HPE Community
Comware Based
1751811 Members
5539 Online
108781 Solutions
New Discussion

Re: Problem configuring NTP on HP A5800AF-48G

 
SOLVED
Go to solution
dtango2010
Occasional Contributor

‎01-07-2014 11:20 AM - edited ‎01-07-2014 11:22 AM

‎01-07-2014 11:20 AM - edited ‎01-07-2014 11:22 AM

Problem configuring NTP on HP A5800AF-48G

Hello Community.

I never have experience with any A5800AF switches, but recently I've got two of them.

As a best practice it was decided to upgrade firmware to latest a5800_5820x-cmw520-r1808p16.bin.

However, the problem is that with r1808p16 synchronization via ntp doesn't work. 

It was a big surprise for me cause configuration itself is pretty much simple:

 

ntp-service source-interface Vlan-interface1
ntp-service unicast-server 62.63.136.1

Also, I have same config of NTP on a few HP1910-48G switches. 

So, this issue is not about access towards ntp server. 

 

Could this be a bug or I need to configure something else besides two commands above to get correct time on my A5800AF?

What is the latest stable version that should I use on A5800AF?

 

Thank you in advance, 

Alex.

0 Kudos
10 REPLIES 10
Apachez-
Trusted Contributor

‎01-07-2014 11:49 AM

‎01-07-2014 11:49 AM

Re: Problem configuring NTP on HP A5800AF-48G

Well if you want to use vlan1 (normally you should avoid this) then vlan1 must have an ip address set.

 

Something like:

 

int vlan 1

ip address x.x.x.x y.y.y.y

quit

 

Where x.x.x.x is the ip and y.y.y.y is the subnetmask.

 

You also need to have a default route set (or a route towards your NTP-server) unless the NTP-server is on the same L3 network as the ip/subnet of your vlan1 interface, something like:

 

ip route 0.0.0.0/0 int vlan 1 x.x.x.x

 

where x.x.x.x is the ip for nexthop (the gateway for you to reach the NTP-server). The point of also specifying the interface when creating the route is to make it easier for the device to know which interface the nexthop can be found at.

0 Kudos
Anonymous
Not applicable

‎01-07-2014 12:13 PM

‎01-07-2014 12:13 PM

Re: Problem configuring NTP on HP A5800AF-48G

Hello,

loose the source interface and make sure that you can ping the time server. I migrated last weekend from Cisco to Comware and I use the following settings:

 

ntp-service unicast-server 217.144.138.234
ntp-service unicast-server 78.47.226.8
ntp-service unicast-server 131.234.137.23
ntp-service unicast-server 212.19.47.108

 Which work perfectly fine:

 

<switch-01>display ntp-service sessions
       source          reference       stra reach poll  now offset  delay disper
********************************************************************************
   [25]217.144.138.234 192.53.103.108     2   255 1024  503   -8.4   17.1   14.8
  [245]212.19.47.108   192.53.103.108     2   255 1024   74    1.4    4.6   14.8
  [245]213.239.204.4   192.53.103.108     2   255 1024  974    0.2    5.8   14.8
   [25]78.47.226.8     130.149.17.21      2   255 1024  442   -3.8   16.6   14.8
[12345]131.234.137.23  131.234.137.64     2   255 1024  179    1.6   13.3   14.8
note: 1 source(master),2 source(peer),3 selected,4 candidate,5 configured
Total associations :  5
<switch-01>display ntp-service status
 Clock status: synchronized
 Clock stratum: 3
 Reference clock ID: 131.234.137.23
 Nominal frequency: 100.0000 Hz
 Actual frequency: 100.0000 Hz
 Clock precision: 2^18
 Clock offset: 1.0814 ms
 Root delay: 13.37 ms
 Root dispersion: 124.64 ms
 Peer dispersion: 13.20 ms
 Reference time: 20:08:59.890 UTC Jan 7 2014(D676DD5B.E412599E)

 Cheers,

    Thomas

dtango2010
Occasional Contributor

‎01-07-2014 03:02 PM

‎01-07-2014 03:02 PM

Re: Problem configuring NTP on HP A5800AF-48G

Hello Thomas, 

Thank you for quick response.

 

Well, I can ping NTP servers without any problem (yes, I setup IP and gateway :). 

And I a dosen of different NTP servers :( .

 

 

Could it be a problem with firmware ?

 

What firmware version are you using?

What is the latest stable version for A5800AF ?

 

 

Kind regards, 

Alex.

0 Kudos
dtango2010
Occasional Contributor

‎01-07-2014 03:07 PM

‎01-07-2014 03:07 PM

Re: Problem configuring NTP on HP A5800AF-48G

Hello Apachez.
I setup IP and gateway on the switch, of cause i didi that :)

I'll try to set default route using interface , but honestly, dont think this will fix the issue.

What firmware vesrion are you using ?

Kind regards, and thank you for your time
--Alex.
0 Kudos
Anonymous
Not applicable

‎01-07-2014 08:58 PM

‎01-07-2014 08:58 PM

Re: Problem configuring NTP on HP A5800AF-48G

Hello,

I'm having a HP 5800-24G with the same firmware a5800_5820x-cmw520-r1808p16.bin I would try to remove the source interface like that:

 

undo ntp-service source-interface Vlan-interface1

 Because I have almost the same switch and the same firmware and I have no trouble with ntp and I don't set a source-interface. Maybe you're provider or upstream is filtering udp port 123 (ntp).

 

Cheers,

      Thomas

0 Kudos
sdide
Respected Contributor

‎01-08-2014 05:50 AM

‎01-08-2014 05:50 AM

Re: Problem configuring NTP on HP A5800AF-48G

Hello,

 

What does debugging say on the switch?

ie.

<comware5-sw> terminal monitor

<comware5-sw> terminal debugging

<comware5-sw> terminal logging

<comware5-sw> debugging ntp-service all

 

that should produce some output* about whats happining, and why it fails.

 

* if it spams you too much just do

> undo terminal debugging

 

Regards.

 

 

Søren Dideriksen, Network Administrator
Region Midtjylland
0 Kudos
dtango2010
Occasional Contributor

‎01-08-2014 09:51 AM

‎01-08-2014 09:51 AM

Re: Problem configuring NTP on HP A5800AF-48G

Well , all this is really strange.

So, What i did : 

I've got brand new switch.

Management Vlan in my LAN  is Vlan1, also I've configured ntp server in mgm Vlan (just for test).

So, I've connected this switch to my LAN,login into the switch via console and executed next command.

 

sys-view

vlan 1

description MGM

interface Vlan 1

ip address 172.16.31.250 255.255.240.0

 

 

ip http enable 

 

local-user admin
password simple admin123
authorization-attribute level 3
service-type lan-access
service-type telnet

 

user-interface vty 0 15
user privilege level 3
set authentication password simple admin123

 

ntp-service unicast-server 172.16.31.100

 

Like I mentioned - I connect one port of the switch to my LAN - so Vlan 1 is up and I can ping ntp server.

Also, I executed tcpdump on NTP server. It is strange but tcpdump dosent show anything - I don't get any packets from the switch with tcpdump.

The debug on the switch also shows nothing .

 

Now, I tend to think that ntpd doesnt enable on the switch and i need some "magic command" to do that. Or, I just didn't execute some major command.

Some H3C documentation informs that command "ntp-service enable" exist , but not in my case.

 

[HP]ntp-service ?
access NTP access control
authentication Authenticate NTP time source
authentication-keyid Specify NTP authentication keyid
max-dynamic-sessions Specify the maximum connections
reliable Specify trusted keyid of NTP
source-interface Interface corresponding to sending NTP packet
unicast-peer Specify NTP peer
unicast-server Specify NTP server
[HP]

 

So I stuck with idea what to do next :(.

 

Kind Regads,

Alex.

0 Kudos
VoIP-Buddy
HPE Pro

‎01-08-2014 10:49 AM - edited ‎01-08-2014 10:50 AM

‎01-08-2014 10:49 AM - edited ‎01-08-2014 10:50 AM

Solution

Re: Problem configuring NTP on HP A5800AF-48G

Alex,

 

You haven't told us WHAT the problem is.  Have you tried the display ntp session and display ntp status commands?  If so, can you post the output here?  What happens when you try a display ntp trace?

 

Are you trying to connect to an ntp server within your network or on the Internet?  If on the Internet, any firewall must allow Port 123 through from any host to any host, or from the switch to/from any Internet host. 

 

Also, there are no hidden commands to enable ntp.  By setting a unicast-server it is running.

 

David

I work for HPE in Aruba Technical Support
0 Kudos
L1nklight
Valued Contributor

‎01-09-2014 06:13 AM

‎01-09-2014 06:13 AM

Re: Problem configuring NTP on HP A5800AF-48G

I've often thought there was an issue with the Comware implementation of NTP as I've had similiar issues. What version of NTP do the Comware switches use? Does anyone know? For example, in order for my VMware ESXi 5.0 servers to be able to use the Comware switches as an NTP source, I had to restrict them to using NTP version 3 specifically. By default ESXi wants to use NTP v4 (Cisco uses NTP v4).

 

My ntp.conf on my ESXi 5.0 servers has to be configured like this:

 

restrict default kod nomodify notrap nopeer

restrict 127.0.0.1

server 192.168.0.1 version 3 (ip address of core)

driftfile /etc/ntp.drift

 

 

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.