Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
NTP Time Question 4
- Thread starter orbit1
- Start date
-
1
- #2
- Thread starter
- #3
Baddos, Thanks for the reply! I do have a couple of questions: Q1- the ntp peer command show be made on the switch or router. The switch will not accept this command? The router however will.
Q2 - I put the ntp peer xxx.xxx.xxx.xxx on the router, however the switch did not update it's time.
Regards!
Q2 - I put the ntp peer xxx.xxx.xxx.xxx on the router, however the switch did not update it's time.
Regards!
- Thread starter
- #5
TreyJ, I have both the ntp server & peer cmds set on my router. I am trying to get a 2924-XL switch to sync with ntp time. So far the switch is not updating or syncing time from my router. Is there something on the switch I need to set? Below is what I have set on the my router:
ntp clock-period 17179725 (Not sure about this value?)
ntp source Ethernet0/1 (Switch is on this interface)
ntp peer 192.168.1.1 (Switch ip address)
ntp server 66.243.43.21 (External NTP server)
Regards!
ntp clock-period 17179725 (Not sure about this value?)
ntp source Ethernet0/1 (Switch is on this interface)
ntp peer 192.168.1.1 (Switch ip address)
ntp server 66.243.43.21 (External NTP server)
Regards!
-
1
- #6
You need to be able to pass the UDP port 123 (NTP) packet through the router OR the router needs to be the time server..not just a client. Or you need a timer server on the LAN side.
MikeS
Find me at
"Take advantage of the enemy's unreadiness, make your way by unexpected routes, and attack unguarded spots."
Sun Tzu
MikeS
Find me at
"Take advantage of the enemy's unreadiness, make your way by unexpected routes, and attack unguarded spots."
Sun Tzu
- Thread starter
- #7
MikeS,
Ok I think I made the router the master server, but the peer(My switch) still is not getting the NTP time. The following are my current NTP time settings on the router:
ntp clock-period 17179725
ntp source Ethernet0/1 (Switch is on this interface)
ntp master 15 (The new setting!)
ntp peer 192.168.1.1 (Switch ip address)
ntp server 66.243.43.21 (External NTP server)
P.S. The router is getting the External NTP time sync.
Thanks!
Ok I think I made the router the master server, but the peer(My switch) still is not getting the NTP time. The following are my current NTP time settings on the router:
ntp clock-period 17179725
ntp source Ethernet0/1 (Switch is on this interface)
ntp master 15 (The new setting!)
ntp peer 192.168.1.1 (Switch ip address)
ntp server 66.243.43.21 (External NTP server)
P.S. The router is getting the External NTP time sync.
Thanks!
-
1
- #9
Ok.
What you need to do is using the following commands in the router:
ntp master 2 (Really don't need this, but doesn't hurt)
ntp peer 66.243.43.21 (External NTP server)
Then on the switch you use the command:
ntp server x.x.x.x (an IP of the router)
That should be all it requires, the, of course, you have to wait for them to sync up.
The way that the NTP commands are setup are kind of odd. The "ntp server" command actually just lets that individual machine to sync to another time server, it DOES NOT make that machine a time server. The "ntp peer" command lets that machine sync off of antoher server, but also will reply to an requests that it recieves (a server). So, you need to configure the router with the NTP PEER command and the IP of the external NTP server, and the switch with the NTP SERVER command with the router's IP. Hope this helps, let me know....
Heres a cisco site that explains the commands:
Burke
What you need to do is using the following commands in the router:
ntp master 2 (Really don't need this, but doesn't hurt)
ntp peer 66.243.43.21 (External NTP server)
Then on the switch you use the command:
ntp server x.x.x.x (an IP of the router)
That should be all it requires, the, of course, you have to wait for them to sync up.
The way that the NTP commands are setup are kind of odd. The "ntp server" command actually just lets that individual machine to sync to another time server, it DOES NOT make that machine a time server. The "ntp peer" command lets that machine sync off of antoher server, but also will reply to an requests that it recieves (a server). So, you need to configure the router with the NTP PEER command and the IP of the external NTP server, and the switch with the NTP SERVER command with the router's IP. Hope this helps, let me know....
Heres a cisco site that explains the commands:
Burke
- Thread starter
- #10
Rburke,
Thanks for your detail information on NTP commands. It did clear up my understanding! So here is my current router settings concerning NTP:
ntp clock-period 17179725
ntp source Ethernet0/1 (Switch is on this interface)
ntp master 2
ntp peer 66.243.43.21 (External NTP server)
So far so good for the router config. However my WS-C2924-XL switch IOS (c2900XL-hs-mz-112.8-SA5.bin)is not accepting the NTP Server x.x.x.x command. Where / How do you enter this command?
Regards!
Thanks for your detail information on NTP commands. It did clear up my understanding! So here is my current router settings concerning NTP:
ntp clock-period 17179725
ntp source Ethernet0/1 (Switch is on this interface)
ntp master 2
ntp peer 66.243.43.21 (External NTP server)
So far so good for the router config. However my WS-C2924-XL switch IOS (c2900XL-hs-mz-112.8-SA5.bin)is not accepting the NTP Server x.x.x.x command. Where / How do you enter this command?
Regards!
Wel, I'm running a 2924XL-EN and the command seems to be there on mine.
"Switch-2924(config)#ntp ?
access-group Control NTP access
authenticate Authenticate time sources
authentication-key Authentication key for trusted time sources
broadcastdelay Estimated round-trip delay
clock-period Length of hardware clock tick
max-associations Set maximum number of associations
peer Configure NTP peer
server Configure NTP server
source Configure interface for source address
trusted-key Key numbers for trusted time sources
Switch-2924(config)#ntp server ?
Hostname or A.B.C.D IP address of peer"
Do you know if you are running the Enterprise ISO or the Standard? If you do a "show version" then you whould see something like this:
"Processor is running Enterprise Edition Software
Cluster command switch capable
Cluster member switch capable
24 FastEthernet/IEEE 802.3 interface(s)"
If you aren't running Enterprise then I'm not sure if you'll be able to run the "ntp server" command. Can you run the "ntp peer" command? If so then that will do the same thing, just allow people to sync off the switch as well. A little less secure, but if that is the only option.... then the choice is yours.
Here is my IOS file (different from yours):
c2900XL-c3h2s-mz-120.5.2-XU.bin
Let me know if this helps...
Burke
"Switch-2924(config)#ntp ?
access-group Control NTP access
authenticate Authenticate time sources
authentication-key Authentication key for trusted time sources
broadcastdelay Estimated round-trip delay
clock-period Length of hardware clock tick
max-associations Set maximum number of associations
peer Configure NTP peer
server Configure NTP server
source Configure interface for source address
trusted-key Key numbers for trusted time sources
Switch-2924(config)#ntp server ?
Hostname or A.B.C.D IP address of peer"
Do you know if you are running the Enterprise ISO or the Standard? If you do a "show version" then you whould see something like this:
"Processor is running Enterprise Edition Software
Cluster command switch capable
Cluster member switch capable
24 FastEthernet/IEEE 802.3 interface(s)"
If you aren't running Enterprise then I'm not sure if you'll be able to run the "ntp server" command. Can you run the "ntp peer" command? If so then that will do the same thing, just allow people to sync off the switch as well. A little less secure, but if that is the only option.... then the choice is yours.
Here is my IOS file (different from yours):
c2900XL-c3h2s-mz-120.5.2-XU.bin
Let me know if this helps...
Burke
- Thread starter
- #12
Rburke, Here is more switch info:
*********************************
Switch1(config)#ntp ?
% Unrecognized command
*********************************
Cisco Internetwork Operating System Software
IOS (tm) C2900XL Software (C2900XL-HS-M), Version 11.2(8)SA5, RELEASE SOFTWARE (
fc1)
Copyright (c) 1986-1999 by cisco Systems, Inc.
Compiled Tue 23-Mar-99 11:44 by rheaton
Image text-base: 0x00003000, data-base: 0x001FAEF8
ROM: Bootstrap program is C2900XL boot loader
Switch1 uptime is 1 day, 12 hours, 5 minutes
System restarted by power-on
System image file is "flash:c2900XL-hs-mz-112.8-SA5.bin", booted via exec
cisco WS-C2924-XL (PowerPC403GA) processor (revision 0x11) with 4096K/640K bytes
of memory.
Processor board ID 0x07, with hardware revision 0x00
Last reset from power-on
Processor is running Enterprise Edition Software
24 Ethernet/IEEE 802.3 interface(s)
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 00:90:AB:F7:64:C0
Motherboard assembly number: 73-2910-05
Motherboard serial number: FAA02349HLJ
System serial number: FAA0234W0GQ
Configuration register is 0xF
As you can see the NTP command is not available? Not sure why??
Regards,
John
*********************************
Switch1(config)#ntp ?
% Unrecognized command
*********************************
Cisco Internetwork Operating System Software
IOS (tm) C2900XL Software (C2900XL-HS-M), Version 11.2(8)SA5, RELEASE SOFTWARE (
fc1)
Copyright (c) 1986-1999 by cisco Systems, Inc.
Compiled Tue 23-Mar-99 11:44 by rheaton
Image text-base: 0x00003000, data-base: 0x001FAEF8
ROM: Bootstrap program is C2900XL boot loader
Switch1 uptime is 1 day, 12 hours, 5 minutes
System restarted by power-on
System image file is "flash:c2900XL-hs-mz-112.8-SA5.bin", booted via exec
cisco WS-C2924-XL (PowerPC403GA) processor (revision 0x11) with 4096K/640K bytes
of memory.
Processor board ID 0x07, with hardware revision 0x00
Last reset from power-on
Processor is running Enterprise Edition Software
24 Ethernet/IEEE 802.3 interface(s)
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 00:90:AB:F7:64:C0
Motherboard assembly number: 73-2910-05
Motherboard serial number: FAA02349HLJ
System serial number: FAA0234W0GQ
Configuration register is 0xF
As you can see the NTP command is not available? Not sure why??
Regards,
John
- Thread starter
- #15
Memory can not be added to the switch.
MikeS
Find me at
"Take advantage of the enemy's unreadiness, make your way by unexpected routes, and attack unguarded spots."
Sun Tzu
MikeS
Find me at
"Take advantage of the enemy's unreadiness, make your way by unexpected routes, and attack unguarded spots."
Sun Tzu
- Thread starter
- #17
Uploaded to latest version of Switch IOS:
c2900XL-hs-mz-112.8.10-SA6.bin
IOS (tm) C2900XL Software (C2900XL-HS-M), Version 11.2(8.10)SA6
Switch1(config)#ntp ?
% Unrecognized command
Still no ntp command!
Since this switch does not support IOS version 12.X, how do administrators keep the time correct on a large number of switchs on their network when ntp is not supported at the switch under version 11.x?
c2900XL-hs-mz-112.8.10-SA6.bin
IOS (tm) C2900XL Software (C2900XL-HS-M), Version 11.2(8.10)SA6
Switch1(config)#ntp ?
% Unrecognized command
Still no ntp command!
Since this switch does not support IOS version 12.X, how do administrators keep the time correct on a large number of switchs on their network when ntp is not supported at the switch under version 11.x?
You might look into upgrading the switch. I know you can get some off Ebay for about $400 the last time I looked. That's where I got mine and it works just fine. Just make sure you get one that has the 8MB of RAM, and preferably the 12.x Enterprise IOS. That would be my suggestion.
Burke
Burke
-
1
- #19
You can load the latest IOS on this switch if you only place the *.bin file in flash. You won't be able to use the Visual Switch Manager but you will have the latest features and get NTP working.
The only command you should need to get NTP from your router should be NTP SERVER X.X.X.X
The only command you should need to get NTP from your router should be NTP SERVER X.X.X.X
- Thread starter
- #20
- Status