We have a customer that is using NTP, but does not have a key associated with it.
NTP has not been working correctly with the servers entered properly.
Is the NTP authenticate command needed even though there is no key?
What does your NTP config look like?
I have a controller simply configured with no authentication with the following command:
ntp server <domain controller ip>
Are there any ACLs that could be blocking NTP packets?
Thats what is currently in the controller, but I still have to go set time manually.
Also, the local controllers aren't taking that command. Is it master only?
I dont believe any ACLs are in place blocking that. They already have their LAN using ntp with no problems.
@cappalli wrote:ntp server <ip>
ntp server <ip>
Can you run:
show ntp status
show ntp servers
@cappalli wrote:Can you run: show ntp statusandshow ntp servers
(Master-Aruba3600) #show ntp status
system uptime: 6025530
time since reset: 6025530
bad stratum in packet: 0
old version packets: 186982
new version packets: 0
unknown version number: 1
bad packet format: 0
packets processed: 186806
bad authentication: 0
packets rejected: 0
system peer: 0.0.0.0
system peer mode: unspec
leap indicator: 11
root distance: 0.00000 s
root dispersion: 90.38295 s
reference ID: [0.0.0.0]
reference time: 00000000.00000000 Thu, Feb 7 2036 1:28:16.000
system flags: auth monitor ntp kernel stats
jitter: 0.000000 s
stability: 0.000 ppm
broadcastdelay: 0.003998 s
authdelay: 0.000000 s
(Master-Aruba3600) #show ntp servers
remote local st poll reach delay offset disp
=10.243.2.1 10.242.12.1 1 64 377 0.00075 16.490877 0.01649
=10.242.2.55 10.242.12.1 2 64 377 0.00066 16.488094 0.01651
Is the time off by a few hours or are the minutes and seconds drastically off too? Did you configure the time zone?
clock timezone EST -5
Yes, we configured the time zone.
I dont know if their actual time is correct though. Let me see if I can get into their ntp server.
@cappalli wrote:Is the time off by a few hours or are the minutes and seconds drastically off too? Did you configure the time zone? clock timezone EST -5
It looks like your controller is successfully connecting to the NTP server (based on the show ntp status output). I would definitely check to see that the NTP server is correct.
Check the show ntp peer to see if there's any communication in/out between the two
(beta-7200-controller) #show ntp peer 10.2.2.1
remote 10.63.250.21, local 10.10.10.1
hmode client, pmode mode#255, stratum 3, precision -24
leap 00, refid [22.214.171.124], rootdistance 0.00789, rootdispersion 0.04784
ppoll 10, hpoll 10, keyid 0, version 4, association 6572
reach 377, unreach 0, flash 0x0000, boffset 0.00400, ttl/mode 0
timer 14s, flags system_peer, config, bclient
reference time: d64b5132.5eefbcaa Thu, Dec 5 2013 14:23:30.370
originate timestamp: d64b5794.e6e6ae41 Thu, Dec 5 2013 14:50:44.901
receive timestamp: d64b5794.e71e7d99 Thu, Dec 5 2013 14:50:44.902
transmit timestamp: d64b5794.e6f294dd Thu, Dec 5 2013 14:50:44.902
filter delay: 0.00058 0.00061 0.00055 0.00075
0.00060 0.00069 0.00055 0.00064
filter offset: -0.00055 -0.00054 -0.00043 -0.00043
-0.00038 -0.00016 -0.00026 -0.00028
filter order: 0 1 2 3
4 5 6 7
offset -0.000556, delay 0.00058, error bound 0.12175, filter error 0.00000
time last received: 789s
time until next send: 235s
reachability change: 3174455s
packets sent: 3737
packets received: 3736
bad authentication: 0
bogus origin: 0
bad dispersion: 0
bad reference time: 0
candidate order: 6
Do you have any other network devices pointed at this NTP server? Are they showing the correct time?
You could also use this test utility to verify.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.