Replacing sick NTP server source and re-synching (with internal time currently 2 minutes late)
Posted
by
l0c0b0x
on Server Fault
See other posts from Server Fault
or by l0c0b0x
Published on 2012-09-07T15:49:22Z
Indexed on
2012/09/08
9:40 UTC
Read the original article
Hit count: 282
One of the external NTP servers (the primary one--currently) we're using as source seems to not be responding to NTP calls. Unfortunately, on our core router (Cisco 6509), the NTP functionality hasn't switched to the secondary NTP external server as it was expected. As a result, our core router which is pretty much our main internal NTP source is 2 minutes late.
I'm planning to fix the external router issue by making the external NTP source be the one currently working. I'm wondering, how much will a 2 minute change affect my users and services? Specially since these days, we're heavily relying on certificate-based authentication.
We're a Windows/Cisco shop.
Internal NTP setup:
[Core Router 1 / Cisco 6509]:
looking out to two external NTP servers (in which the primary one is not responding to NTP calls)
[Core Router 2]:
Synching with Core router 1 (primary), working external router (secondary)
[Other Cisco network devices]:
Synching with Core router 1 (primary), core router 2 (secondary)
[Domain controller(s)]:
Synching with Core router 1
[All windows clients/servers]:
Synching with domain controllers
© Server Fault or respective owner