I'm unable get an NTP synchronization on my cisco switches. Any suggestions?

For some reason NTP stopped functioning on my switches. We have a bunch of 3750s that are not syncing. I have multiple servers configured and can sync to them from my PC but not on my cisco gear. I have attached outputs of various NTP commands for review. I noticed that when I do a sh ntp associations none of the servers show as a candidate or selected only configured. I've done some research and not quite sure where to go from here.

Does anyone know why this isn't working?
JoshuaScott337Network AdminAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Most likely it is the bug CSCed13703 that causes such behavior.

switch#show ntp associations detail
x.x.190.25 configured, insane, invalid, stratum 2
ref ID x.x.192.20, time D9491BC9.8A468000 (09:11:53.540 PDT Thu Jul 9 2015)
our mode client, peer mode server, our poll intvl 1024, peer poll intvl 1024
root delay 0.29 msec, root disp 10730.97, reach 377, sync dist 11079.941
delay 1.14 msec, offset 1942.1629 msec, dispersion 347.98
precision 2**18, version 3

Basically if root disp  > 1000 ms server is flagged insane, invalid

Workaround is to use NTP 4.x or The Meinberg NTP on windows hosts.

More details and other posible reasons - article.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Cisco and Microsoft have implemented NTP slightly differently.  Trying to get a switch to update its time from a server can be unreliable.  Does your network have a core or edge router that the switches can get their time from?
Never had any luck  trying to use a Windows domain controller or server to sync time to Cisco devices.

Take a router, like a 2911 (or a pair of them), sync to an external NTP source.  A pool, if possible.

Then, point your Cisco switches to this (pair of) router.

For your Windows servers, you can point them to the same pool.

Will the times be 100% in sync?  No.  But even two adjacent routers pointing to the same pool will not be.

You could point all internal devices to  your router, but that puts the domain one step farther away from an atomic clock source.  But, at least they would have the same source as everything else in the network.

If you have a large WAN, it may not be feasible to have a DC with FSMO at another site use your local routers as an NTP source.  That's why I suggest using the same pool.
JoshuaScott337Network AdminAuthor Commented:
Ended up getting a standalone GPS NTP device instead of trying to get NTP4.x.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Switches / Hubs

From novice to tech pro — start learning today.