Hi Everyone, I try to make it 7750 SR as NTP server, I do command like this
B:SITE-ALU-A>config>system>time# info
----------------------------------------------
ntp
ntp-server
no shutdown
exit
sntp
shutdown
exit
zone UTC
----------------------------------------------
B:SITE-ALU-A>config>system>time#
I do command in site-B
A:SITE-ALU-B>config>system>time# info
----------------------------------------------
ntp
server 192.168.200.1
no shutdown
exit
sntp
shutdown
exit
zone UTC
----------------------------------------------
A:SITE-ALU-B>config>system>time#
Ping to Site-A is reachable, but It doesn't make effect in side B.
A:SITE-ALU-B>config>system>time# /show system ntp
===============================================================================
NTP Status
===============================================================================
Configured : Yes Stratum : -
Admin Status : up Oper Status : up
Server Enabled : No Server Authenticate : No
Clock Source : none
Auth Check : Yes
Current Date & Time: 2015/08/06 17:19:59 UTC
===============================================================================
A:SITE-ALU-B>config>system>time# /show system ntp server
servers server
A:SITE-ALU-B>config>system>time# /show system ntp server 192.168.200.1
===============================================================================
NTP Server
===============================================================================
State Reference ID St Type A Poll Reach Offset(ms)
Remote
-------------------------------------------------------------------------------
reject - srvr - 64 ........ 0.000
192.168.200.1
===============================================================================
A:SITE-ALU-B>config>system>time#
let me know. some missing with my configuration?
Configuring 7750 SR as NTP Server
- thekotaksampah
- Member
- Posts: 100
- Joined: 06 Jan 2014 20:04
Configuring 7750 SR as NTP Server
Technical Blog: ngoprek.achyarnurandi.id
Re: Configuring 7750 SR as NTP Server
Hi.
You need to run "no authentication-check" in Site-A \conf system time ntp context.
Here is mine "Site A". It has also a a public NTP server.
With this config Site-B with the following config:
Result in this:
Site-B Client:
*A:SR7-sr02# show system ntp all
===============================================================================
NTP Status
===============================================================================
Configured : Yes Stratum : 4
Admin Status : up Oper Status : up
Server Enabled : Yes Server Authenticate : No
Clock Source : 10.14.129.11
Auth Check : No
Current Date & Time: 2015/08/07 06:34:09 UTC
===============================================================================
===============================================================================
NTP Active Associations
===============================================================================
State Reference ID St Type A Poll Reach Offset(ms)
Remote
-------------------------------------------------------------------------------
chosen 129.240.2.6 3 srvr - 64 ....YYYY -4.255
10.14.129.11
===============================================================================
===============================================================================
NTP Clients
===============================================================================
vRouter Time Last Request Rx
Address
-------------------------------------------------------------------------------
===============================================================================
Site-A Server:
*A:SR7-sr01# show system ntp all
===============================================================================
NTP Status
===============================================================================
Configured : Yes Stratum : 3
Admin Status : up Oper Status : up
Server Enabled : Yes Server Authenticate : Yes
Clock Source : 129.240.2.6
Auth Check : No
Current Date & Time: 2015/08/07 06:34:26 UTC
===============================================================================
===============================================================================
NTP Active Associations
===============================================================================
State Reference ID St Type A Poll Reach Offset(ms)
Remote
-------------------------------------------------------------------------------
chosen 30.20.35.61 2 srvr - 64 YYYYYYYY 0.941
129.240.2.6
===============================================================================
===============================================================================
NTP Clients
===============================================================================
vRouter Time Last Request Rx
Address
-------------------------------------------------------------------------------
management
10.14.129.12 08/07/2015 08:34:02
===============================================================================
Notice this; This setup will prefer any routes you may have configured in your BOF or in your router "Management".
In my case, router management has full connectivity, so I need to run this between my BOF configured IP adresses.
Not sure how to force this to run in a different routing context.
You can change the source IP adress for such packets, but while wiresharking, it still went out the Management Ethernet port on SFM-A in my case.
If you want to modify the source interface; then you can do it here:
Good luck!
You need to run "no authentication-check" in Site-A \conf system time ntp context.
Here is mine "Site A". It has also a a public NTP server.
Code: Select all
<root>
configure
system
time
-------------------------------------------------------------------------------
*A:SR7-sr01>config>system>time# info
----------------------------------------------
ntp
ntp-server authenticate
no authentication-check
server 129.240.2.6
no shutdown
exit
sntp
shutdown
exit
dst-zone CEST
start last sunday march 02:00
end last sunday october 03:00
exit
zone CET
----------------------------------------------
Code: Select all
<root>
configure
system
time
-------------------------------------------------------------------------------
*A:SR7-sr02>config>system>time# info
----------------------------------------------
ntp
ntp-server
no authentication-check
server 10.14.129.11
no shutdown
exit
sntp
shutdown
exit
zone UTC
----------------------------------------------
Site-B Client:
*A:SR7-sr02# show system ntp all
===============================================================================
NTP Status
===============================================================================
Configured : Yes Stratum : 4
Admin Status : up Oper Status : up
Server Enabled : Yes Server Authenticate : No
Clock Source : 10.14.129.11
Auth Check : No
Current Date & Time: 2015/08/07 06:34:09 UTC
===============================================================================
===============================================================================
NTP Active Associations
===============================================================================
State Reference ID St Type A Poll Reach Offset(ms)
Remote
-------------------------------------------------------------------------------
chosen 129.240.2.6 3 srvr - 64 ....YYYY -4.255
10.14.129.11
===============================================================================
===============================================================================
NTP Clients
===============================================================================
vRouter Time Last Request Rx
Address
-------------------------------------------------------------------------------
===============================================================================
Site-A Server:
*A:SR7-sr01# show system ntp all
===============================================================================
NTP Status
===============================================================================
Configured : Yes Stratum : 3
Admin Status : up Oper Status : up
Server Enabled : Yes Server Authenticate : Yes
Clock Source : 129.240.2.6
Auth Check : No
Current Date & Time: 2015/08/07 06:34:26 UTC
===============================================================================
===============================================================================
NTP Active Associations
===============================================================================
State Reference ID St Type A Poll Reach Offset(ms)
Remote
-------------------------------------------------------------------------------
chosen 30.20.35.61 2 srvr - 64 YYYYYYYY 0.941
129.240.2.6
===============================================================================
===============================================================================
NTP Clients
===============================================================================
vRouter Time Last Request Rx
Address
-------------------------------------------------------------------------------
management
10.14.129.12 08/07/2015 08:34:02
===============================================================================
Notice this; This setup will prefer any routes you may have configured in your BOF or in your router "Management".
In my case, router management has full connectivity, so I need to run this between my BOF configured IP adresses.
Not sure how to force this to run in a different routing context.
You can change the source IP adress for such packets, but while wiresharking, it still went out the Management Ethernet port on SFM-A in my case.
If you want to modify the source interface; then you can do it here:
Code: Select all
\configure system security source-address application <app - in example NTP> <ip addr / if_name>
[flash=]
Christoffer
Network System Expert Norway
Nokia SRA #265
Alcatel-Lucent SRC 3RP Certified #552
Alcatel-Lucent SRC NRS-2 Certified #1104
Huawei HCNP Routing & Switching certified
Cisco CCNP Certified
LinkedIN
[/flash]
Christoffer
Network System Expert Norway
Nokia SRA #265
Alcatel-Lucent SRC 3RP Certified #552
Alcatel-Lucent SRC NRS-2 Certified #1104
Huawei HCNP Routing & Switching certified
Cisco CCNP Certified
[/flash]
Re: Configuring 7750 SR as NTP Server
I don't believe you can change it. It's the same problem for other self-originated traffic such as cflowd. I've had to remove routes from the BOF as a workaround.Notice this; This setup will prefer any routes you may have configured in your BOF or in your router "Management".
In my case, router management has full connectivity, so I need to run this between my BOF configured IP adresses.
Not sure how to force this to run in a different routing context.
You can change the source IP address for such packets, but while wiresharking, it still went out the Management Ethernet port on SFM-A in my case.
I submitted an enhancement request by asking for the equivalent of the command "log route-preference primary inband secondary outband" for NTP etc but it never got much traction.
-
- Member
- Posts: 2
- Joined: 14 Sep 2018 06:17
Re: Configuring 7750 SR as NTP Server
Hi.
I have a similar problem. I want 7750SR to act as NTP server for other SRs devices. Actually, I tried to configure 7750 as a standalone NTP server without higher stratum public servers and also tried to work with public servers together. Both options don't work. Every time I see by show system ntp all on NTP server and NTP client the state reject. Could you pls help what I do wrong? Does 7750 work without public servers (TiMOS 9.0)
7750SR (NTP-server):
A:7750>config>system>time# info
----------------------------------------------
ntp
ntp-server authenticate
no authentication-check
server 10.100.1.2 prefer. <---- Ubuntu PC NTP server (it takes time from Internet)
no shutdown
exit
sntp
shutdown
exit
zone MSK
----------------------------------------------
*A:7750>config>router# show system ntp all
===============================================================================
NTP Status
===============================================================================
Configured : Yes Stratum : -
Admin Status : up Oper Status : up
Server Enabled : Yes Server Authenticate : Yes
Clock Source : none Auth Check : No
Current Date & Time: 2018/09/14 10:23:34 UTC
===============================================================================
===============================================================================
NTP Active Associations
===============================================================================
State Remote Reference ID St Type A Poll Reach Offset(ms)
-------------------------------------------------------------------------------
reject 10.100.1.2 127.127.1.1 6 srvr - 256 .....Y.Y 50.940
===============================================================================
===============================================================================
NTP Clients
===============================================================================
vRouter Address Time Last Request Rx
-------------------------------------------------------------------------------
Base 1.1.1.2 09/12/2018 15:59:23
Base 1.1.1.3 09/14/2018 13:22:32
Base 1.1.1.4 09/12/2018 13:43:05
===============================================================================
7705SARHc(NTP client):
A:HC>config>system>time# info
----------------------------------------------
ntp
no authentication-check
server 1.1.1.4. <---- 7750SR which is above
no shutdown
exit
sntp
shutdown
exit
zone UTC
----------------------------------------------
*A:HC# show system ntp all
===============================================================================
NTP Status
===============================================================================
Configured : Yes Stratum : -
Admin Status : up Oper Status : up
Server Enabled : No Server Authenticate : No
Clock Source : none
Auth Check : No
MDA Timestamp : No
Current Date & Time: 2000/02/15 00:48:56 UTC
===============================================================================
===============================================================================
NTP Active Associations
===============================================================================
State Remote Reference ID St Type A Poll Reach Offset(ms)
-------------------------------------------------------------------------------
reject 1.1.1.4 - srvr - 64 ........ 0.000
===============================================================================
I have a similar problem. I want 7750SR to act as NTP server for other SRs devices. Actually, I tried to configure 7750 as a standalone NTP server without higher stratum public servers and also tried to work with public servers together. Both options don't work. Every time I see by show system ntp all on NTP server and NTP client the state reject. Could you pls help what I do wrong? Does 7750 work without public servers (TiMOS 9.0)
7750SR (NTP-server):
A:7750>config>system>time# info
----------------------------------------------
ntp
ntp-server authenticate
no authentication-check
server 10.100.1.2 prefer. <---- Ubuntu PC NTP server (it takes time from Internet)
no shutdown
exit
sntp
shutdown
exit
zone MSK
----------------------------------------------
*A:7750>config>router# show system ntp all
===============================================================================
NTP Status
===============================================================================
Configured : Yes Stratum : -
Admin Status : up Oper Status : up
Server Enabled : Yes Server Authenticate : Yes
Clock Source : none Auth Check : No
Current Date & Time: 2018/09/14 10:23:34 UTC
===============================================================================
===============================================================================
NTP Active Associations
===============================================================================
State Remote Reference ID St Type A Poll Reach Offset(ms)
-------------------------------------------------------------------------------
reject 10.100.1.2 127.127.1.1 6 srvr - 256 .....Y.Y 50.940
===============================================================================
===============================================================================
NTP Clients
===============================================================================
vRouter Address Time Last Request Rx
-------------------------------------------------------------------------------
Base 1.1.1.2 09/12/2018 15:59:23
Base 1.1.1.3 09/14/2018 13:22:32
Base 1.1.1.4 09/12/2018 13:43:05
===============================================================================
7705SARHc(NTP client):
A:HC>config>system>time# info
----------------------------------------------
ntp
no authentication-check
server 1.1.1.4. <---- 7750SR which is above
no shutdown
exit
sntp
shutdown
exit
zone UTC
----------------------------------------------
*A:HC# show system ntp all
===============================================================================
NTP Status
===============================================================================
Configured : Yes Stratum : -
Admin Status : up Oper Status : up
Server Enabled : No Server Authenticate : No
Clock Source : none
Auth Check : No
MDA Timestamp : No
Current Date & Time: 2000/02/15 00:48:56 UTC
===============================================================================
===============================================================================
NTP Active Associations
===============================================================================
State Remote Reference ID St Type A Poll Reach Offset(ms)
-------------------------------------------------------------------------------
reject 1.1.1.4 - srvr - 64 ........ 0.000
===============================================================================
Re: Configuring 7750 SR as NTP Server
Looking at the "Reach" and "Offset" fields, there's possibly two separate issues here.
For 10.100.1.2 the reach field is " .....Y.Y" so it looks like the server has only recently become reachable. Once you have only Y characters and no . characters in the reach field, does the state change? If you continue to get a mixture of "." and "Y" then it's only sometimes getting a response back.
For 1.1.1.4 it doesn't look like it's ever been reachable so you probably need to troubleshoot whether the NTP traffic is getting there and replies are getting back, the correct interface/source address is being used etc.
For 10.100.1.2 the reach field is " .....Y.Y" so it looks like the server has only recently become reachable. Once you have only Y characters and no . characters in the reach field, does the state change? If you continue to get a mixture of "." and "Y" then it's only sometimes getting a response back.
For 1.1.1.4 it doesn't look like it's ever been reachable so you probably need to troubleshoot whether the NTP traffic is getting there and replies are getting back, the correct interface/source address is being used etc.
-
- Member
- Posts: 2
- Joined: 14 Sep 2018 06:17
Re: Configuring 7750 SR as NTP Server
Thank you for your response. Actually, I solved the problem. There are two aspects which it's necessary to take into account.mivens wrote: ↑14 Sep 2018 11:19 Looking at the "Reach" and "Offset" fields, there's possibly two separate issues here.
For 10.100.1.2 the reach field is " .....Y.Y" so it looks like the server has only recently become reachable. Once you have only Y characters and no . characters in the reach field, does the state change? If you continue to get a mixture of "." and "Y" then it's only sometimes getting a response back.
For 1.1.1.4 it doesn't look like it's ever been reachable so you probably need to troubleshoot whether the NTP traffic is getting there and replies are getting back, the correct interface/source address is being used etc.
1. 77xx will never act as NTP server until it gets time from external source with the stratum below its own (actually, < 16). I guess it's not necessary LAN/WAN source but, probably, it's also possible to use some serial ports on chassis (like bits or whatever it has). The key moment is stratum. 7750 must get time from any other source with stratum <16 then it can act as NTP server for other devices in network.
2. The problem was not about configuration on 77xx devices. I just had to wait for a while. 77xx synchronizes with external NTP server quite slow and you can't change this behavior in config. The average time for synchronization was about 40 minutes.