To answer your question: ntpd 4.2.6p5 on RHEL 7.
I think what I have learned most of all in 2021 is that I don't really like any of Cisco's operating systems very much. Thanks, -Drew -----Original Message----- From: Julien Goodwin <[email protected]> Sent: Tuesday, November 2, 2021 4:04 AM To: Drew Weaver <[email protected]>; [email protected] Subject: Re: [c-nsp] IOS-XR Vs. NTP in a duel to the death. On 2/11/21 2:01 am, Drew Weaver wrote: > Okay so I've been trying to figure out exactly what IOS XR has a problem with > regarding our internal NTP servers. > > I was seeing things like this: > > RP/0/RSP0/CPU0:Oct 31 15:18:37.422 EDT: ntpd[263]: %IP-IP_NTP-5-HP_CONN_LOST > : High priority NTP peer connection lost - Stratum 2->3. > RP/0/RSP0/CPU0:Oct 31 15:34:14.370 EDT: ntpd[263]: > %IP-IP_NTP-5-HP_CONN_RECOVERED : High priority NTP peer connection recovered > - Stratum 3->2. > RP/0/RSP0/CPU0:Oct 31 16:09:25.511 EDT: ntpd[263]: > %IP-IP_NTP-5-SYNC_LOSS : Synchronization lost : 192.168.123.6 : System clock > selection failed RP/0/RSP0/CPU0:Oct 31 16:09:25.511 EDT: ntpd[263]: > %IP-IP_NTP-5-HP_CONN_LOST : High priority NTP peer connection lost - Stratum > 2->3. > RP/0/RSP0/CPU0:Oct 31 16:30:30.792 EDT: ntpd[263]: > %IP-IP_NTP-5-HP_CONN_RECOVERED : High priority NTP peer connection recovered > - Stratum 3->2. > RP/0/RSP0/CPU0:Oct 31 16:43:10.566 EDT: ntpd[263]: > %IP-IP_NTP-5-SYNC_LOSS : Synchronization lost : 192.168.123.6 : System clock > selection failed RP/0/RSP0/CPU0:Oct 31 16:43:10.566 EDT: ntpd[263]: > %IP-IP_NTP-5-HP_CONN_LOST : High priority NTP peer connection lost - Stratum > 2->3. > RP/0/RSP0/CPU0:Oct 31 20:35:05.657 EDT: ntpd[263]: > %IP-IP_NTP-5-HP_CONN_RECOVERED : High priority NTP peer connection recovered > - Stratum 3->2. > RP/0/RSP0/CPU0:Oct 31 21:10:08.789 EDT: ntpd[263]: > %IP-IP_NTP-5-SYNC_LOSS : Synchronization lost : 192.168.123.6 : System clock > selection failed RP/0/RSP0/CPU0:Oct 31 21:10:08.789 EDT: ntpd[263]: > %IP-IP_NTP-5-HP_CONN_LOST : High priority NTP peer connection lost - Stratum > 2->3. > RP/0/RSP0/CPU0:Oct 31 21:45:00.912 EDT: ntpd[263]: > %IP-IP_NTP-5-HP_CONN_RECOVERED : High priority NTP peer connection recovered > - Stratum 3->2. > RP/0/RSP0/CPU0:Oct 31 22:04:17.083 EDT: ntpd[263]: > %IP-IP_NTP-5-SYNC_LOSS : Synchronization lost : 192.168.123.6 : System clock > selection failed RP/0/RSP0/CPU0:Oct 31 22:04:17.083 EDT: ntpd[263]: > %IP-IP_NTP-5-HP_CONN_LOST : High priority NTP peer connection lost - Stratum > 2->3. > RP/0/RSP0/CPU0:Oct 31 22:19:58.036 EDT: ntpd[263]: > %IP-IP_NTP-5-HP_CONN_RECOVERED : High priority NTP peer connection recovered > - Stratum 3->2. > RP/0/RSP0/CPU0:Oct 31 22:51:33.959 EDT: ntpd[263]: > %IP-IP_NTP-5-SYNC_LOSS : Synchronization lost : 192.168.123.6 : System > clock selection failed > > I did some research and Cisco states that the error means what it says: It > can't keep the clock synced with the configured NTP server. > > So I created 5 more NTP servers and configured it to use all 6 of them. > > It is actually now having sync issues MORE often. > > I am considering just suppressing the logs for this particular type of log > message but before I do that, has anyone ever actually figured out what > problem IOS XR has with standards compliant and fully functional NTP servers? > > Is there a special way that you have to configure ntpd on a linux host to get > this to.. stop? *which* NTPd? The classic ntpd, the ntpsec fork, or something else? I don't happen to have the full details to hand, but one OS upgrade (classic, IIRC) ntpd stopped talking to (at least some of) the various NTP-synced analog clocks I have, I ended up reducing the restrict on them and things were much happier. >From a config file archive the relevant part of ntp.conf: # By default, exchange time with everybody, but don't allow configuration. restrict -4 default kod notrap nomodify nopeer noquery limited restrict -6 default kod notrap nomodify nopeer noquery limited # Local users may interrogate the ntp server more closely. restrict 127.0.0.1 restrict ::1 # Don't rate limit local subnet, NTP clock is a bad actor restrict 10.0.0.0 mask 255.255.255.0 notrap nomodify nopeer _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
