00 0.000 10.01
  (WCCONGO02):(root) UTC 2:22:25 VER R-02.01.16.03
  Edited by: SujithKS on May 27, 2009 10:34 AM
  Edited by: SujithKS on May 27, 2009 11:26 AM

• Howto install SAP NW Windows Server with Linux Oracle 11g?

  Hi !!!
  In this moment i want to install a SAP Netweaver PI, but the client already has a linux database server with oracle.
  I read the MasterGuide but i cannot find the section or similar situation.
  Scenario
  WK8-PI
  192.168.1.100
  Admin y passwd
  Linux-Oracle
  192.168.1.77
  port: 3355
  user y passwd
  how to install SAP NW?
  Levy

  Hi!!!
  i read the instruction with Distribution System, and continue the steps, but the time to choose SAP System Database i cannot write the linux server always show me the Windows Server, and i can write the unique field is the instance. After push the next button and send me error, not install oracle database.
  thanks
  Levy Gonzalez

• Please help troubleshoot why SM-SRE WAAS module can't time sync with NTP server

  I have a remote WAAS site where a SM-SRE-900 module is plugged in a 2945 router. Everything is fine except the module can't sync its time to the NTP server. Its NTP was configured right and it can reach the NTP server with no problem. There's no authentication configured. But somehow it can't associate with the NTP server. I have tried manual NTP sync, but it failed too.
  The same NTP server and config is also used for many other WAAS site and the CM. They are all fine. I'm running WAAS 4.2.3 build 7. The module isn't showing any other alarms.
  Here is some show outputs and the manual NTP sync result. I noticed its poll is only 64 seconds while all other sites are showing 1024 seconds.
  waas1#sh ntp status
  ntp enabled
  ntp authentication disabled
  server list:
  Server           Key
  10.0.0.1         -
       remote           refid      st t when poll reach   delay   offset  jitter
  ==============================================================================
  10.0.0.1        66.96.98.9       3 u   43   64  377   16.828  2359370 2421.24
  waas1#ntp 10.0.0.1
  16 Dec 22:06:20 ntpdate[9835]: bind() fails: Permission denied
  Failed to set software clock using NTP server 10.0.0.1

  What the SRE-900 have as it's time?  Use the show clock command.  Does it match within a few minutes of ntp already, if not, and if this is not the first first clock set out of the box, then ntp sync might fail.
  You might try to manually set the clock correctly (set clock ... something), then see if the ntp server will sync.

• Solarwinds Netflow products what will work with a 3850-switch

  Does anybody know….what Solar winds product will do Net Flow with Cisco 3850-switches? I know Net Flow Configurator will not work….but what about Net Flow Real-time for a Cisco 3850 switch?

  For a lot of people, it is not neccessary. I used to ask myself that question until I came across a need for things that iLife and the Finder would not do.
  Toast is a great program with a lot of features that just are not standard on a Mac.
  You can make music DVDs. You can span a HD backup over multiple disks. You can make hybrid PC/Mac disks. It has DVD compression tools to fit a 8.5GB dual-layer DVD onto a single layer 4.7GB DVD.It suppoprts OGG and FLAC audio formats. You can turn your iMovie and iDVD projects into DivX disks.
  It also has lots of nice tools to clean up audio that is imported from a noisy source - like vinyl.
  It is all in all a very useful program, but not unless you need any of those features of course.

• Running LabVIEW 7.1 on Windows 2003 Server with Terminal Services

  We are setting up a newtork based solution with LabView. I have looked for documentation on installing LV 7.1 on a Windows 2003 server to run the applications and then have destkops connect to it. Can this be done with a Terminal Services Access solution? Another words, if we were to purchase the LV Volume License Manager, can you install LV 7.1 onto a Windows 2003 server and run the application through TS across a 1GB backbone from the desktop, which makes the server do all the processing?

  On Fri, 29 Oct 2004 07:42:13 -0500, ITIQ wrote:
  > By running a session through Terminal Services you are NOT running
  > anything on the desktop it all runs on the server. So if the software
  > was installed on the server and you had the correct number of licenses
  > that you allow to connect through Terminal Services, would this not be
  > allowed under the EULA?
  Sorry for the delay. I'm surprised Philip didn't get back to us... Phil
  are you there? Based on his comments, I think he misunderstands your
  situation (no offense Phil).
  You and I are both talking about the same thing. You basically want a
  terminal server license. NI will not provide it. They told me (over the
  phone) to get a multi-seat license (MSL). IMO, that's unacceptable. I
  expect a LV license taylored specifically for thin client networks. A
  multi-seat license is for -->installing<-- on multiple machines. It
  conforms to a totally different set of rules. One big one, an MSL assumes
  that you intend to run LV locally to interact with DAQ hardware. Since
  this won't be done with the thin client, you shouldn't have to pay for it.
  > I am not sure if the question is if the license is valid or not, I am
  > first just trying to figure out if you can even install LV on a Windows
  > 2003 server and run it through a Terminal Services Session.
  Since you are talking about a Microsoft operating system, I would say this
  cannot be done without some additional/costly junk installed.
  Here's another option. If the people you're supporting don't have any
  platform dependent things like ActiveX in their LV applications, you
  should consider using a Linux-based terminal server. I know for a fact it
  works.
  I've assisted in setting up a network like this before:
  * One Linux terminal server with LabVIEW for Linux (Full Dev)
  * One WinXP box on the network with LabVIEW for Win (Prof Dev)
  * 5 cheap thin clients
  They developed LabVIEW source code on the thin clients and then compiled
  packages on the WinXP box for distribution to their customers. The WinXP
  was only used for compiles so they just hopped on when necessary. The
  eventual plan is for the thin clients to simply open a RemoteDesktop
  (using RDP) terminal session and do the compiles from there. I'm not sure
  how to do that yet... on the Windows side.
  > I see the comments on calling VIs through LV. I am a Network Engineer
  > not a LV Developer, so unfortunately I do not know what a VI is. All I
  > am looking to do is run low end PCs with LV if I have to, but use the
  > server as the workhorse to process all sims etc.
  Phil must have thought you needed a LV application to access the front
  panel controls of another LV application running on a remote machine. The
  VI server is handy in that area but useless in your case.
  Hey, you wanna hear about cheap network infrastructure? We bought our
  thin client boxes for $15 each! Go to ltsp.org if you want more info on
  configuring Linux as a terminal server.
  You, and anyone else, can also email me at gnu_voodoo [at] netzero [dot]
  com for questions/comments.

• Cisco 3850 SSO and NSF failover time

  Dear Member,
  I m trying to setup a network with few second fail-over with Cisco 3850 stack, C3850 support SSO and NSF on OSPF.
  However, when the Master fails, Slave take up the role and re-learn routing information and around 10 sec to fail-over.
  May any brothers have this experience and 10 sec fail-over should be the normal behavior or can be enhance?
  Attach diagram for reference.
  Regards
  Russ

  Great, adding the following command and only have 1 ping loss with end to end.
  =========================
  Stack-mac persistent timer 0
  router ospf 1
  nsf cisco enforce global
  ========================

• UCS C240 M4 with Cisco UCS VIC1227 VIC MLOM - Dual Port 10Gb SFP+

  Hi All,
  Have a few UCS C-series questions:
  If I have a UCS C240 M4 rack server with Cisco UCS VIC1227 VIC MLOM - Dual Port 10Gb SFP+, but do not have fabric interconnect(s), I cannot use the UCS VIC1227 for anything, can I? The VIC ports HAVE to be connected to the FI(s) in order to be integrated with the UCS Manager. There is no local UCS manager software running on the server itself, is there?
  It is useless to have this card in the server without the FI(s), isn’t it?
  The OS that is going to be installed on the server is not going to see those 10GB ports on the VIC, isn’t it?
  And if there are no additional PCIe NICs installed in the server, I am stuck with the two 1GB onboard NICs, is that correct?
  Any input is appreciated.

  do not have fabric interconnect(s), I cannot use the UCS VIC1227 for anything, can I?
  The VIC 1227 can be used to integrate the server with UCSM, but that does NOT mean that is its unique function... the VIC 1227 is a CNA card that can be used whether your server is in standalone mode (no Fabric Interconnects) or integrated with UCSM.
  If the server is not connected to a Fabric Interconnect (FI), it still has CIMC (Cisco Integrated Management  Controller) which can be configured by attaching a monitor to the server and a keyboard, press F8 when you see the Cisco logo and then you can configure the IP, subnet, gateway, NIC mode and others... this may help: https://www.youtube.com/watch?v=KHQBvwO7pUU
  http://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/e/1-0/gs/guide/b_Getting_Started_Guide/b_Getting_Started_Guide_chapter_0101.html#task_3F8535D6A9574BCD806B25FEBF44615D
  http://www.cisco.com/c/en/us/support/docs/servers-unified-computing/ucs-c200-m1-high-density-rack-mount-server/111455-setup-cimc-c-series.html  <<< Little old but still helps.
  It is useless to have this card in the server without the FI(s), isn’t it?
  It is NOT useless to have the card in the server without the FIs, having the servers integrated only allows you to take advantage of the flexibility of Service Profiles but the VIC card still has the same capabilities whether you have an FI or not.
  The OS that is going to be installed on the server is not going to see those 10GB ports on the VIC, isn’t it?
  See above
  And if there are no additional PCIe NICs installed in the server, I am stuck with the two 1GB onboard NICs, is that correct?
  Same answer as above
  Let me know if you have further questions. IF I covered everything, please mark the question as "answered" for future users with the same doubts.
  -Kenny

• NTP Server Configuration

  Dear All,
  I have setup NTP Server with basic steps provided by SUN. In my setup i would be using it for Solaris, WIndows and few OS and devices like Switches and Routers..
  I am not sure what additional steps do i need to synch it with servers without using Multicast, i want to use NTP SERVER IP Addresses to synch with clietns.
  Here is my current configuration..
  ===========================================================================
  server 0.pool.ntp.org
  server 1.pool.ntp.org
  server 2.pool.ntp.org
  server 3.pool.ntp.org
  broadcast 224.0.1.1 ttl 4
  enable auth monitor
  driftfile /var/ntp/ntp.drift
  statsdir /var/ntp/ntpstats/
  filegen peerstats file peerstats type day enable
  filegen loopstats file loopstats type day enable
  filegen clockstats file clockstats type day enable
  keys /etc/inet/ntp.keys
  trustedkey 0
  requestkey 0
  controlkey 0
  ===========================================================================
  Please, let me know if you require anymore information..
  Regards,
  Sambhaji

  Hi,
  I don't believe that the 7204 has a calendar chip in it. If it doesn't, a reload will clear the clock, setting it to the 1993 date. You should sync the 7204 to an external ntp time source, preferably more than one.
  If the 7204 does have a calendar chip, then it will work, but you are still better off using external ntp sources.
  Greg

• Linux VM server and VM network configuration

  Hi,
  I have a Oracle Linux 5 server with Oracle VM Server 2.2.1 software installed. I downloaded OEL5 x86 VM template and set it up using the netmask, DNS and default gateway of the VM server machine. Now I realize I cannot access the internet from inside this Virtual Machine. So I think the DNS and gateway is not correctly setup.
  Please note that I can ssh the VM from VM server.
  Can you please guide me as to what DNS and gateway I should use for configuring my VMs? Do I need to set up an IP alais with different DNS.
  My VM server ip is (some values changed) 99.44.95.115, DNS 213.133.98.98, Def gateway 99.44.95.97 , netmask 255.255.255.224
  So for my first VM I am using ip 99.44.95.98, DNS 213.133.98.98, Def gateway 99.44.95.97 , netmask 255.255.255.224
  Am I doing anything wrong. I am completely new to Linux and networking. So I am still learning.
  Just a general idea would take me a long way.
  Regards
  CP

  Netmasks are used to identify which portion of an IP address represents the network address and which portion represents the machine address. It affects your broadcast address and defines the range of addresses that you can communicate directly without the need of an IP gateway. You do not need an IP gateway to communicate with other hosts on the same subnet because they should be physically connected and hence receive each others broadcast in order to know how to translate IP to a machine address.
  There are a couple of easy troubleshooting techniques. Like I mentioned in my previous post you can use the ping utility to check your IP communication. Open a terminal window and type e.g.: "ping 99.44.95.97". But make sure you do not have a firewall that block the ICMP protocol that the ping utility uses.
  a) check if you can ping other machines on the same network.
  You should be able to ping other hosts on the same subnet. If not, then you most likely have a problem with your IP configuration or network driver (hardware). Can you ping your own host? Is the network up?
  b) check if you can ping the gateway.
  If you cannot ping the gateway but a) works, then your IP gateway address is wrong or down.
  c) check if you can ping the DNS.
  Provided that a) and b) works, and you cannot ping the DNS server, then either the DNS address is wrong or down, or the IP gateway is not configured properly.
  Please check the above in order to isolate the problem. The link to the Oracle documentation in the one of the previous replies will let you verify the vm.cfg file to check if you have configured bridged networking (default).
  Posts about the same issue in different forums are usually not welcome here and the forum moderator might lock the thread. If you already have a thread I suggest you provide the link here in order for us to see what has already been done and make a note in the the old thread to continue here.

• Enroll Cisco device with Linux CA server

  Hi,
  Is it possible to enroll my cisco device with my Linux CA server, I know I can create my IOS device as CA server but we want to use Linux server only.
  Thanks in advance...

  Hope this helps...
  http://www.cisco.com/c/en/us/td/docs/security/asa/asa72/asdm52/selected_procedures/asdmproc/asdmcer.html
  http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/71050-ASA-cert.html
  http://www.cisco.com/c/en/us/td/docs/security/asa/asa80/configuration/guide/conf_gd/cert_cfg.html