ExtremeSwitching (EXOS)

 View Only
  • 1.  IPv6 NTP woes

    Posted 03-21-2018 16:56
    I am trying to enable NTP server over IPv6 from my Extreme BD-X8. I have assigned both IPv4/6 addresses to my vlans on the BD-X8 and I know the routing interfaces work for both IPv4 and IPv6 addresses. The clients use router addresses for the NTP server address. My clients are able to obtain NTP packets from the IPv4 address of the server but sadly, they can not do the same from the IPv6 address of the server. It is not a configuration issue on the client; clients can obtain NTP packets from other routers that are also configured to deliver NTP over a dual stack. What am I missing to make NTP work over IPv6? I am running ExOS

    Thanks for all replies.

  • 2.  RE: IPv6 NTP woes

    Posted 03-21-2018 20:44
    I suppose that you have tested your ntp server via ip6 with another client on "another" network e.g. throw direct connection? Are you able to ping this server with ip6? Can we see output of sh vlan?

  • 3.  RE: IPv6 NTP woes

    Posted 03-21-2018 21:39
    The NTP server is the BD-X8. It does not respond to any client request for NTP time on its IPv6 address. I have an IPv6 NTP server running on a switch vendor that is not the BD-X8 and it works, i.e. the client that can not get IPv6 NTP data from the BD-X8 can get it from the "other" router via IPv6. The client is directly attached to the BD-X8 and has to route through the BD-X8 to reach the "other" IPv6 NTP service.

    Yes, I can ping the IPv6 router from the client. IPv6 routing is fully configured and functional.

    Here's the DNS info. The domain info has been changed to protect the innocent. :-)
    [root@bcx-00130 ~]# host btpsrv01
    btpsrv01.some.domain.com is an alias for brm05-2247-core.some.domain.com.
    brm05-2247-core.some.domain.com has address
    brm05-2247-core.some.domain.com has address
    brm05-2247-core.some.domain.com has address
    brm05-2247-core.some.domain.com has IPv6 address 2606:b400:410:d43::1
    brm05-2247-core.some.domain.com has IPv6 address 2606:b400:410:d41::1
    brm05-2247-core.some.domain.com has IPv6 address 2606:b400:410:d42::1 [root@bcx-00130 ~]# [/code] Here's the ping over IPv6:
    [root@bcx-00130 ~]# ping6 -c1 2606:b400:410:d42::1
    PING 2606:b400:410:d42::1(2606:b400:410:d42::1) 56 data bytes
    64 bytes from 2606:b400:410:d42::1: icmp_seq=1 ttl=64 time=0.155 ms
    --- 2606:b400:410:d42::1 ping statistics ---
    1 packets transmitted, 1 received, 0% packet loss, time 0ms
    rtt min/avg/max/mdev = 0.155/0.155/0.155/0.000 ms
    [root@bcx-00130 ~]# [/code]
    Here are the working (IPv4) and failed (IPv6) requests from the BD-X8:
    [root@bcx-00130 ~]# ntpdate -u4
    21 Mar 16:25:54 ntpdate[794]: adjust time server offset 0.000664 sec
    [root@bcx-00130 ~]# ntpdate -u6 2606:b400:410:d42::1
    21 Mar 16:26:10 ntpdate[796]: no server suitable for synchronization found
    [root@bcx-00130 ~]#[/code]
    And here's the sh vlan info:

    brm05-2247-core.1 # show "client2247"
    VLAN Interface with name client2247 created by user
    Admin State: Enabled Tagging: 802.1Q Tag 2241
    Description: None
    Virtual router: VR-Default
    IPv4 Forwarding: Enabled
    IPv4 MC Forwarding: Disabled
    Primary IP:
    IPv6 Forwarding: Enabled
    IPv6 MC Forwarding: Disabled
    IPv6: fe80::204:96ff:fe98:a810/64
    STPD: None
    Protocol: Match all unfiltered protocols
    Loopback: Disabled
    NetLogin: Disabled
    OpenFlow: Disabled
    TRILL: Disabled
    QosProfile: None configured
    Egress Rate Limit Designated Port: None configured
    Flood Rate Limit QosProfile: None configured
    Ports: 25. (Number of active ports=24)
    Untag: *1:9(40GbE-App),*1:13(40GbE-App),*2:85(40GbE-App),*2:89(40GbE-App)
    Tag: *1:1g, *1:49g, *3:45g, *3:93g, *3:41g, *3:37g, *3:81g,
    *3:33g, *3:85g, *3:89g, 3:9g, *3:21g, *3:17g, *3:25g,
    *3:29g, *3:57g, *3:65g, *3:69g, *3:73g, *3:77g, *3:61g
    Flags: (*) Active, (!) Disabled, (g) Load Sharing port
    (b) Port blocked on the vlan, (m) Mac-Based port
    (a) Egress traffic allowed for NetLogin
    (u) Egress traffic unallowed for NetLogin
    (t) Translate VLAN tag for Private-VLAN
    (s) Private-VLAN System Port, (L) Loopback port
    (x) VMAN Tag Translated port
    (G) Multi-switch LAG Group port
    (H) Dynamically added by MVRP
    (D) TRILL Designated, (A) TRILL Appointed Forwarder
    (I) Dynamically added by IDM
    (U) Dynamically added uplink port
    (V) Dynamically added by VM Tracking
    brm05-2247-core.2 # show ntp vlan "client2247"
    Vlan NTP Status Broadcast Server Key Index
    client2247 Enabled Enabled -
    brm05-2247-core.3 # [/code][/code]
    Finally, btpsrv02 is the "other" vendor router serving NTP via IPv6:

    [root@bcx-00130 ~]# ntpdate -u6 btpsrv02
    21 Mar 16:31:54 ntpdate[815]: adjust time server 2606:b400:410:d50::1 offset -0.000768 sec
    [root@bcx-00130 ~]# traceroute6 btpsrv02
    traceroute to btpsrv02 (2606:b400:410:d50::1), 30 hops max, 80 byte packets
    1 brm05-2247-core.some.domain.com (2606:b400:410:d42::1) 0.221 ms 0.203 ms 0.189 ms
    2 2606:b400:410:d40:4000:21ab:2247:1 (2606:b400:410:d40:4000:21ab:2247:1) 0.219 ms 0.213 ms 0.200 ms
    3 brm05-3240-core.some.domain.com (2606:b400:410:d50::1) 0.824 ms 1.013 ms 1.245 ms
    [root@bcx-00130 ~]# [/code]