Cisco Network Time Protocol (NTP)


(Rene Molenaar) #1

This topic is to discuss the following lesson:


(system) #2

Excellent!


(system) #3

It looks like your material is Clear,Concise,to the point yet Covering every single necessary field…

Are you going to publish any book on Ccie r&s V5 Lab exam in near future (May be 8-12 month)?
Any technology specific books COVERING ANY perticular technology in details?

I love your Blog post . :slight_smile:


(Rene Molenaar) #4

Hi Subhajit Paul,

Thanks :slight_smile: Right now I’m working on a “How to Master CCIE R&S Written” for the V5 exam and I also have plans for a BGP, OSPF, Multicast and MPLS book. I hope to have the CCIE book done in 2-3 months from now :slight_smile:

Rene


(system) #5

hi Rene,

Thanks a lot for the Amazing tutorial of the NTP … i really enjoy reading it.

i have question
i am studying CCIEv5 so is this information covering the topic of NTP inside the CCIEv5 ? or i need to read more ?

6.3.b Implement and troubleshoot network time protocol
6.3.b (i) NTP master, client, version 3, version 4
6.3.b (ii) NTP Authentication

Best Regards


(Rene Molenaar) #6

Hi Sensie,

This covers most of the stuff you’ll need to know for CCIE but I would also recommend to browse through the DocCD. There are some nice NTP tricks that you might encounter in the lab…

Rene


(christopher c) #7

Rene,

Hello, I have some Cisco SG300 switches, which are Cisco, but not IOS. My external router is a 367 router and I have it configured ntp, to synchronize with pool.ntp.org. I want use the 867 for my time source for all of my internal devices, my ASA is synchronizing fine with ntp. I tried to setup the SG300s and notice that they only support sntp. Are there any issues with mixing the two protocols and setting the 367 as a sntp server?

Thanks,

Chris


(Rene Molenaar) #8

Hi Chris,

That shouldn’t be a problem. SNTP (Simple NTP) means that it only support NTP client, not server. You can configure your 867 to be a NTP client of pool.ntp.org and to be a NTP server for your LAN.

Your SG300 can become a NTP client of your 867.

Rene


(Thomas K) #9

Rene,

Hi. What happens if I have say defined three NTP servers like below on my cisco router:

 

NTP server 10.1.1.10

NTP Server 10.1.2.10

NTP Server 10.1.3.10

 

Which NTP server will provide my router with the proper time?

 

Many thanks,

Thomas


(Rene Molenaar) #10

Hi Thomas,

I haven’t tested this but from what I’ve read, NTP prefers low stratum servers over high stratum servers unless the time difference between the local clock and the low stratum server is quite different.

On Cisco IOS, you can also use the “prefer” parameter to tell the router what NTP server to use as the primary:

ntp server 1.1.1.1 prefer

Rene


(Mohammad Hasanuz Zaman) #11

Hi Rene,
What is the use of Hardware clock as router use software clock when any event occurs.How we will fix hardware Clock when manually configured software clock.Please help me to understand it.Thx

Br/
Zaman


(Rene Molenaar) #12

Hi Zaman,

The hardware clock is used for when you reboot your device or when it’s powered off. It will keep running, unlike your software clock :slight_smile:

The software clock can sync itself with the hardware clock. This can be useful if you don’t use NTP.

Rene


(Guy G) #13

Hi Rene,

I was wondering what is the difference between the NTP versions Cisco devices let you configure (1-4)?


(Lazaros Agapides) #14

Hello Guy!

The first complete specification of NTP, that is, Version 1, appeared in 1988 (RFC 1059) which provided simple symmetric and client server mode operation.

Version 2 appeared in 1989 (RFC 1119) and added symmetric key authentication using DES-CBC.

Version 3, which is the version that is most used today was first described in 1992 (RFC 1305) and has been systematically improved over the years. It introduced formal correctness principles, revised algorithms and broadcast mode . This is the default version that is available in most Cisco devices using the 12.X IOS version, and the recommended minimum version you should use.

Version 4 extends the support of NTP to IPv6 and is available on any Cisco device that supports IPv6.

I hope this has been helpful!

Laz


(AZM U) #15

Hello Laz,
A few questions.

  1. Let’s say I have a router that is configured to receive the ntp information from a ntp server located in the internet. I have also configured the time locally by using clock set command. Which time will have more preference? In another words, which time the router will use?
  2. What is the command to change time-zone in a router?
  3. Let’s say a router is configured to sync its time from a ntp server and the ntp server is feeding UTC time to the router. However, I like the router to show EST time in the clock or let’s say in syslog message as well. How can I do it?
  4. What is the difference between hardware and software clock in a router/switch?

Thank you so much as usual for your great help .

Best Regards,
Azm Uddin


(Lazaros Agapides) #16

Hello AZM

**Question 1**
When NTP is configured on a device, there is what is called a poll interval. This interval is dynamic and as client and server become better synced, and there aren’t any dropped packets, this interval increases to a maximum of 1024 seconds. If you change the time using the clock set command, the time you set will become the new time. However, when the poll interval is exhausted, the device will re-sync with the NTP server. So any changes you make manually will be over-ridden at the next poll interval.

**Question 2**
To change the time zone of a router, use the clock timezone _zone hours-offset _ command where

* zone is the name of the zone to be displayed - this is just a label that you can define
* hours-offset is how many hours difference from UTC

You can find more information about this command here.

**Question 3**
NTP always communicates time in UTC. If you have a time zone configured on your Cisco device and it is configured as an NTP client, then it will receive the time in UTC and will convert the clock to the local time zone. However, SYSLOG messages will always indicate UTC time by default, even if you have configured a different time zone. In order to have SYSLOG messages display the local time instead of UTC time, you can achieve this with the following command: service timestamps log datetime localtime

**Question 4**
The hardware clock of a Cisco device is a hardware chip on the motherboard of the device with a rechargeable backup battery. The hardware clock functions separately from the software clock and its main purpose is to retain the time and date information after a reboot or an extended period of time where the device is powered down.

The software clock is the clock that functions during normal operation. It is maintained in memory using the CPU as a “timekeeper”. It is this clock that can be updated and synchronised with an NTP server on the network.

These two clocks work together to maintain the most accurate time. The software clock can be updated periodically from NTP, and it in turn updates the hardware clock at regular intervals. When the device is rebooted, the software clock is synchronised with the hardware clock to obtain its initial time when it begins to function.

The two clocks can be managed separately however. More information about related commands can be found here.

I hope this has been helpful!

Laz


(sreenath r) #17

Hi Rene,

Could you please brief about the comparison/differences of NTP , PTP and Sync E. Are n’t all the three protocols use for time Synchronization ? Do these sync protocols use for layer 1 signaling transmission like TDM ? Do we have any other usage of these protocols in real environment ( internet ) apart from tracking logging information ?


(Vladislav V) #18

Hi all,

Q regarding the authentication section:
Is “CoreRouter(config)#ntp authenticate” needed for the switches to authenticate the ntp updates from the core router. I believe - not? With that configuration on the CoreRouter, won’t that make the router seek authentication for the updates from the pool.ntp.org?

Cheers,
V.


(Rene Molenaar) #19

Hi Sreenath,

NTP and PTP have some similarities. NTP is the most common protocol to sync clocks on your network, that’s what you will mostly see on networks nowadays. We use it to sync the clock on network devices but also computers/servers etc. NTP uses software timestamping and supports millisecond synchronization.

PTP is similar to NTP but uses hardware timestamping and offers nanosecond or picosecond-level synchronization.

For 99% of the devices, NTP is good enough but if you have devices where millisecond-level synchronization is not good enough, PTP is another option (I have never seen it on a network btw).

Synce is something different. You can read an explanation here:

It’s used for frequency synchronization on certain networks.

Rene


(sreenath r) #20

Hi Rene,
Thanks for the information. Sorry to inform you that I have one more doubt as I am very new to networking .Does these protocols have any other role to control the speed of data transmission between two network nodes in the perspective of layer-1 . In ISP do we use any external clocking devices to control the signal transmission speed between networking nodes in the perspective of layer-1 or all the devices use only TCP sync to control data transmission from source to destination (layer -4)?

Thanks,
Sreejith.