Knowledge Center Search


 

[SRX] NTP updates sourced from custom routing-instance does not work

  [KB22499] Show KB Properties

  [KB22499] Hide KB Properties

Categories:
Knowledge Base ID: KB22499
Last Updated: 30 Jul 2014
Version: 5.0

Summary:
This article provides information about the limitation of NTP traffic when sourced from a custom routing-instance.

Problem or Goal:
When the SRX firewall is configured for NTP to send and receive updates, sourced from a custom Routing-instance table, the NTP association will not be formed.

The example below is when the NTP association is stuck in INIT state.
root# run show ntp associations
remote refid st t when poll reach delay offset jitter
=======================================================
1.1.1.1 .INIT. 16 u - 64 0 0.000 0.000 4000.00

root# run show ntp status

status=c011 sync_alarm, sync_unspec, 1 event, event_restart,
version="ntpd 4.2.0-a Thu Feb 3 23:22:34 UTC 2011 (1)",
processor="i386", system="JUNOS11.2-20110203_jc_fv_may11.0", leap=11,
stratum=16, precision=-21, rootdelay=0.000, rootdispersion=0.150,
peer=0, refid=INIT,<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
reftime=00000000.00000000 Wed, Feb 6 2036 22:28:16.000, poll=4,
clock=d1072de5.a84192cb Wed, Feb 16 2011 21:17:25.657, state=1,
offset=0.000, frequency=-57.003, jitter=0.000, stability=0.000

Cause:
The NTP client (SRX) will always build the association from the default routing table (inet.0); instead of the custom routing-instance table.

The reason for not supporting this feature is during the device boot-up, the NTP update might fail; so it will not be able to set the date/time on the device, if the custom routing table is not populated at that time.

This might lead to syslogs showing the incorrect time stamp in the log messages, till the time NTPD finds the route to reach the server and learn the time properly. If we change the NTP client to look-up in the user defined custom routing-instance table, then no route/path will be there to reach the NTP server in the default table.

Solution:
Use only the default routing table and source the NTP update traffic from the default routing table.

Purpose:
Implementation

Related Links:

Logged In


null OblixAnonymous
Logout My Account My Subscriptions

 

ASK THE KB

Question or KB ID:


 


 

ARTICLE FEEDBACK

*Selection Required

*Rate the Helpfulness
Solved my problem
Helpful, but didn't solve my problem
Not helpful, didn't solve my problem
Just browsing
 
*Rate the Quality - This article is comprehensive and easy to understand
Strongly Agree
Agree
Neutral
Disagree
Strongly Disagree
 
Comments?

 
Your response will be used to improve our document content.
 
Copyright© 1999-2012 Juniper Networks, Inc. All rights reserved.