Knowledge Search


×
 

[SRX] How does the secondary node clock in an SRX cluster sync with the NTP server?

  [KB35243] Show Article Properties


Summary:

This article demonstrates how the secondary node clock in an SRX cluster synchronizes with the NTP server.

Solution:

Consider that there are two NTP servers with 10.85.130.130 and 10.85.130.131 as addresses.

Scenario 1: The SRX cluster uses the revenue port to connect to the NTP server. In this case, the primary Routing Engine will sync its clock with the NTP server by using the revenue port (reth10). The secondary node will sync its clock with the primary RE by using the control link.

{primary:node0}[edit]
root@vsrx-node0# show system ntp
server 10.85.130.130;
server 10.85.130.131;

{primary:node0}[edit]
root@vsrx-node0# run show route 10.85.130/24

inet.0: 6 destinations, 6 routes (6 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

10.85.130.0/24     *[Static/5] 16:58:39
                    >  to 10.85.154.129 via reth10.0

{primary:node0}[edit]
root@vsrx-node0# run show system uptime
node0:
--------------------------------------------------------------------------
Current time: 2019-11-01 21:37:56 UTC
Time Source:  NTP CLOCK
System booted: 2019-10-31 23:21:29 UTC (22:16:27 ago)
Protocols started: 2019-10-31 23:23:52 UTC (22:14:04 ago)
Last configured: 2019-11-01 04:44:48 UTC (16:53:08 ago) by root
 9:37PM  up 22:16, 1 users, load averages: 0.42, 0.35, 0.33

node1:
--------------------------------------------------------------------------
Current time: 2019-11-01 21:37:56 UTC
Time Source:  NTP CLOCK
System booted: 2019-11-01 02:00:21 UTC (19:37:35 ago)
Last configured: 2019-11-01 04:44:48 UTC (16:53:08 ago) by root
 9:37PM  up 19:38, 2 users, load averages: 0.38, 0.34, 0.28

{primary:node0}
root@vsrx-node0> show ntp associations
   remote         refid           st t when poll reach   delay   offset  jitter
===============================================================================
*10.85.130.130    66.129.233.81    4 -  651 1024  377    1.144   -0.851   0.091    <<<< Primary RE syncs clock with this NTP server
+10.85.130.131    66.129.233.81    4 -  628 1024  377    1.050   -4.077   0.128

{primary:node0}
root@vsrx-node0> show ntp status
status=0644 leap_none, sync_ntp, 4 events, event_peer/strat_chg,
version="ntpd 4.2.0-a Wed Feb  6 00:11:17  2019 (1)", processor="amd64",
system="FreeBSDJNPR-11.0-20181207.6c2f68b_2_bu", leap=00, stratum=5,
precision=-23, rootdelay=76.843, rootdispersion=98.848, peer=19556,
refid=10.85.130.130,
reftime=e1671d74.0bcbbaed  Fri, Nov  1 2019 21:09:08.046, poll=10,
clock=e1672347.77934b3a  Fri, Nov  1 2019 21:33:59.467, state=4,
offset=-2.410, frequency=41.295, jitter=3.075, stability=0.007

{primary:node0}[edit]
root@vsrx-node0# run show interfaces terse em0
Interface               Admin Link Proto    Local                 Remote
em0                     up    up
em0.0                   up    up   inet     129.16.0.1/2    <<<< Control port IP address on primary node
                                            143.16.0.1/2
                                   tnp      0x1100001

On the secondary node:

{secondary:node1}
root@vsrx-node1> show ntp associations
   remote         refid           st t when poll reach   delay   offset  jitter
===============================================================================
 10.85.130.130    .INIT.          16 -    - 1024    0    0.000    0.000 4000.00
 10.85.130.131    .INIT.          16 -    - 1024    0    0.000    0.000 4000.00
*129.16.0.1       10.85.130.130    5 u  289  512  377    0.607    1.657   0.745   <<<< Sync with 129.16.0.1, which is the control link

{secondary:node1}
root@vsrx-node1> show ntp status
status=0644 leap_none, sync_ntp, 4 events, event_peer/strat_chg,
version="ntpd 4.2.0-a Wed Feb  6 00:11:17  2019 (1)", processor="amd64",
system="FreeBSDJNPR-11.0-20181207.6c2f68b_2_bu", leap=00, stratum=6,   <<<< The stratum is one more than the primary RE.
precision=-23, rootdelay=77.435, rootdispersion=110.178, peer=7566,
refid=129.16.0.1,
reftime=e1672015.b830c2b3  Fri, Nov  1 2019 21:20:21.719, poll=9,
clock=e1672351.be68c401  Fri, Nov  1 2019 21:34:09.743, state=4,
offset=1.657, frequency=38.385, jitter=0.557, stability=0.007

In the secondary node's /var/log/messages file, you will see messages similar to the following:

Nov  1 04:46:19  vsrx-node1 xntpd[6751]: ntpd: re ha add peer 129.16.0.1 OK.
Nov  1 04:46:27  vsrx-node1 xntpd[6751]: synchronized to 129.16.0.1, stratum=5

Scenario 2: The SRX cluster uses the fxp0 interface to reach out to the NTP server. Both nodes can reach out to the NTP server by using the fxp0 interface. In this case, the secondary node contacts the NTP server by itself first.

{primary:node0}[edit]
root@vsrx-node0# show groups
node0 {
    system {
        host-name vsrx-node0;
        backup-router 10.85.232.1 destination [ 10.0.0.0/8 172.16.0.0/12 ];
        ntp {
            server 10.85.130.130;
            server 10.85.130.131;
            source-address 10.85.232.61;
        }
    }
    interfaces {
        fxp0 {
            unit 0 {
                family inet {
                    address 10.85.232.61/25;
                }
            }
        }
    }
}
node1 {
    system {
        host-name vsrx-node1;
        backup-router 10.85.232.1 destination [ 10.0.0.0/8 172.16.0.0/12 ];
        ntp {
            server 10.85.130.130;
            server 10.85.130.131;
            source-address 10.85.232.62;
        }
    }
    interfaces {
        fxp0 {
            unit 0 {
                family inet {
                    address 10.85.232.62/25;
                }
            }
        }
    }
}

{primary:node0}[edit]
root@vsrx-node0# run show route 10.85.130.130

inet.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0          *[Static/5] 22:22:55
                    >  to 10.85.232.1 via fxp0.0

{primary:node0}[edit]
root@vsrx-node0# run show system uptime
node0:
--------------------------------------------------------------------------
Current time: 2019-11-01 21:59:43 UTC
Time Source:  NTP CLOCK
System booted: 2019-10-31 23:21:29 UTC (22:38:14 ago)
Protocols started: 2019-10-31 23:23:52 UTC (22:35:51 ago)
Last configured: 2019-11-01 21:49:55 UTC (00:09:48 ago) by root
 9:59PM  up 22:38, 1 users, load averages: 0.22, 0.37, 0.38

node1:
--------------------------------------------------------------------------
Current time: 2019-11-01 21:59:43 UTC
Time Source:  NTP CLOCK
System booted: 2019-11-01 02:00:21 UTC (19:59:22 ago)
Last configured: 2019-11-01 21:49:54 UTC (00:09:49 ago) by root
 9:59PM  up 19:59, 2 users, load averages: 0.12, 0.19, 0.23

root@vsrx-node0# run show ntp associations
   remote         refid           st t when poll reach   delay   offset  jitter
============================================================
*10.85.130.130    66.129.233.81    4 -   60   64    3    0.815   -1.724   1.806
+10.85.130.131    66.129.233.81    4 -   60   64    3    1.139   -4.987   0.421

{primary:node0}[edit]
root@vsrx-node0# run show ntp status
status=0644 leap_none, sync_ntp, 4 events, event_peer/strat_chg,
version="ntpd 4.2.0-a Wed Feb  6 00:11:17  2019 (1)", processor="amd64",
system="FreeBSDJNPR-11.0-20181207.6c2f68b_2_bu", leap=00, stratum=5,
precision=-23, rootdelay=76.514, rootdispersion=116.437, peer=41100,
refid=10.85.130.130,
reftime=e16725e7.d91db40e  Fri, Nov  1 2019 21:45:11.848, poll=6,
clock=e1672672.ba096514  Fri, Nov  1 2019 21:47:30.726, state=4,
offset=-2.862, frequency=41.277, jitter=2.247, stability=0.007

{secondary:node1}
root@vsrx-node1> show ntp associations
   remote         refid           st t when poll reach   delay   offset  jitter
===============================================================================
*10.85.130.130    66.129.233.81    4 -   22   64    7    1.009    0.365   0.085   <<<< Secondary node syncs with NTP server directly.
+10.85.130.131    66.129.233.81    4 -   19   64    7    2.375   -2.830   2.225
+129.16.0.1       10.85.130.130    5 u   19   64    7    0.595    2.032   0.310            

{secondary:node1}
root@vsrx-node1> show ntp status
status=0664 leap_none, sync_ntp, 6 events, event_peer/strat_chg,
version="ntpd 4.2.0-a Wed Feb  6 00:11:17  2019 (1)", processor="amd64",
system="FreeBSDJNPR-11.0-20181207.6c2f68b_2_bu", leap=00, stratum=5,    <<<< stratum is 5, same as primary RE.
precision=-23, rootdelay=76.708, rootdispersion=59.543, peer=31172,
refid=10.85.130.130,
reftime=e1672628.613e4ab1  Fri, Nov  1 2019 21:46:16.379, poll=6,
clock=e16726a7.e6add41f  Fri, Nov  1 2019 21:48:23.901, state=4,
offset=-0.367, frequency=38.381, jitter=1.947, stability=0.006

In the secondary node's /var/log/messages file, you can see logs similar to the following:

Nov  1 21:45:06  vsrx-node1 xntpd[6751]: synchronized to 10.85.130.130, stratum=4

For more information about the NTP output, refer to NTP Time Synchronization on Chassis Cluster.

Related Links: