dissolved
asked on
NTP servers
where's the best place to find reliable NTP servers to use? I am on the east coast for what its worth
Thank you
Thank you
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
thanks!
ASKER
if I configure an external NTP server on a router or firewall, do I need to open up udp 123? if its a stateful firewall, shouldn't it allow the traffic back in?
no you shouldnt have to unless you are specifically blocking the NTP port (udp 123)
you are establishing the connection from the device so you should be fine.
you are establishing the connection from the device so you should be fine.
ASKER
ok, i added those ntp servers you had and this is what I have. is this normal? Is it synched?
Central_FL_Gas#sh ntp stat
Clock is unsynchronized, stratum 16, no reference clock
nominal freq is 250.0000 Hz, actual freq is 249.9984 Hz, precision is 2**18
reference time is CD5AD3D9.60F6E8AE (22:42:33.378 UTC Thu Mar 5 2009)
clock offset is 3.8501 msec, root delay is 152.95 msec
root dispersion is 7.86 msec, peer dispersion is 0.46 msec
Central_FL_Gas#sh ntp assoc
address ref clock st when poll reach delay offset disp
~64.90.182.55 0.0.0.0 16 - 64 0 0.0 0.00 16000.
~18.26.4.105 0.0.0.0 16 - 64 0 0.0 0.00 16000.
~209.51.161.238 0.0.0.0 16 - 64 0 0.0 0.00 16000.
~129.6.15.28 0.0.0.0 16 - 64 0 0.0 0.00 16000.
* master (synced), # master (unsynced), + selected, - candidate, ~ configured
Central_FL_Gas#
no thats not right at all, thats not connecting to any of the NTP servers...below is what it should look like
is this an edge router or located behind other devices?
is this an edge router or located behind other devices?
show ntp ass
address ref clock st when poll reach delay offset disp
+~64.90.182.55 .ACTS. 1 697 1024 377 3.0 6.16 2.8
+~18.26.4.105 .CDMA. 1 755 1024 377 8.1 -0.07 0.5
*~209.51.161.238 .CDMA. 1 710 1024 377 7.7 3.23 0.7
~129.6.15.28 .ACTS. 1 110 1024 377 111.7 46.91 13.6
* master (synced), # master (unsynced), + selected, - candidate, ~ configuredASKER
its a remote site, which connects to us via MPLS. Its internet traffic goes out our (headquarters) firewall and router
can you ping the 64.90.182.55 address from the router?
ASKER
no
I do have a router (facing the internet) that does have access to an external NTP server. Should I point my routers to that?
I do have a router (facing the internet) that does have access to an external NTP server. Should I point my routers to that?
yeh what you can do is setup the other router to get the time and then use that as a server for the back one...pretty much what i do so the wan router is a stratum 2 ntp server
just add the ntp master 1 command to the wan router...the 1 is how many stratums away from 0 so assuming that router connections to a stratum 0 router your wan router is in stratum 1
just add the ntp master 1 command to the wan router...the 1 is how many stratums away from 0 so assuming that router connections to a stratum 0 router your wan router is in stratum 1
http://support.ntp.org/bin/view/Servers/StratumOneTimeServers