Configuring 7750 SR as NTP Server

Post Reply
User avatar
thekotaksampah
Member
Posts: 86
Joined: 06 Jan 2014 20:04

Configuring 7750 SR as NTP Server

Post by thekotaksampah » 06 Aug 2015 06:21

Hi Everyone, I try to make it 7750 SR as NTP server, I do command like this

B:SITE-ALU-A>config>system>time# info
----------------------------------------------
ntp
ntp-server
no shutdown
exit
sntp
shutdown
exit
zone UTC
----------------------------------------------
B:SITE-ALU-A>config>system>time#

I do command in site-B

A:SITE-ALU-B>config>system>time# info
----------------------------------------------
ntp
server 192.168.200.1
no shutdown
exit
sntp
shutdown
exit
zone UTC
----------------------------------------------
A:SITE-ALU-B>config>system>time#


Ping to Site-A is reachable, but It doesn't make effect in side B.

A:SITE-ALU-B>config>system>time# /show system ntp

===============================================================================
NTP Status
===============================================================================
Configured : Yes Stratum : -
Admin Status : up Oper Status : up
Server Enabled : No Server Authenticate : No
Clock Source : none
Auth Check : Yes
Current Date & Time: 2015/08/06 17:19:59 UTC
===============================================================================
A:SITE-ALU-B>config>system>time# /show system ntp server
servers server
A:SITE-ALU-B>config>system>time# /show system ntp server 192.168.200.1

===============================================================================
NTP Server
===============================================================================
State Reference ID St Type A Poll Reach Offset(ms)
Remote
-------------------------------------------------------------------------------
reject - srvr - 64 ........ 0.000
192.168.200.1
===============================================================================
A:SITE-ALU-B>config>system>time#

let me know. some missing with my configuration?

Stoffen
Member
Posts: 118
Joined: 23 May 2014 05:32
Location: Norway

Re: Configuring 7750 SR as NTP Server

Post by Stoffen » 07 Aug 2015 02:39

Hi.
You need to run "no authentication-check" in Site-A \conf system time ntp context.

Here is mine "Site A". It has also a a public NTP server.

Code: Select all

 
 <root>
  configure 
  system 
  time 
-------------------------------------------------------------------------------
*A:SR7-sr01>config>system>time# info 
----------------------------------------------
            ntp
                ntp-server authenticate
                no authentication-check
                server 129.240.2.6
                no shutdown
            exit
            sntp
                shutdown
            exit
            dst-zone CEST
                start last sunday march 02:00
                end last sunday october 03:00
            exit
            zone CET 
----------------------------------------------
With this config Site-B with the following config:

Code: Select all

 <root>
  configure 
  system 
  time 
-------------------------------------------------------------------------------
*A:SR7-sr02>config>system>time# info 
----------------------------------------------
            ntp
                ntp-server
                no authentication-check
                server 10.14.129.11
                no shutdown
            exit
            sntp
                shutdown
            exit
            zone UTC 
----------------------------------------------
Result in this:

Site-B Client:

*A:SR7-sr02# show system ntp all

===============================================================================
NTP Status
===============================================================================
Configured : Yes Stratum : 4
Admin Status : up Oper Status : up
Server Enabled : Yes Server Authenticate : No
Clock Source : 10.14.129.11
Auth Check : No
Current Date & Time: 2015/08/07 06:34:09 UTC
===============================================================================

===============================================================================
NTP Active Associations
===============================================================================
State Reference ID St Type A Poll Reach Offset(ms)
Remote
-------------------------------------------------------------------------------
chosen 129.240.2.6 3 srvr - 64 ....YYYY -4.255
10.14.129.11
===============================================================================

===============================================================================
NTP Clients
===============================================================================
vRouter Time Last Request Rx
Address
-------------------------------------------------------------------------------
===============================================================================

Site-A Server:

*A:SR7-sr01# show system ntp all

===============================================================================
NTP Status
===============================================================================
Configured : Yes Stratum : 3
Admin Status : up Oper Status : up
Server Enabled : Yes Server Authenticate : Yes
Clock Source : 129.240.2.6
Auth Check : No
Current Date & Time: 2015/08/07 06:34:26 UTC
===============================================================================

===============================================================================
NTP Active Associations
===============================================================================
State Reference ID St Type A Poll Reach Offset(ms)
Remote
-------------------------------------------------------------------------------
chosen 30.20.35.61 2 srvr - 64 YYYYYYYY 0.941
129.240.2.6
===============================================================================

===============================================================================
NTP Clients
===============================================================================
vRouter Time Last Request Rx
Address
-------------------------------------------------------------------------------
management
10.14.129.12 08/07/2015 08:34:02
===============================================================================

Notice this; This setup will prefer any routes you may have configured in your BOF or in your router "Management".
In my case, router management has full connectivity, so I need to run this between my BOF configured IP adresses.

Not sure how to force this to run in a different routing context.
You can change the source IP adress for such packets, but while wiresharking, it still went out the Management Ethernet port on SFM-A in my case.

If you want to modify the source interface; then you can do it here:

Code: Select all

\configure system security source-address application <app - in example NTP> <ip addr / if_name>
Good luck! :)
[flash=]
Christoffer

Network System Expert Norway
Nokia SRA #265
Alcatel-Lucent SRC 3RP Certified #552
Alcatel-Lucent SRC NRS-2 Certified #1104
Huawei HCNP Routing & Switching certified
Cisco CCNP Certified
LinkedIN
[/flash]

mivens
Member
Posts: 240
Joined: 28 Sep 2012 06:34

Re: Configuring 7750 SR as NTP Server

Post by mivens » 07 Aug 2015 09:42

Notice this; This setup will prefer any routes you may have configured in your BOF or in your router "Management".
In my case, router management has full connectivity, so I need to run this between my BOF configured IP adresses.

Not sure how to force this to run in a different routing context.
You can change the source IP address for such packets, but while wiresharking, it still went out the Management Ethernet port on SFM-A in my case.
I don't believe you can change it. It's the same problem for other self-originated traffic such as cflowd. I've had to remove routes from the BOF as a workaround.

I submitted an enhancement request by asking for the equivalent of the command "log route-preference primary inband secondary outband" for NTP etc but it never got much traction.

koryphaios
Member
Posts: 2
Joined: 14 Sep 2018 06:17

Re: Configuring 7750 SR as NTP Server

Post by koryphaios » 14 Sep 2018 06:28

Hi.

I have a similar problem. I want 7750SR to act as NTP server for other SRs devices. Actually, I tried to configure 7750 as a standalone NTP server without higher stratum public servers and also tried to work with public servers together. Both options don't work. Every time I see by show system ntp all on NTP server and NTP client the state reject. Could you pls help what I do wrong? Does 7750 work without public servers (TiMOS 9.0)

7750SR (NTP-server):

A:7750>config>system>time# info
----------------------------------------------
ntp
ntp-server authenticate
no authentication-check
server 10.100.1.2 prefer. <---- Ubuntu PC NTP server (it takes time from Internet)
no shutdown
exit
sntp
shutdown
exit
zone MSK
----------------------------------------------


*A:7750>config>router# show system ntp all

===============================================================================
NTP Status
===============================================================================
Configured : Yes Stratum : -
Admin Status : up Oper Status : up
Server Enabled : Yes Server Authenticate : Yes
Clock Source : none Auth Check : No
Current Date & Time: 2018/09/14 10:23:34 UTC
===============================================================================

===============================================================================
NTP Active Associations
===============================================================================
State Remote Reference ID St Type A Poll Reach Offset(ms)
-------------------------------------------------------------------------------
reject 10.100.1.2 127.127.1.1 6 srvr - 256 .....Y.Y 50.940
===============================================================================

===============================================================================
NTP Clients
===============================================================================
vRouter Address Time Last Request Rx
-------------------------------------------------------------------------------
Base 1.1.1.2 09/12/2018 15:59:23
Base 1.1.1.3 09/14/2018 13:22:32
Base 1.1.1.4 09/12/2018 13:43:05
===============================================================================

7705SARHc(NTP client):

A:HC>config>system>time# info
----------------------------------------------
ntp
no authentication-check
server 1.1.1.4. <---- 7750SR which is above
no shutdown
exit
sntp
shutdown
exit
zone UTC
----------------------------------------------

*A:HC# show system ntp all

===============================================================================
NTP Status
===============================================================================
Configured : Yes Stratum : -
Admin Status : up Oper Status : up
Server Enabled : No Server Authenticate : No
Clock Source : none
Auth Check : No
MDA Timestamp : No
Current Date & Time: 2000/02/15 00:48:56 UTC
===============================================================================

===============================================================================
NTP Active Associations
===============================================================================
State Remote Reference ID St Type A Poll Reach Offset(ms)
-------------------------------------------------------------------------------
reject 1.1.1.4 - srvr - 64 ........ 0.000
===============================================================================

mivens
Member
Posts: 240
Joined: 28 Sep 2012 06:34

Re: Configuring 7750 SR as NTP Server

Post by mivens » 14 Sep 2018 11:19

Looking at the "Reach" and "Offset" fields, there's possibly two separate issues here.

For 10.100.1.2 the reach field is " .....Y.Y" so it looks like the server has only recently become reachable. Once you have only Y characters and no . characters in the reach field, does the state change? If you continue to get a mixture of "." and "Y" then it's only sometimes getting a response back.

For 1.1.1.4 it doesn't look like it's ever been reachable so you probably need to troubleshoot whether the NTP traffic is getting there and replies are getting back, the correct interface/source address is being used etc.

koryphaios
Member
Posts: 2
Joined: 14 Sep 2018 06:17

Re: Configuring 7750 SR as NTP Server

Post by koryphaios » 05 Oct 2018 05:57

mivens wrote:
14 Sep 2018 11:19
Looking at the "Reach" and "Offset" fields, there's possibly two separate issues here.

For 10.100.1.2 the reach field is " .....Y.Y" so it looks like the server has only recently become reachable. Once you have only Y characters and no . characters in the reach field, does the state change? If you continue to get a mixture of "." and "Y" then it's only sometimes getting a response back.

For 1.1.1.4 it doesn't look like it's ever been reachable so you probably need to troubleshoot whether the NTP traffic is getting there and replies are getting back, the correct interface/source address is being used etc.
Thank you for your response. Actually, I solved the problem. There are two aspects which it's necessary to take into account.
1. 77xx will never act as NTP server until it gets time from external source with the stratum below its own (actually, < 16). I guess it's not necessary LAN/WAN source but, probably, it's also possible to use some serial ports on chassis (like bits or whatever it has). The key moment is stratum. 7750 must get time from any other source with stratum <16 then it can act as NTP server for other devices in network.
2. The problem was not about configuration on 77xx devices. I just had to wait for a while. 77xx synchronizes with external NTP server quite slow and you can't change this behavior in config. The average time for synchronization was about 40 minutes.

Post Reply

Return to “7750 SR”