Configure F5 LTM as NTP server

Configure F5 LTM as NTP serverplease check NTP server section.

 

 

sol11237: Defining advanced NTP configurations on the BIG-IP system

 

https://support.f5.com/kb/en-us/solutions/public/11000/200/sol11237.html?sr=20132206

Hi Nitass,

 

 

I had used the article to assist in my configuration of the F5 as the NTP server. Below are my situation

 

 

When I configure the F5 as a NTP server, other equipment can time sync with the F5. But when I added a NTP server to the same F5 for it to time sync, the other equipment is not able to time sync with the F5 and itself also cannot sync its time with the targeted NTP server.

 

 

Do it need to create one self IP for the F5 to time sync with the targeted NTP server and another one for the usage to configure as the NTP server?

 

 

Please advice.

 

 

Thks and Rgds

Do it need to create one self IP for the F5 to time sync with the targeted NTP server and another one for the usage to configure as the NTP server? i do not think we have to create a new selfip, what we have to do is to make sure ntp server is reachable by f5 e.g. routing.

Why exactly you are not configuring the same NTP server for other devices....?

Hi Vaibhav,

 

 

Actually, this is a customer requirement. Thus, I am trying to fulfill the requirement.

 

 

Rgds

 

 

Hi Nitass,

 

 

I will give it a try again.

 

 

Thks and Rgds

I played around with this recently. We had one NTP server, run by networking. But, it is unreliable. And, this was causing problems.

 

 

And, since...ntp recommends that you have at least 3 servers.

 

 

I tried to setup NTP on both the active and standby units...and use the unit self IPs (and adding 123/UDP to the allowed list for the port lockdown). Which seemed to work for servers not behind the F5. But, servers behind the F5, can only reach the active unit.

 

 

L

Hi Lawrence,

 

I just got confused with your explanation towards the end.... So what you are trying to say is "The servers in your network that can reach F5 self IP,you have configured these servers to use F5 self IP as a NTP server. These servers are able to synchronize their time with F5 units without any problem" is this correct... ??????

 

 

 

Regards,

The external, public IP space self-IPs of my F5 pair are set to allow NTP.

 

 

Servers on the outside can see both self-IPs. Servers on the internal side of the F5, can only see the self-IP of the active unit.

hi,

 

how change the command with tmsh??

 

 

[root@f5:Active] .ssh bpsh < ntp_include

 

/usr/bin/bpsh: bigpipe is no longer supported; please use tmsh.

 

 

 

thanks

sorry i forgot to write before that i'm following this solution:

 

https://support.f5.com/kb/en-us/solutions/public/11000/200/sol11237.html?sr=20132206