<div dir="ltr">I'm pretty sure that Cisco IOS only queries DNS under two circumstances:<div><br></div><div>1) The moment you enter the command. So you can write some script to remove the commands and re-add them every so often.</div><div><br></div><div>2) The moment the router powers on and reads that section of config into memory. So you can reboot your routers every so often.</div><div><br></div><div>For UC apps, I have no idea how often it queries DNS to pull a fresh set of servers from <a href="http://pool.ntp.org">pool.ntp.org</a>. Never cared, because like Ryan Huff, I don't point UC apps externally, rather I build a hierarchy of NTP in the environment.</div><div><br></div><div>Speaking of <a href="http://pool.ntp.org">pool.ntp.org</a>, you should really be using the closest servers to you, which according to <a href="http://ntp.org">ntp.org</a>, means I would use:<br></div><div><br></div><div><a href="http://0.us.pool.ntp.org">0.us.pool.ntp.org</a></div><div><a href="http://1.us.pool.ntp.org">1.us.pool.ntp.org</a></div><div><a href="http://2.us.pool.ntp.org">2.us.pool.ntp.org</a></div><div><a href="http://3.us.pool.ntp.org">3.us.pool.ntp.org</a></div><div>etc.</div><div><br></div><div>However, I have seen CUCM fail an upgrade because the NTP config had a name which started with a number. So, be careful out there kids, it's a tricky mine fields to navigate.</div><div><br><div class="gmail_quote"><div dir="ltr">On Mon, May 8, 2017 at 9:53 AM Charles Goldsmith <<a href="mailto:wokka@justfamily.org">wokka@justfamily.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">To expand on this, I would point to your voice gateways with everything internal, then the voice gateways would either use an on-prem NTP server that is radio sync'd or one that Neal has advised. That way, everything is synced together with the same source.<div><br></div><div>For UCCX and other apps, I point them to the UCM pub and the pub points to the voice gateways.</div><div><br></div><div>I've seen a lot of people advise for <a href="http://pool.ntp.org" target="_blank">pool.ntp.org</a>, but that has bitten me. How often does an NTP process refresh from DNS? I suspect only on reboot or a restart of the NTP process. I've seen too many NTP servers go offline when using the pool addresses. Because of that, I've been sticking with .gov based NTP on the voice gateway.</div><div><br></div><div>Ryan Huff, one thing about pointing to strata 1 servers, most of them have restrictions from what I've seen, while they work, they could block you for not being approved if you send too many requests. <a href="http://support.ntp.org/bin/view/Servers/StratumOneTimeServers" target="_blank">http://support.ntp.org/bin/view/Servers/StratumOneTimeServers</a> has a list, and while many have open access listed, if you look at the details, they can still have restrictions.</div><div><br></div><div>Just food for thought.</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, May 8, 2017 at 9:20 AM, Haas, Neal <span dir="ltr"><<a href="mailto:nhaas@co.fresno.ca.us" target="_blank">nhaas@co.fresno.ca.us</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div lang="EN-US" link="#0563C1" vlink="#954F72">
<div class="m_6845954828235044580m_5908957790101886209WordSection1">
<p class="MsoNormal"><a name="m_6845954828235044580_m_5908957790101886209__MailEndCompose"><span style="color:#1f497d">Get an on-prem NTP server, if you cant spend the money, use:<u></u><u></u></span></a></p>
<p class="MsoNormal"><span><span style="color:#1f497d"><u></u> <u></u></span></span></p>
<p class="MsoNormal"><span><span style="color:#1f497d"><a href="http://time.nist.gov" target="_blank">time.nist.gov</a> global address for all servers Multiple locations<u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="color:#1f497d"><a href="http://utcnist.colorado.edu" target="_blank">utcnist.colorado.edu</a> 128.138.140.44 University of Colorado, Boulder<u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="color:#1f497d"><a href="http://utcnist2.colorado.edu" target="_blank">utcnist2.colorado.edu</a> 128.138.141.172 University of Colorado, Boulder<u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="color:#1f497d"><a href="http://time-nw.nist.gov" target="_blank">time-nw.nist.gov</a> 131.107.13.100 Microsoft, Redmond, Washington<u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="color:#1f497d"><u></u> <u></u></span></span></p>
<p class="MsoNormal"><span><span style="color:#1f497d">Really, anything with a GOV, or EDU should be good.<u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="color:#1f497d"><u></u> <u></u></span></span></p>
<p class="MsoNormal"><span><span style="color:#1f497d">By the way, you should NEVER, EVER, EVER (can’t stress this enough) a Windows Based NTP. Every place that I have went into and removed a Windows Time server, everything
has worked better! Windows just cant do time. I went into a business with windows NTP, and the guy was checking time from about 100 NTP servers, his time was off by three minutes. Took it down to 3 and everything started to work.<u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="color:#1f497d"><u></u> <u></u></span></span></p>
<div>
<p class="MsoNormal"><span><span style="color:#1f497d">Thank You,<u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="color:#1f497d"><u></u> <u></u></span></span></p>
<p class="MsoNormal"><span><span style="color:#1f497d">Neal Haas<u></u><u></u></span></span></p>
</div>
<p class="MsoNormal"><span><span style="color:#1f497d"><u></u> <u></u></span></span></p>
<span></span>
<div>
<div style="border:none;border-top:solid #e1e1e1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b>From:</b> cisco-voip [mailto:<a href="mailto:cisco-voip-bounces@puck.nether.net" target="_blank">cisco-voip-bounces@puck.nether.net</a>]
<b>On Behalf Of </b>Ben Amick<br>
<b>Sent:</b> Monday, May 8, 2017 7:12 AM<br>
<b>To:</b> <a href="mailto:cisco-voip@puck.nether.net" target="_blank">cisco-voip@puck.nether.net</a><br>
<b>Subject:</b> [cisco-voip] CCX and NTP<u></u><u></u></p>
</div>
</div><div><div class="m_6845954828235044580h5">
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal"><span style="font-size:12.0pt">What do you guys use for NTP on your CCX hosts? I’ve been informed by TAC that “CCX does not support Windows based NTP” so I was thinking about just pointing NTP towards my CCM hosts – is that a valid scenario?
I figure that since CCM is pretty much authoritative on everything for CCX as it is it wouldn’t be a problem?<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Garamond",serif"><u></u> <u></u></span></p>
<p class="MsoNormal" style="text-autospace:none"><b><span style="font-size:10.0pt;font-family:"Garamond",serif;color:#3b3838">Ben Amick<u></u><u></u></span></b></p>
<p class="MsoNormal" style="text-autospace:none"><span style="font-size:9.0pt;font-family:"Garamond",serif;color:#3b3838">Telecom Analyst</span><span style="font-size:9.0pt;font-family:"Garamond",serif;color:#666666"><u></u><u></u></span></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Times New Roman",serif"><br>
Confidentiality Note: This message is intended for use only by the individual or entity to which it is addressed and may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is
not the intended recipient or the employee or agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received
this communication in error, please contact the sender immediately and destroy the material in its entirety, whether electronic or hard copy. Thank you
<u></u><u></u></span></p>
</div></div></div>
</div>
<br>_______________________________________________<br>
cisco-voip mailing list<br>
<a href="mailto:cisco-voip@puck.nether.net" target="_blank">cisco-voip@puck.nether.net</a><br>
<a href="https://puck.nether.net/mailman/listinfo/cisco-voip" rel="noreferrer" target="_blank">https://puck.nether.net/mailman/listinfo/cisco-voip</a><br>
<br></blockquote></div><br></div>
_______________________________________________<br>
cisco-voip mailing list<br>
<a href="mailto:cisco-voip@puck.nether.net" target="_blank">cisco-voip@puck.nether.net</a><br>
<a href="https://puck.nether.net/mailman/listinfo/cisco-voip" rel="noreferrer" target="_blank">https://puck.nether.net/mailman/listinfo/cisco-voip</a><br>
</blockquote></div></div></div>