Wired Intelligent Edge

 View Only
last person joined: 2 days ago 

Bring performance and reliability to your network with the HPE Aruba Networking Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of your switching devices, and find ways to improve security across your network to bring together a mobile-first solution
Back to discussions
Expand all | Collapse all

NTP problem CX

This thread has been viewed 134 times

  • 1.  NTP problem CX

    Posted Apr 13, 2021 11:37 AM
    Hello
    We have problems of Switch 6200,6300 and 8320 with the NTP protocol.
    The time is wrong.
    The commands used are:
    ntp enable
    ntp server X
    X = Serve NTP
    ntp_error

    Thank you

    ------------------------------
    Oscar Gallach
    Sysadmin
    Casa Tarradellas, S.A.
    Gurb
    34938816550-4314
    ------------------------------


  • 2.  RE: NTP problem CX

    EMPLOYEE
    Posted Apr 13, 2021 06:37 PM
    run to run the current version which is 10.06.0112
    and here are the NTP configuration command
    timesync sntp
    sntp unicast
    sntp 30
    sntp server priority 1 x.x.x.x
    sntp server priority 2 y.y.y.y

    ------------------------------
    Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba.
    ------------------------------

    Original Message


  • 3.  RE: NTP problem CX

    Posted Apr 14, 2021 02:43 AM
    The last version for the model 6200 is: ML.10.06.0110
    update

    This command they only work for this version 10.06.0112?

    Thanks



    ------------------------------
    Oscar Gallach
    ------------------------------

    Original Message


  • 4.  RE: NTP problem CX

    MVP GURU
    Posted Apr 13, 2021 06:46 PM
    Hello Oscar, that warning message means only that there is a drift between your Web Browser time and the Switch time...is it correct your PC and wrong the Switch or vice-versa? supposing the Switch has wrong time reference then you need to investigate why...how it is exactly setup the NTP on your ArubaOS-CX Switches? is the NTP configured properly and reachable via the mgmt or the default VRF? what's about investigate on the Switch's logs?

    ------------------------------
    Davide Poletto
    ------------------------------

    Original Message


  • 5.  RE: NTP problem CX

    Posted Apr 14, 2021 02:47 AM
    The status NTP is:ntpThanks

    ------------------------------
    Oscar Gallach
    ------------------------------

    Original Message


  • 6.  RE: NTP problem CX

    EMPLOYEE
    Posted Apr 13, 2021 06:48 PM
    Need a bit more info  to help you./yourself

    *Have you set the timezone ? clock timezone ?
    *Where is your NTP source  coming from in band or mgmt
    *sh ntp status
    *show ntp statistics
    *show ntp associations

    also check your PC clock/timezone etc  as stated above

    ------------------------------
    Kamal Takodra
    If my post was useful accept solution and/or give kudos
    ------------------------------

    Original Message


  • 7.  RE: NTP problem CX

    EMPLOYEE
    Posted Apr 13, 2021 06:58 PM


    so to complete the config snippet for CX switch

    clock timezone australia/melbourne
    vrf keepalive
    ntp server x.x.x.x iburst
    ntp server y.y.y.y iburst
    ntp enable
    ntp vrf mgmt     <------------------ you can use any VRF for this

    ------------------------------
    Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba.
    ------------------------------

    Original Message


  • 8.  RE: NTP problem CX

    Posted Apr 14, 2021 02:48 AM
    The timezone is Madrid. The command iburst that does?

    ------------------------------
    Oscar Gallach
    ------------------------------

    Original Message


  • 9.  RE: NTP problem CX

    MVP GURU
    Posted Apr 14, 2021 03:11 AM
    Hello Oscar, an answer about iburst option meaning could be found here (or easily through a web search), it's not tied to Aruba device...it's a property of NTP.

    ------------------------------
    Davide Poletto
    ------------------------------

    Original Message


  • 10.  RE: NTP problem CX

    Posted Apr 14, 2021 03:07 AM
    The information requested:
    a

    Thanks

    ------------------------------
    Oscar Gallach
    ------------------------------

    Original Message


  • 11.  RE: NTP problem CX

    MVP GURU
    Posted Apr 14, 2021 03:27 AM
    You switch is not synchronized to your private NTP server at 192.168.200.93...there is very less to do if first you don't diagnose why your switch is not able to synchronize to it.
    Is the NTP Server deployed on a Linux host or Windows host? how it is configured? is the NTP able to ping the Switch on the correct VRF?

    Just an example (taken from one Aruba 8320):

    8320# show ntp status
    NTP Status Information

    NTP : Enabled
    NTP Authentication : Disabled
    NTP Server Connections : Using the mgmt VRF

    System time : Wed Apr 14 09:12:24 CEST 2021
    NTP uptime : 85 days, 21 hours, 21 minutes, 46 seconds

    NTP Synchronization Information

    NTP Server : <NTP-1-Private-IP-Address> at stratum 3
    Poll interval : 64 seconds
    Time accuracy : Within -0.000415 seconds
    Reference time : Wed Apr 14 2021 8:56:30.311 as per Europe/Rome

    8320# show ntp servers
    ----------------------------------------------------------------
    NTP SERVER KEYID MINPOLL MAXPOLL OPTION VER
    ----------------------------------------------------------------
    <NTP-1-Private-IP-Address> -- 6 10 iburst 3
    <NTP-2-Private-IP-Address> -- 6 10 iburst 3
    ----------------------------------------------------------------

    8320# show ntp associations
    ------------------------------------------------------------------------------------------------------
    ID NAME REMOTE REF-ID ST LAST POLL REACH
    ------------------------------------------------------------------------------------------------------
    * 1 <NTP-1-Private-IP-Address> <NTP-1-Private-IP-Address> 37.247.53.178 3 65 64 377
    + 2 <NTP-2-Private-IP-Address> <NTP-2-Private-IP-Address> 212.45.144.88 3 62 64 377
    ------------------------------------------------------------------------------------------------------

    snippet of Running Configuration about NTP/Clock (my reference NTP Servers are reached through the mgmt VRF):

    clock timezone europe/rome
    ntp server <NTP-1-Private-IP-Address> iburst
    ntp server <NTP-2-Private-IP-Address> iburst
    ntp enable
    no ntp authentication
    ntp vrf mgmt


    ------------------------------
    Davide Poletto
    ------------------------------

    Original Message


  • 12.  RE: NTP problem CX

    Posted Apr 14, 2021 11:12 AM

    Hi
    The server is a Windows. The commands used:
    clock timezone Europe/Madrid
    ntp server <server1> iburst
    ntp server <server2> iburst
    ntp enable
    no ntp authentication
    ntp vrf mgmt
    The error still comes out.

    a

    Thanks



    ------------------------------
    Oscar Gallach
    ------------------------------

    Original Message


  • 13.  RE: NTP problem CX

    EMPLOYEE
    Posted Jun 21, 2021 02:37 AM
    The issue had been resolved or not ?
    I am facing the same problem. NTP is not sync.

    show ntp status , it indicate  not sync with ntp server.

    show ntp association , it was associate to ntp server.


    clock timezone asia/kuala_lumpur
    ntp server 10.100.0.50 prefer
    ntp server 10.50.1.200 iburst
    ntp enable

    show ntp status
    NTP Status Information

    NTP : Enabled
    NTP Authentication : Disabled
    NTP Server Connections : Using the default VRF

    System time : Mon Jun 21 14:32:54 +08 2021
    NTP uptime : 58 days, 23 hours, 36 minutes, 23 seconds

    Not synchronized with an NTP server.



    show ntp associate
    ----------------------------------------------------------------------
    ID NAME REMOTE REF-ID ST LAST POLL REACH
    ----------------------------------------------------------------------
    1 10.100.0.50 10.100.0.50 10.30.1.50 5 20 64 377
    2 10.50.1.200 10.50.1.200 .XFAC. 16 - 1024 0
    ----------------------------------------------------------------------


     show ntp statistics
    Rx-pkts 168587
    Current Version Rx-pkts 0
    Old Version Rx-pkts 29
    Error pkts 0
    Auth-failed pkts 0
    Declined pkts 0
    Restricted pkts 0
    Rate-limited pkts 0
    KOD pkts 0


    ------------------------------
    Choh Koon Tan
    ------------------------------

    Original Message


  • 14.  RE: NTP problem CX

    MVP GURU
    Posted Jun 21, 2021 05:07 AM
    Can you describe how the NTP Server was configured? is it running on Linux or Windows? What ArubaOS-CX version are you switch (which model?) running on? please, provide details.

    ------------------------------
    Davide Poletto
    ------------------------------

    Original Message


  • 15.  RE: NTP problem CX

    Posted Jun 28, 2021 02:04 AM
    Hello
    The solution it is resolved temporarily. The config is:
    The server intern NTP es Windows 2019 and Switch 8320 TL.10.06.0112 version.
    Thanks

    ------------------------------
    Oscar Gallach
    ------------------------------

    Original Message


  • 16.  RE: NTP problem CX

    Posted Feb 22, 2022 04:42 AM

    Nice, that your problem was solved. But what was the solution. 



  • 17.  RE: NTP problem CX

    Posted Jun 21, 2021 05:53 AM
    as Ariyap wrote you need to enter the commands below

    timesync sntp
    sntp unicast
    sntp 30
    sntp server priority 1 192.168.200.93

    wait 1 minute for sync

    and try to delete the timezone, no need.



    ------------------------------
    Ahmet Calis
    ------------------------------

    Original Message


  • 18.  RE: NTP problem CX

    Posted Sep 06, 2022 08:07 PM
    @Ahmet those are commands that work on Procurve but not on current CX series firmware. I'm not sure if they worked on AOS-CX in the past but they do not in Version ArubaOS-CX PL.10.10.0002

    @ogallach I am finding that my time is sync'd correctly however I get the same output as you.

    Based on my experiences this is either a bug in Aruba CX or expected behavior when using a public NTP server. I have the same experience when using servers from the tf.nist.gov list. However my show clock output shows correct time so either its working unexpectedly or the "not synchronized" message is just an error.

    For others who are looking for a solution, here is a very simplistic but working config for public NTP via public DNS:​

    ! Configure simple public DNS
    ip dns server-address 9.9.9.9
    ip dns server-address 1.1.1.1
    ip dns server-address 8.8.8.8

    ! Configure Time Sync (use your own time zone)
    ​ntp server pool.ntp.org minpoll 4 maxpoll 4 iburst prefer
    ntp enable
    ntp vrf default
    no ntp authentication
    clock timezone america/chicago

    Original Message


  • 19.  RE: NTP problem CX

    Posted Sep 07, 2022 07:39 AM
    This may be relevant or not...

    I have found on several versions of CX that if I use DNS names for the NTP server, the switches regularly report no connection to the server, then later re-sync.  This happens for both internal and internet time sources.  I changed to using only IP addresses for the servers and it has been a lot more reliable.
    Original Message


  • 20.  RE: NTP problem CX

    Posted Sep 07, 2022 12:15 PM
    @davidrickard That is a great solution and it worked for me within 10 minutes or so after applying.

    Here's my current config ​for others who want a simple public NTP option:
    - technically you do not need the fqdn entries but if a future firmware makes these reliable I like to have them as a fallback as IPs can change

    ! Configure simple public DNS
    ip dns server-address 9.9.9.9
    ip dns server-address 1.1.1.1
    ip dns server-address 8.8.8.8

    ! Configure Time Sync (use your own time zone)
    !   129.6.15.28 and .29 are from tf.nist.gov list (same as time-a-g.nist.gov and time-b-g below)
    !   Static IP NTP server entries seem to sync more reliably
    ntp server 129.6.15.28 minpoll 4 maxpoll 4 iburst version 4 prefer
    ntp server 129.6.15.29 minpoll 4 maxpoll 4 iburst version 4 prefer
    ntp server time-a-g.nist.gov minpoll 4 maxpoll 4 iburst
    ntp server time-b-g.nist.gov minpoll 4 maxpoll 4 iburst
    ntp server pool.ntp.org minpoll 4 maxpoll 4 iburst version 4
    ntp enable
    ntp vrf default
    no ntp authentication
    clock timezone america/chicago
    Original Message


  • 21.  RE: NTP problem CX

    Posted Sep 07, 2022 12:30 PM
    @twhiteWC, I'm glad to hear it was useful.  My guess is it's down to DNS lookup latency and short timers on the NTP queries.  It would be better if they lookup the servers first then start the NTP process.​
    Original Message


  • 22.  RE: NTP problem CX

    Posted Sep 07, 2022 12:50 PM
    @davidrickard I'm sure they will get it straight in time. Still a very fresh OS. ​I would love to let it bake a little longer but with end of production on the prior models we don't want to install "new" gear and end up losing security patching early. Just finished my first CX install and no one died : ) Next one should be a lot faster with a baseline command reference in my notes.
    Original Message