Cisco 3750X wont sync to ntp server

Similar Messages

• 3750 stack won't sync with NTP server

  Any help greatly appreciated with this one - I can't for the life of me figure out what's going wrong here.
  I'm working on a 3750 stack in Singapore (UTC +8) and I'm trying to get it to sync its clock with 3.sg.pool.ntp.org.
  This is the weird part - "sh ntp associations" shows that it is syncing:
    address         ref clock       st   when   poll reach  delay  offset   disp
  *~199.195.193.200 203.117.180.36   2     52     64   377 80.936 -13895.  1.771
  * sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured
  And "sh ntp associations de" shows that it's happy:
  199.195.193.200 configured, our_master, sane, valid, stratum 2
  ref ID 203.117.180.36, time D691F63E.C4B691CD (17:26:22.768 UTC Tue Jan 28 2014)
  our mode client, peer mode server, our poll intvl 64, peer poll intvl 64
  root delay 196.39 msec, root disp 592.71, reach 377, sync dist 944.69
  delay 80.93 msec, offset -13895.2686 msec, dispersion 2.65
  precision 2**20, version 4
  org time D691FA8F.5FF29003 (17:44:47.374 UTC Tue Jan 28 2014)
  rec time D691FA9D.5041E9C7 (17:45:01.313 UTC Tue Jan 28 2014)
  xmt time D691FA9D.3B3524C8 (17:45:01.231 UTC Tue Jan 28 2014)
  filtdelay =    82.20   80.93   82.17   81.49  155.78   81.08   84.67   82.09
  filtoffset = -13897. -13895. -13899. -13900. -13901. -13872. -13876. -13876.
  filterror =     0.00    0.99    1.98    2.94    3.94    4.92    5.87    6.81
  minpoll = 6, maxpoll = 10
  But the clock is stubbornly remaining unsynchronised ("sh ntp st"):
  Clock is unsynchronized, stratum 16, reference is 199.195.193.20
  nominal freq is 119.2092 Hz, actual freq is 119.2092 Hz, precision is 2**17
  reference time is 00000000.00000000 (08:00:00.000 UTC Mon Jan 1 1900)
  clock offset is -13895.2686 msec, root delay is 0.00 msec
  root dispersion is 14.62 msec, peer dispersion is 3.26 msec
  loopfilter state is 'CTRL' (Normal Controlled Loop), drift is 0.000000000 s/s
  system poll interval is 64, never updated.
  NTP-relevant config is as follows (no ACLs, outbound UDP 123 allowed on perimeter firewall):
  clock timezone UTC 8 0
  ntp server 3.sg.pool.ntp.org
  I have configured a pair of stacks in Hong Kong for NTP (though that was a couple of months ago and I recall that those were a pain at the time as well) and those are working fine.

  Much to my annoyance, the switch stack is now synchronised.  No  configuration changes were made in the interim; it just looks like it  needed a long time (well over an hour in this case) to start syncing  properly.

• Please help troubleshoot why SM-SRE WAAS module can't time sync with NTP server

  I have a remote WAAS site where a SM-SRE-900 module is plugged in a 2945 router. Everything is fine except the module can't sync its time to the NTP server. Its NTP was configured right and it can reach the NTP server with no problem. There's no authentication configured. But somehow it can't associate with the NTP server. I have tried manual NTP sync, but it failed too.
  The same NTP server and config is also used for many other WAAS site and the CM. They are all fine. I'm running WAAS 4.2.3 build 7. The module isn't showing any other alarms.
  Here is some show outputs and the manual NTP sync result. I noticed its poll is only 64 seconds while all other sites are showing 1024 seconds.
  waas1#sh ntp status
  ntp enabled
  ntp authentication disabled
  server list:
  Server           Key
  10.0.0.1         -
       remote           refid      st t when poll reach   delay   offset  jitter
  ==============================================================================
  10.0.0.1        66.96.98.9       3 u   43   64  377   16.828  2359370 2421.24
  waas1#ntp 10.0.0.1
  16 Dec 22:06:20 ntpdate[9835]: bind() fails: Permission denied
  Failed to set software clock using NTP server 10.0.0.1

  What the SRE-900 have as it's time?  Use the show clock command.  Does it match within a few minutes of ntp already, if not, and if this is not the first first clock set out of the box, then ntp sync might fail.
  You might try to manually set the clock correctly (set clock ... something), then see if the ntp server will sync.

• Cisco 2821 Router as a NTP Server

  We are using a 2821 Router as our boundary router.  It has installed into it a 9 port HWIC for layer 2 switching as well as allowing the router to communicate on the Network Management VLAN.  All of the devices on the Network Management VLAN are segregated from the managed traffic, which unfortunately also doesn't allow them external NTP services.  Can the router be programmed as a NTP server so that all of the network appliances can utilize it for NTP from either it's NM Vlan IP address or from a loopback address?  Thanks in advance for the help.

  What are the commands needed in the router for it to provide time to other appliances?
  If your router has successfully synchronized with an authoritative NTP server?  NOT A THING.
  In my network, only the site's distribution switch is allowed to go out and get NTP.  All other access switch goes to the distribution switch by using the command "ntp server ".  You can have multiple NTP server IP address and if you prefer to have a "favorite" you can append your command with the "prefer" option:  ntp server prefer.
  If you have clients then point their NTP to your router.  For troubleshooting, I prefer the command "sh ntp associate".  If your NTP server IP address starts with a "*" this is good and means that your NTP is synchronized.
  Hope this answers your question.

• IPHONE 4 with Verizon wont sync with Exchange server 2003

    I am trying to sync my VZ Iphone 4 with my exchange server at work. I have updated my account to have corporate email, I have done troubleshooting and tested my credentials on another phone (att) but NOTHING works. I have the white IPhone..(the color shouldnt matter!) but nothing is working...help....is it just verizon?

  Without details, like any errors that occur, it is almost impossible to offer suggestions.

• Linux ntp server with cisco 3850

  hi all
  i'm trying to make sync with linux ntp with cisco 3850  here is the what i did
  linux centos 6.5 (on the ucs virtual machin) . this is a ntp server
  ip 10.1.1.251
  ===================================================
  For more information about this file, see the man pages
  # ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
  driftfile /var/lib/ntp/drift
  # Permit time synchronization with our time source, but do not
  # permit the source to query or modify the service on this system.
  restrict default kod nomodify notrap nopeer noquery
  restrict -6 default kod nomodify notrap nopeer noquery
  # Permit all access over the loopback interface.  This could
  # be tightened as well, but to do so would effect some of
  # the administrative functions.
  restrict 127.0.0.1
  restrict -6 ::1
  # Hosts on local network are less restricted.
  restrict 10.1.1.0 mask 255.255.255.0 nomodify notrap
  # Use public servers from the pool.ntp.org project.
  # Please consider joining the pool (http://www.pool.ntp.org/join.html)
  #server 1.centos.pool.ntp.org iburs
  #server 2.centos.pool.ntp.org iburst
  #server 3.centos.pool.ntp.org iburst
  server 127.127.1.0
  fudge 127.127.1.0 stratum 2
  #broadcast 192.168.1.255 autokey        # broadcast server
  #broadcastclient                        # broadcast client
  #broadcast 224.0.1.1 autokey            # multicast server
  #multicastclient 224.0.1.1              # multicast client
  #manycastserver 239.255.254.254         # manycast server
  #manycastclient 239.255.254.254 autokey # manycast client
  # Enable public key cryptography.
  #crypto
  includefile /etc/ntp/crypto/pw
  # Key file containing the keys and key identifiers used when operating
  # with symmetric key cryptography.
  keys /etc/ntp/keys
  # Specify the key identifiers which are trusted.
  #trustedkey 4 8 42
  # Specify the key identifier to use with the ntpdc utility.
  #requestkey 8
  # Specify the key identifier to use with the ntpq utility.
  #controlkey 8
  # Enable writing of statistics records.
  #statistics clockstats cryptostats loopstats peerstats
  and cisco 3850  configured this one
  ntp server 10.1.1.241
  and
  show ntp status
  clock is unsynchronized, stratum 16, reference is null
  why...didn't work.. somebody help me..

  Is there a typo in your post or configuration? You show the NTP server IP address as 10.1.1.251, but the router configured to use 10.1.1.241.
  Regards

• How to sync clock of Cisco ASA 5505 from NTP Server on internet

  Hi there!
  i've setup a site, with cisco ASA 5505. It has public ip also.
  i want to sync the clock of firewall from on ntp server on internet, or with internal domain controller that is inside LAN.
  The firewall has public IP also.
  how can i do this?
  Regards!

  Hello Lasandro,
  This should do it!
  http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/basic_hostname_pw.html#wp1236530
  Looking for some Networking Assistance? 
  Contact me directly at [email protected]
  I will fix your problem ASAP.
  Cheers,
  Julio Carvajal Segura
  http://laguiadelnetworking.com

• Cisco 3750X as a NTP master

  Hi All,
  I would like to configure my core switches as the ntp master for the environment but also I would like to have the core switch sync with a public NTP server. Can you advise if this is possible? I have seen both commands available on the switch.
  Thanks

  It is possible but you do not have to use the command "ntp master" on your switch.  Point all your device to the switch and it should work.  
  The switch should be able to synchronize NTP with a trusted source.

• Error: Cannot connect to NTP server or NTP server is not running - Cisco IPS

  This is different scenario here:
  I have two Cisco IPS 4260-k9 and both are in production now.
  One of the IPSs is configured with NTP and works fines, but another one is not.
  When tried to configure when the device is ON and live in production and got the following error,
  Error from CLI:
  " Error: Cannot connect to NTP server or NTP server is not running "
  Error from IME:
  " Delivery failed.
  err Unaccepable Value - cannot connect to the NTP server or NTP server is not running"
  I am able to reach the NTP server, also the same NTP is working fine with other devices....
  Am I doing anything wrong?
  Please advise

  Hi,
  Now the error has changed:
  Session.connect: java.net.SocketTimeoutException: Read timed out
  I have increased the pooling interval to 1 Hr from 1 Min. Waiting for the next pooling interval result.
  Guide me if I am heading right.... or anything else needs to be done.
  Regards,
  Krishna Chauhan

• Cisco Nexus 7K as NTP server

  I want to configure cisco nexus as NTP server so that it can provide NTP source to other network devices.I am planning to configure the following configuration on my cisco nexus 7k
  ntp master stratum 2
  server0.europe.pool.ntp.org Prefer
  server1.europe.pool.ntp.org
  server2.europe.pool.ntp.org
  server3.europe.pool.ntp.org
  ntp source-interface mgmt0 
  Is there anything else i need to configure and any security concerns if i allow NTP port on my firewall to nexus core 7K switches
  Thanks for your help

  Consult these secure NTP recommendations from Team Cymru.
  Don't forget to rate all helpful posts.
  http://www.team-cymru.org/ReadingRoom/Templates/secure-ntp-template.html

• NTP-Sync of Windows2003-Server failes

  Hi,
  the windows-server reportes: the datas are not valid. Server uses ntp version 3.
  The ntp-server is located on Sup720 with 12.2(18)SXE2 and HSRP for the source-vlan 700:
  ntp source Vlan700
  ntp update-calendar
  ntp max-associations 2
  ntp server 10.9.34.150
  The reference-clock is an atomic-clock (10.9.34.150).
  The attachment containes debug-output (deb ntp val + packet) for the Windows-requests.
  Please help me to interprete the debug-output.
  Kind Regards.
  volker

  Why not source NTP from a trusted interface or loopback?
  RTR3725-1(config)#ntp source ?
  Async Async interface
  BVI Bridge-Group Virtual Interface
  CTunnel CTunnel interface
  Dialer Dialer interface
  FastEthernet FastEthernet IEEE 802.3
  Loopback Loopback interface
  MFR Multilink Frame Relay bundle interface
  Multilink Multilink-group interface
  Null Null interface
  Port-channel Ethernet Channel of interfaces
  Serial Serial
  Tunnel Tunnel interface
  Vif PGM Multicast Host interface
  Virtual-Template Virtual Template interface
  Virtual-TokenRing Virtual TokenRing
  Vlan Catalyst Vlans
  XTagATM Extended Tag ATM interface
  HTH

• NTP Server IP Address ?

  Hi,
  I have configured a Cisco 6509 core switch as a NTP master and allowed all my access switches to get their time synchronised with the core switch. Now, I want to configure the core switch to get itself synchronised with other public NTP server which would be reliable and genuine as our organisation is serving for healthcare. One of my friend has told me to use these IPs 128.249.1.1 or 128.2.136.71 as a NTP Server in the core switch. Should I use them?
  Is Cisco recommends any Public IP for  NTP Server synchronisation? Please suggest.
  Thanks & Regards,
  Anil K. 

  Disclaimer: I have no affiliation with Cisco in any way except where I work, we use some Cisco products (sw/hw). So take it however you will.
  Personally, I would rather adopt the following approach suggested at http://www.pool.ntp.org/en/use.html, than hardcoding a couple of public NTP servers in a remote region:
  "As pool.ntp.org will assign you timeservers from all over the world, time quality will not be ideal. You get a bit better result if you use the continental zones (For example europe, north-america, oceania or asia.pool.ntp.org), and even better time if you use the country zone (like ch.pool.ntp.org in Switzerland) - for all these zones, you can again use the 0, 1 or 2 prefixes, like 0.ch.pool.ntp.org. Note, however, that the country zone might not exist for your country, or might contain only one or two timeservers. If you know timeservers that are really close to you (measured by network distance, with traceroute or ping), time probably will be even better. "
  Of course, if time sync is REALLY that important, one might consider buying/installing commercial GPS-based NTP appliances. That's not what you're looking for, obviously.

• Windows Server 2012 as NTP Server for Windows Server 2008R2 Domain Controller

  We have one domain with 3 Windows Server 2008R2 DC's. Our Edge router is configured to get the time from the internet, and was our timesource for the PDC emulator. But lately we have migrated our major routers to Cisco IOS15, and now the timeservice on the
  PDCe is unable to fetch the time. This is a known bug, as you can read here:
  http://social.technet.microsoft.com/Forums/ja-JP/b16de048-8642-4799-b85a-ad092e17dd47/windows-server-2012-ntp-version-compatibility
  Now I've found out that Windows Server 2012 does sync with the router. That's our DirSync server, and is in the same VLAN as our DC's. So I thought: I'll set up the Windows Server 2012 as new timeserver, so our PDCe can sync with that server. (Compony
  policy is that DC's don't talk to the internet). Everything seems alright.
  I've set:
  w32tm /config /manualpeerlist:<IP of router>,0x8 /syncfromflags:manual
  w32tm /config /reliable:yes
  Changed the registry with:
  HKLM\SYSTEM\CC\SERVICES\W32TIME\TIMEPROVIDERS\NTPSERVER - Enabled:1
  HKLM\SYSTEM\CC\SERVICES\W32TIME\Config - AnnounceFlags:A
  And stopped and started the W32Time service. I can see that the Windows 2012 server is fetching the correct time, and checked with NBTSTAT -NA that it's listening on port 123.
  But our PDCe doesn't sync. (also changed the config so it has the 2012 server as timesource). Get the EventID 47:
  Time Provider NtpClient: No valid response has been received from manually configured peer <w2012server> after 8 attempts to contact it. This peer will be discarded as a time source and NtpClient will attempt to discover a new peer with this DNS
  name. The error was: The peer is unreachable.
  What more can I try?

  It only shows me the 3 DC's:
  DC04.domain.local *** PDC ***[[::1]:123]:
      ICMP: 0ms delay
      NTP: +0.0000000s offset from DC04.domain.local
          RefID: 'LOCL' [0x4C434F4C]
          Stratum: 1
  DC03.domain.local[10.x.x.x:123]:
      ICMP: 0ms delay
      NTP: -0.0097028s offset from DC04.domain.local
          RefID: DC04.domain.local [10.x.x.x]
          Stratum: 2
  DC05.domain.local[10.x.x.x:123]:
      ICMP: 0ms delay
      NTP: -0.0127883s offset from DC04.domain.local
          RefID: W8D-VW-DC04.domain.local [10.x.x.x]
          Stratum: 2
  Warning:
  Reverse name resolution is best effort. It may not be
  correct since RefID field in time packets differs across
  NTP implementations and may not be using IP addresses.

• Anyone got NTP working with a Windows 2008 NTP server?

  Hello,
  I'm trying to sync the time on our routers and swithces with a Windows 2008R2 server, but it doesn't work.  Has anyone managed to do this:
  Config:
  ntp master
  ntp update-calendar
  ntp server 192.168.2.164
  sh ntp associations
    address         ref clock         st   when   poll   reach    delay    offset     disp
  *~127.127.1.1     .LOCL.         7     11     16      377      0.000   0.000      0.225
  ~192.168.2.164  .INIT.          16      -      1024     0       0.000    0.000    15937.
  Windows 2008R2 server
  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer]"
  "Enabled"=dword:00000001
  restart server
  w32tm /config /manualpeerlist:uk.pool.ntp.org,0x8 /syncfromflags:MANUAL
  net stop w32time
  net start w32time
  Doesnt work
  Woudl Linux like Ubuntu be better?
  Thanks

  I got this working from a cisco 2911 router to Windows 7 computer.
  As per many articles, you are missing:-
  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config]"
  "AnnounceFlags"=dword:00000005
  But the one that allows Cisco kit to Sync is:-
  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config]"
  "LocalClockDispersion"=dword:00000000
  This article http://www.cisco.com/c/en/us/support/docs/ip/network-time-protocol-ntp/108076-ntp-troubleshoot.html talks about having a root-dispersion higher than 1000ms (1 second) causing Cisco IOS-NTP to unsynchronizes itself.
  This article http://htluo.blogspot.co.uk/2009/02/ntp-network-time-protocol.html#comment-form was the only one I found that added to the normal enable ntp server registry keys information, stating to change ‘HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\LocalClockDispersion’  from 10 to 0
  There was also articles that said that the Windows NTP implementation was version 3, and therefore you had to append ‘version 3’ to the routers ‘ntp server x.x.x.x’ command. This may be perhaps true for earlier windows versions?, but was NOT required for Windows 7.

• Ipod touch 4G wont sync with itunes 10.7

  I updated the Itunes software from 10.6 to 10.7 and now my ipod wont sync any new songs I put on my playlist, I can see all of the songs that were previously included on my playlist but if I try to add and sync the new songs they dont show up on my ipod, and also the same thing happens with my iPhone 3GS, so I want to know what is wrong with Apple and not resolving these issues, we pay for these devices and we expect a great service from them, because when I updated my Iphone 3GS to 5.1.1, my Iphone wouldnt activate neither from wifi, nor from Itunes, I called AT&T and they said that everythings working fine on their side but apple server were down so I had to wait, which Im still doing, I tried a solution that I found here, I uninstalled and reinstalled every itunes component and tried to sync again but it didnt work, so please can anybody help me and I also want to know if I update my Iphone 3GS to ios 6 would it activate or will I stay with a paper weight until the next update comes out?

  Me too, click Sync. Does backup tasks, completes.
  Does not copy any music from my library.
  I have to say I think iTunes really *****, not sure why but always have issues with it as a product. Good job its free......!?
  Andy