NTP Server Configuration on Cisco
This post is related to NTP Server Configuration on Cisco router. NTP synchronizes the time of day between a set of time servers and distributed clients. This allows network devices to agree with the time at which a specific event occurred, such as loss of connectivity between a router and a switch.Cisco clock setting
The software clock of a router or switch starts when the system boots and is where the system extracts the time. It is important to synchronize the time on all devices on the network because all aspects of administration, security, troubleshooting, and network planning require an accurate time stamp. When the time between devices is not synchronized, it will be impossible to determine the order of events and the cause of an event.Generally, date and time settings on a router or switch can be configured in one of the following ways:
- Set the date and time manually, as shown in the figure.
- Configure network time protocol ( NTP ).
As a network grows, it becomes difficult to ensure that all infrastructure devices operate with a synchronized time. Even in a smaller network environment, the manual method is not ideal. How to get a precise date and time stamp if a router is restarted?
R1 # clock set 20:36:00 Dec 29 2017
R1 #
* Dec 11 20: 36: 00,000:% SYS-6-CLOCKUPDATE: System clock has been
updated from 21:32:31 UTC Fri Dec 29 2017 to 20:36:00 UTC Fri Dec 29
2017, configured from console by console.
A better solution is to configure the NTP on the network. This protocol allows network routers to synchronize their time settings with an NTP server. If an NTP client group obtains date and time information from a single source, it will have more consistent time settings. When NTP is implemented in the network, it can be configured to synchronize with a private master clock or it can be synchronized with an NTP server publicly available on the Internet.
NTP uses UDP port 123 and is documented in RFC 1305.
NTP OPERATION
NTP networks use a hierarchical system of time sources. Each level in this hierarchical system is called a stratum. The stratum level is defined as the amount of jumps from authorized source. The synchronization time is distributed on the network using the NTP protocol. The figure shows a model NTP network.
NTP servers arranged in three levels that show the three layers. Stratum 1 is connected to clocks of stratum 0.
- Stratum 0: An NTP network obtains time from authorized time sources. These authorized sources, known as stratum 0 devices, are high precision timing devices that are presumably accurate and with little or no delay associated with them. The devices of stratum 0 are represented by the clock in the figure.
- Stratum 1: Stratum 1 devices are directly connected to valid time sources. They act as the standard time of the main network.
- Stratum 2 and lower: The servers of stratum 2 are connected to devices of stratum 1 through network connections. Stratum 2 devices, as NTP clients, synchronize their schedule with NTP packets from stratum 1 servers. They could also act as servers for stratum 3 devices.
The lower numbers of strata indicate that the server is closer to the authorized time source than the higher stratum numbers. The higher the stratum number, the lower the stratum level. The maximum hop count is 15. Stratum 16, the lower stratum level, indicates that a device is not synchronized. Time servers at the same stratum level can be configured to act as a pair with other time servers at the same layer level for verification or backup of the schedule.
NTP Configuration Cisco
Before configuring NTP on the network, the show clock command shows the current time on the software clock. With the detail option , the time source is also displayed. As can be seen below, the software clock has been manually set. Use the ntp server ip-address command in global configuration mode to configure 209.165.200.225 as the NTP server for R1. To verify that the time source is set to NTP, use the show clock detail command again .
R1 # show clock detail
20: 55: 10,207 UTC Fri Dec 29 2017
Time source is user configuration
R1 (config) # ntp server 209.165.200.225
R1 (config) # end
R1 # show clock detail
21: 01: 34,563 UTC Fri Dec 29 2017
Time source is NTP
As indicated in the following result, use the show ip ntp associations and show ntp status commands to verify that R1 is synchronized with the NTP server at 209.165.200.225. Note that R1 is synchronized with a NTP server of stratum 1 at 209.165.200.225, which is synchronized with a GPS clock. The show ntp status command indicates that R1 is now a layer 2 device synchronized with the NTP server at 209.165.220.225.
R1 # show ntp associations
address ref clock st when poll reach delay offset disp
* ~ 209.165.200.225 .GPS. 1 61 64 377 0.481 7.480 4.261
* sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured
R1 # show ntp status
Clock is synchronized, stratum 2, reference is 209.165.200.225
nominal freq is 250.0000 Hz, current freq is 249.9995 Hz, precision is 2 ** 19
ntp uptime is 589900 (1/100 of seconds), resolution is 4016
reference time is DA088DD3.C4E659D3 (13: 21: 23.769 PST Tue Dec 1 2015)
clock offset is 7.0883 msec, root delay is 99.77 msec
root dispersion is 13.43 msec, peer dispersion is 2.48 msec
loopfilter state is 'CTRL' (Normal Controlled Loop), drift is 0.000001803 s / s
system poll interval is 64, last update was 169 sec ago.
NTP VERIFICATION
The S1 clock is set to synchronize with R1. The output of the show ntp associations command verifies that the S1 clock is now synchronized with R1 in 192.168.1.1 via NTP. R1 is a layer 2 device and an NTP server for S1. Now the S1 is a layer 3 device that can provide the NTP service to other devices in the network, for example terminals.S1 (config) # ntp server 192.168.1.1 S1 (config) # end S1 # show ntp associations address ref clock st when poll reach delay offset disp * ~ C192.168.1.1 209.165.200.225 2 12 64 377 1.066 13.616 3.840 * sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured S1 # show ntp status Clock is synchronized, stratum 3, reference is 192.168.1.1 nominal freq is 119.2092 Hz, current freq is 119.2088 Hz, precision is 2 ** 17 reference time is DA08904B.3269C655 (13: 31: 55.196 PST Tue Dec 1 2015) clock offset is 18.7764 msec, root delay is 102.42 msec root dispersion is 38.03 msec, peer dispersion is 3.74 msec loopfilter state is 'CTRL' (Normal Controlled Loop), drift is 0.000003925 s / s system poll interval is 128, last update was 178 sec ago.
No comments:
Post a Comment