• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 202
  • Last Modified:

ntp server url error

I am trying to configure ntp server us.pool.ntp.org and my switch gave me an error.

switch1(config)#ntp server us.pool.ntp.org
Translating "us.pool.ntp.org"
                                  ^
% Invalid input detected at '^' marker.
0
leblanc
Asked:
leblanc
5 Solutions
 
JustInCaseCommented:
If your ntp server don't exist on that address, or switch could not reach internet - switch cannot resolve hostname to ip address.
I don't think that us.pool.ntp.org exist as such. (I tried to ping it - result - request timed out.) :)
You can use one of these
0.us.pool.ntp.org
1.us.pool.ntp.org
2.us.pool.ntp.org
3.us.pool.ntp.org
0
 
Otto_NCommented:
"us.pool.ntp.org" does exist in the DNS database (an "nslookup" from my PC returns 4 public IP's, and I can ping "us.pool.ntp.org"), so perhaps there's an issue with DNS on the switch?  If you try to ping "us.pool.ntp.org" from the switch, does the name at least translate to an IP address?

If the issue is DNS, using specific servers (like "0.us.pool.ntp.org") won't work either, and you'll get the same error message.  Then you either have to fix your DNS, or use the static IP addresses (rather than the hostnames).

Another possibility is that you either cannot connect to the Internet (firewall/NAT issue), or perhaps that your switch use an IP address that is not routed on the Internet as source for NTP.  Have you ruled these issues out?
0
 
frankhelkCommented:
I've just tried to ping us.ntp.org and it answers. Interstingly the IP doesn't match one of the "numbered" addresses.

Nevertheless, the current server at 0.us.ntp.org didn't respond (which might be due to the server is forbidden to answer for pings or ti's down or unreachable).

Maybe your switch doesn't allow other things than numeric IP addresses there ?

By the way I see no immediate use in syncing a switch with an external NTP source - IMHO the time on the switch is only necessary for syncing the log entries with real world time ... that's why most switches use the less precise SNTP ... it would be sufficient to sync it i.e. to your DC (or another local 24/7 server), of which you should know the IP precisely.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
JustInCaseCommented:
Yes, you are right. After I did nslookup on us.pool.ntp.org I can ping us.pool.ntp.org.
Before that I could not, but I could ping 0.us.pool.ntp.org, 1.us.pool.ntp.org specifically.
Interesting.
I could not ping 2.us.pool.ntp.org or 3.us.pool.ntp.org. (both were try to ping 129.6.15.29).
I am using google dns 8.8.8.8 as primary.
When I added 4.4.2.2 I can ping 2 and 3.

I removed 4.4.2.2 and flushed DNS. And I am still able to ping all servers. Weird. Maybe ping is forbidden.

So... Could be DNS error (as in my case) or switch can't get to internet (wrong or missing default gateway in case of L2 switch).
0
 
frankhelkCommented:
Just an addition for the right aspect ... I think you all know, but pool.ntp.org is not a NTP provider, and they have no own public NTP server(s) available.

pool.ntp.org ist just a service that keeps a list of numerous (independent maintained) NTP servers around the world, and it provides a directory of these servers, splitted by countries, regions, etc. for the public. For each region (with "world" as an additional region) they provide 4 pointers (0,1,2,3) via DNS subdomain host entries.

In order to not overload servers, the DNS entries change cyclic - as far as I know once every hour. So if you point your client to 0.us.pool.ntp.org, you'll get a random entry from a long list of NTP servers located in the US.  The servers at pool.ntp.org check the availability of the systems in the list regulary, to prevent providing dead hosts as good as possible, but that's no guarantee not to hit a server that went offline just a couple of minutes ago.

And if you use 4 servers and the classic NTP client, that's no problem - you should be able to reach at least one running NTP server to keep your clock in sync.

So I wouldn't think much about a server not responding to PING ... it will either come back again or pool.ntp.org will provide another in no longer than 1 hour. And your switch's clock would not drift that much in the meantime, wouldn't it ?

BTW: I elaborate a bit about pool.ntp.org in my article about NTP.
0
 
leblancAccountingAuthor Commented:
I have no FW issue. I can ping the Internet. So which NTP server should I use? I want to keep my time up-to-date for logging purposes. Thx
0
 
frankhelkCommented:
Since the usual NTP client is a NTP server, too, I would use the following scheme:

Assuming you have at least one system that is used regulary, install the classic NTP client (see my article ...) on it. Point the NTP client on that system to the respective 4 server entries at pool.ntp.org. The client will choose the best on out of the 4 automatically. That way you'll get a reliable time source for the subsequent systems, and NTP will do a "hard" sync immediately after booting, which saves you from a drifting RTC chip during offtime.

Point the switch's SNTP feature to use the aforementioned system as time source. Even if both systems are switched off for some periods, the internal clock of the switch should maintain the time close enough for logging purposes (I don't think that you'll need logging precision in milliseconds range ... :)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now