I have an NTP configured through out our in a hierarchy. 100% reliable with regards to providing time for Cisco devices. At one of our sites we allow cameras, servers, and workstations to utilize our Catalyst 4500s as their time source. Access layer switches have no problems drawing time from the 4500s. The cameras and servers however fail. The servers may turn out to be user error in configuring the Windows time service. A debug on the 4500s does show that the NTP process receives the request from the cameras, but the NTP process does not respond. My NTP configuration on the core is:
access-list 23 permit 10.1X.2X.1
access-list 24 permit 10.1X.0.0 0.0.255.255 log
access-list 24 permit 10.2X.0.0 0.0.255.255 log
access-list 24 deny any log
ntp logging
ntp authentication-key 30 md5 XXXX 7
ntp authenticate
ntp trusted-key 3X
ntp source Vlan1
ntp access-group peer 23
ntp access-group serve 24
ntp update-calendar
ntp server 10.1X.2X.1 key 30
Camera requests (results in no reply)
Feb 26 13:20:34.327 pst: NTP recv pkt on v4 socket, pak = 0x83195238.
Feb 26 13:20:34.327 pst: NTP message received from 10.2X.0.215 on interface 'Vlan1' (10.X.X.2):
Feb 26 13:20:34.327 pst:
NTP Header:
Leap = 11, Version = 4, Mode = 3,
Stratum = 0,
Poll Interval = 4,
Precision = -6,
Root Delay = 1.0,
Root Dispersion = 1.0,
refid = 0.0.0.0,
Last update reftime = 0.0,
Originated time = 0.0,
Received time = 0.0,
Transmit time = 3602438434.1847076455.
Hexadecimal equivalent (length = 48):
0000: E3 00 04 FA 00 01 00 00
0008: 00 01 00 00 00 00 00 00
0010: 00 00 00 00 00 00 00 00
0018: 00 00 00 00 00 00 00 00
0020: 00 00 00 00 00 00 00 00
0028: D6 B8 D9 22 6E 18 26 67
The Cat 4500 is running NTPv4
Switch#show ntp associations detail
10.1X.2X.1 configured, ipv4, authenticated, our_master, sane, valid, stratum 3
ref ID 10.X.X.X, time D6BB4F9D.6151EB70 (10:10:37.380 pst Fri Feb 28 2014)
our mode client, peer mode server, our poll intvl 1024, peer poll intvl 1024
root delay 61.55 msec, root disp 38.98, reach 377, sync dist 87.17
delay 1.78 msec, offset 1.7177 msec, dispersion 1.14, jitter 1.45 msec
precision 2**24, version 4
assoc id 13634, assoc name 10.1X.2X.1
assoc in packets 7068, assoc out packets 7069, assoc error packets 0
org time 00000000.00000000 (16:00:00.000 pst Wed Dec 31 1899)
rec time D6BB5203.C83AE4D7 (10:20:51.782 pst Fri Feb 28 2014)
xmt time D6BB5203.C83AE4D7 (10:20:51.782 pst Fri Feb 28 2014)
filtdelay = 4.85 4.86 3.85 3.83 3.85 1.83 3.83 1.78
filtoffset = -0.30 -0.32 0.22 0.62 0.38 1.88 0.57 1.71
filterror = 0.97 1.00 1.03 1.06 1.09 1.12 1.15 1.18
minpoll = 6, maxpoll = 10
Best Answer
Your 4500 is most likely running NTP v3. This is the default on many recent IOS versions.
As shown in your debug
your server is looking for NTP v4.