NTP question

From: George Goglidze (goglidze@gmail.com)
Date: Sun Nov 18 2007 - 09:31:35 ART

• Next message: wilfred d'souza: "RE: ip rtp header-compression"
• Previous message: RRC: "Re: GBIC to SFP?"
• Next in thread: Edison Ortiz: "RE: NTP question"
• Maybe reply: Edison Ortiz: "RE: NTP question"
• Maybe reply: Edison Ortiz: "RE: NTP question"
• Maybe reply: George Goglidze: "Re: NTP question"
• Maybe reply: Edison Ortiz: "RE: NTP question"
• Maybe reply: Frank Gao: "Re: NTP question"
• Maybe reply: Edison Ortiz: "RE: NTP question"
• Maybe reply: Ali.Huang: "Re: NTP question"
• Maybe reply: Vladimir Sousa: "Re: NTP question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi all,

I have been working on NTP and have noticed couple things I'd like to share,

I was working on ntp access-group
Especially when I'm filtering clients that can request time from the server.

here was initial configuration:

server:
int lo 0
ip addr 192.168.1.1
exit

ntp source Loopback0
ntp access-group serve-only 1
ntp master

access-list 1 permit host 192.168.2.2

client:

int lo 0
ip addr 192.168.2.2
exit

ntp server 192.168.2.2

---------------

for some reason this does not work:
and actually, even R1 does not have ntp association OK.

it shows:

R1#sh ntp associations detail
127.127.7.1 configured, insane, invalid, unsynced, stratum 7
ref ID 127.127.7.1, time 00000000.00000000 (00:00:00.000 UTC Mon Jan 1 1900)
our mode active, peer mode unspec, our poll intvl 64, peer poll intvl 64
root delay 0.00 msec, root disp 0.00, reach 0, sync dist 0.000
delay 0.00 msec, offset 0.0000 msec, dispersion 16000.00
precision 2**24, version 3
org time 00000000.00000000 (00:00:00.000 UTC Mon Jan 1 1900)
rcv time 00000000.00000000 (00:00:00.000 UTC Mon Jan 1 1900)
xmt time 00000000.00000000 (00:00:00.000 UTC Mon Jan 1 1900)
filtdelay = 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
filtoffset = 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
filterror = 16000.0 16000.0 16000.0 16000.0 16000.0 16000.0 16000.0 16000.0
Reference clock status: Running normally
Timecode:

and for this reason on R2 we get following error on debug:

.Jan 1 05:43:00.374: NTP: packet from 192.168.1.1 failed validity tests 20
.Jan 1 05:43:00.374: Peer/Server Clock unsynchronized

--------------------

So on R1 I had to add following line, to be able to let's say make sane
relationship with NTP master on loopback.
the final config of R1 server is:

int lo 0
ip addr 192.168.1.1
exit

ntp source Loopback0
ntp access-group peer 2
ntp access-group serve-only 1
ntp master

access-list 1 permit host 192.168.2.2
access-list 2 permit 127.127.7.1

---------------------------------------------------

I did not find anywhere in DocCd information that I had to do that, but it
seems like it does not work without that.

Can anyone tell me if I'm wrong?
Maybe I'm doing something wrong after all.

Thanks,

• Next message: wilfred d'souza: "RE: ip rtp header-compression"
• Previous message: RRC: "Re: GBIC to SFP?"
• Next in thread: Edison Ortiz: "RE: NTP question"
• Maybe reply: Edison Ortiz: "RE: NTP question"
• Maybe reply: Edison Ortiz: "RE: NTP question"
• Maybe reply: George Goglidze: "Re: NTP question"
• Maybe reply: Edison Ortiz: "RE: NTP question"
• Maybe reply: Frank Gao: "Re: NTP question"
• Maybe reply: Edison Ortiz: "RE: NTP question"
• Maybe reply: Ali.Huang: "Re: NTP question"
• Maybe reply: Vladimir Sousa: "Re: NTP question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Dec 01 2007 - 06:37:30 ART