[cisco-voip] CCX and NTP

Daniel Pagan dpagan at fidelus.com
Mon May 8 11:25:10 EDT 2017 

Just adding my experience to this…

I agree and can attest to the stratum-1 server caveat below. After some time, the NTP client can get blocked and force you (the general “you”) to update your entries in the near future. Of course multiple NTP entries can be configured but if you’re doing proactive monitoring of syslog (or specific syslog entries), or support multiple UC environments, it can get rather annoying and time consuming.

As for pointing UC apps to the UCM publisher… I opened a TAC case a while back specifically to determine if this was officially supported. The idea was to assigned all UC applications for a customer, per geographic region, to their most local UCM publisher for NTP services. The customer wanted to avoid IOS NTP servers, avoid using public NTP sources, and didn’t want to spin up a small *NIX VM for this purpose either.

Long story short, and after escalating to the CE’s lead, it was determined that this configuration would not be supported, and any time synchronization issues reported to TAC would first require the configuration be modified before continuing forward.

“Cisco Call Manager might work properly as NTP Master but it is not designed for that purpose or not even tested by developer. Publisher of CUCM not supported to act as NTP Master [for non CUCM applications].”

We ended up using public NTP sources.

Hope this helps

- Dan


From: cisco-voip [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Charles Goldsmith
Sent: Monday, May 8, 2017 10:53 AM
To: Haas, Neal <nhaas at co.fresno.ca.us>
Cc: cisco-voip at puck.nether.net
Subject: Re: [cisco-voip] CCX and NTP

To expand on this, I would point to your voice gateways with everything internal, then the voice gateways would either use an on-prem NTP server that is radio sync'd or one that Neal has advised.  That way, everything is synced together with the same source.

For UCCX and other apps, I point them to the UCM pub and the pub points to the voice gateways.

I've seen a lot of people advise for pool.ntp.org<http://pool.ntp.org>, but that has bitten me.  How often does an NTP process refresh from DNS?  I suspect only on reboot or a restart of the NTP process.  I've seen too many NTP servers go offline when using the pool addresses.  Because of that, I've been sticking with .gov based NTP on the voice gateway.

Ryan Huff, one thing about pointing to strata 1 servers, most of them have restrictions from what I've seen, while they work, they could block you for not being approved if you send too many requests.  http://support.ntp.org/bin/view/Servers/StratumOneTimeServers has a list, and while many have open access listed, if you look at the details, they can still have restrictions.

Just food for thought.

On Mon, May 8, 2017 at 9:20 AM, Haas, Neal <nhaas at co.fresno.ca.us<mailto:nhaas at co.fresno.ca.us>> wrote:
Get an on-prem NTP server, if you cant spend the money, use:

time.nist.gov<http://time.nist.gov>     global address for all servers       Multiple locations
utcnist.colorado.edu<http://utcnist.colorado.edu>      128.138.140.44  University of Colorado, Boulder
utcnist2.colorado.edu<http://utcnist2.colorado.edu>    128.138.141.172                University of Colorado, Boulder
time-nw.nist.gov<http://time-nw.nist.gov>             131.107.13.100  Microsoft, Redmond, Washington

Really, anything with a GOV, or EDU should be good.

By the way, you should NEVER, EVER, EVER (can’t stress this enough) a Windows Based NTP.  Every place that I have went into and removed a Windows Time server, everything has worked better! Windows just cant do time. I went into a business with windows NTP, and the guy was checking time from about 100 NTP servers, his time was off by three minutes. Took it down to 3 and everything started to work.

Thank You,

Neal Haas

From: cisco-voip [mailto:cisco-voip-bounces at puck.nether.net<mailto:cisco-voip-bounces at puck.nether.net>] On Behalf Of Ben Amick
Sent: Monday, May 8, 2017 7:12 AM
To: cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
Subject: [cisco-voip] CCX and NTP

What do you guys use for NTP on your CCX hosts? I’ve been informed by TAC that “CCX does not support Windows based NTP” so I was thinking about just pointing NTP towards my CCM hosts – is that a valid scenario? I figure that since CCM is pretty much authoritative on everything for CCX as it is it wouldn’t be a problem?

Ben Amick
Telecom Analyst


Confidentiality Note: This message is intended for use only by the individual or entity to which it is addressed and may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient or the employee or agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please contact the sender immediately and destroy the material in its entirety, whether electronic or hard copy. Thank you

_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20170508/61907ba4/attachment.html>

More information about the cisco-voip mailing list