Hi Richard, reading your comment: "
Original Message:
Sent: Sep 04, 2021 09:39 AM
From: Richard Litchfield
Subject: ArubaOS-CX as an NTP Time Server
Update
A quick refresh on this Howto guide. Not much has changed, but I did test iburst (to speed up time sync).
Also a comment that the 8320 is not a very good device to use as a time source, since it doesn't have an internal battery-backed RTC, but it was what was available at the time.
CX6300 as NTP Source
- The 6300 gets its source from the Google time servers (there is a .0 as well, but it doesn't work with ProCurve/AOSS, so I never use it)
- This is via the MGMT port (mgmt VRF)
- NTP configured as a master, stratum 3, in VRF default (172.20.100.1 is one of the 6300 IPs in that VRF)
ntp server 216.239.35.12 iburstntp server 216.239.35.4 iburstntp server 216.239.35.8 iburstntp enablentp vrf mgmtntp master vrf default stratum 3
The CX6300 now has NTP running as a master, and other network devices can point to it for time sync.
CX6200 using the 6300 NTP source
ntp server 172.20.100.1 iburst preferntp enablentp vrf mgmt
Using iburst speeds up sync from what was previously 30-40min, to almost immediately.
CX6200# sh ntp associations detail---------------------------------------------------------------------- ID NAME REMOTE REF-ID ST LAST POLL REACH----------------------------------------------------------------------* 1 172.20.100.1 172.20.100.1 LOCAL(0) 4 1052 1024 377----------------------------------------------------------------------NTP Association Key code : First character of each line is the Tally code (Explained below) ID : Server number NAME : NTP server name or IPv4/v6 address (only the first 24 characters of the name are displayed) REMOTE : Remote server IPv4/v6 address REF_ID : Reference ID for the remote server (Can be an IP address). See NTP docs for more information. Stratum : (ST) Number of hops between the client and the reference clock. LAST : Time since the last packet was received (seconds unless unit is provided) POLL : Interval (in seconds) between NTP poll packets. Maximum (1024) reached as server and client syncs. REACH : 8-bit octal number that displays status of last eight NTP messages (377 = all messages received).Key for the Tally codeThis field displays the current selection status. : No state information available (e.g. non-responding server) x : Out of tolerance (discarded by intersection algorithm) . : Discarded by table overflow (not used) - : Out of tolerance (discarded by the cluster algorithm) + : Good and a preferred remote peer or server (included by the combine algorithm) # : Good remote peer or server, but not utilized (ready as a backup source) * : Remote peer or server presently used as a primary reference o : PPS peer (when the prefer peer is valid)CX6200# sh ntp statistics Rx-pkts 158292 Current Version Rx-pkts 6678 Old Version Rx-pkts 0 Error pkts 0 Auth-failed pkts 0 Declined pkts 0 Restricted pkts 0 Rate-limited pkts 0 KOD pkts 0CX6200# sh ntp statusNTP Status InformationNTP : EnabledNTP Authentication : DisabledNTP Server Connections : Using the mgmt VRFSystem time : Sat Sep 4 23:37:13 AEST 2021NTP uptime : 26 days, 12 hours, 24 minutes, 35 secondsNTP Synchronization InformationNTP Server : 172.20.100.1 at stratum 4Poll interval : 1024 secondsTime accuracy : Within -0.000153 secondsReference time : Sat Sep 4 2021 23:35:34.934 as per Australia/Sydney
------------------------------
Richard Litchfield
Airheads MVP 2020, 2021
Original Message:
Sent: Apr 12, 2019 01:12 AM
From: Richard Litchfield
Subject: ArubaOS-CX as an NTP Time Server
ArubaOS-CX 10.02 introduced the capability to act as a server for NTP, also known as NTP master.
ArubaOS-CX NTP Client Config
Check the existing NTP client config on the CX switch. (In the example below, the Windows server 10.2.10.2 is not responding to NTP.)
ntp server 10.2.10.2ntp server 10.2.10.3ntp enablentp vrf mgmt8320-upper# sh ntp associations----------------------------------------------------------------------ID NAME REMOTE REF-ID ST LAST POLL REACH----------------------------------------------------------------------1 10.2.10.2 10.2.10.2 .INIT. 16 - 1024 0* 2 10.2.10.3 10.2.10.3 16.110.135.123 3 997 1024 377----------------------------------------------------------------------
ArubaOS-CX NTP Server Config
NTP master is enabled by default, with no settings.
8320-upper# sh ntp masterNTP Master Status : Enabled-----------VRF Stratum-----------
To complete the config, add the extra parameters to the config (from the primary if in a VSX cluster):
ntp master vrf default stratum 3
If you are running this in a VSX cluster, the ntp master line will be synchronised to the secondary switch.
8320-lower# sh run | in ntpntp server 10.2.10.2ntp server 10.2.10.3ntp enablentp vrf mgmtntp master vrf default stratum 3
Config for ArubaOS-Switch (also ProCurve)
I have added the loopback addresses of both 8320 switches in the VSX cluster. The VLAN interface IPs also work (eg 10.80.32.7 and 10.80.32.8).
timesync ntpntp unicastntp server 10.80.255.7ntp server 10.80.255.8ntp enable
My timezone settings for Sydney Australia:
time daylight-time-rule user-defined begin-date 10/01 end-date 04/01time timezone 600
3500in8xxx(config)# sh ntp associationsNTP Associations EntriesRemote St T When Poll Reach Delay Offset Dispersion--------------- ---- ---- ------ ----- -------- -------- -------- ----------10.80.255.7 4 u 75 10 3 0.000 0.000 15.8758810.80.255.8 4 u 75 10 3 0.000 0.000 15.87552
Other Notes
NTP master is not a virtualized function on ArubaOS-CX. The virtual IP address will not work if you try and use it. 10.80.32.1 is the virtual IP address in this example. Note that it is set to Stratum 16 - this never changes.
3500in8xxx(config)# sh ntp associationsNTP Associations EntriesRemote St T When Poll Reach Delay Offset Dispersion--------------- ---- ---- ------ ----- -------- -------- -------- ----------10.80.32.1 16 75 17 0 0.000 0.000 15.93835
NTP authentication isn't currently supported with the OS-CX device acting as server/master.