Need "CRS125-24G-1S" to be a NTP server.
Time is wrong and time is not updating. Please can you advise?
I followed the wiki here and other posts.
The following is current state. > /ip cloud print
ddns-enabled: no
update-time: no
public-address: 41.146.0.10
status: updated
> /system package print
NAME VERSION SCHEDULED
0 routeros-mipsbe 6.43.2
1 system 6.43.2
2 X ipv6 6.43.2
11 ntp 6.43.2
> /system ntp client print
enabled: yes
mode: unicast
primary-ntp: 146.64.24.58 {Tested server from Linux # server 146.64.24.58, stratum 2, offset -0.008238, delay 0.21750}
secondary-ntp: 196.10.52.57 {Also tested from Linux}
dynamic-servers:
status: started
Done more tests.
Tested the same settings on 3 different networks.
Works fine on network A {CHR x86} and network B {also a “CRS125-24G-1S”} .
The problem network C {“CRS125-24G-1S”} still is not working.
But, on problem network C two hEX PoE`s work fine to the same ntp servers. {primary-ntp: 146.64.24.58, secondary-ntp: 196.10.52.57}.
Removed the NTP package from network C {“CRS125-24G-1S”}, SNTP also does not work.
Put the NTP back, no change.
Network C {“CRS125-24G-1S”} can sync ntp via IPSEC tunnel to remote NTP, hmm, why?.
Hmmm.
This tell me Network C {“CRS125-24G-1S”} only have an issue getting time via NTP udp 123 via gateway.
The very same settings on the very same network works just fine for two other devices, two hEX PoE`s.
Sometimes issues like this are caused by ISP blocking NTP.
When you use a client “behind” the router, or SNTP on the router itself, the source port number is random and the packet to and from the NTP server passes OK.
When you run a local NTP server on the router, both source and destination port number is 123 and the ISP blocks packets from port 123.
(because they experienced DDoS problems caused by incorrectly configured NTP servers (not MikroTik) or because they don’t understand NTP and/or the NTP Pool)