NTP – Configuration Example

As we discussed about NTP in last post, here I want to show you NTP basic commands and configuration examples for Maipu routers.

Basic NTP Commands

Command	Description	Configuration Mode
ntp master [stratum-number]	*To configure the NTP server and specify the stratum number	config
ntp server [vrf vrf-name] ip-address | domain-name [version version][key key-number] [source interface-name]	*To configure the NTP client and specify the server address, version, key and source interface.	config
ntp authenticate	*To authenticate the NTP clock source	config
ntp authentication-key key-number md5 key	*To configure the NTP authentication key	config
ntp trusted-key key-number	*To configure the trusted key of the NTP client	config
ntp access-group peer access-list-number	To configure the NTP access control list	config
ntp source interface-name	To specify the NTP source interface	config
ntp enable	To enable the NTP function	config
no ntp	To disable the NTP and clear the configuration	config

Configuration example -

 Description: The interface (3.3.3.1) of the local router (router-1) is connected to the interface (3.3.3.2) of the peer router (router-2). The router-1 serves as the server and the router-2 serves as the client.

Router-1 configuration:

Command	Description
router(config)#ntp master	To enable the NTP server
router(config)#ntp authentication-key 1 md5 maipu	To configure the authentication key as 1 and key content as maipu

Router-2 configuration:

Command	Description
router(config)#ntp authentication-key 1 md5 maipu	To configure the authentication key as 1 and key content as maipu
router(config)#ntp trusted-key 1	To configure the trusted key as 1
router(config)#ntp authenticate	To enable the NTP authentication function
router(config)#ntp server 3.3.3.1 key 1	To configure the server address as 3.3.3.1 and the key as 1

This above example is with MD5 authentication. We can do simple configuration also with MD5. Just configure ntp master in server router and ntp server x.x.x.x (NTP server IP)  in client Router.

Monitoring Commands

Command	Description
show ntp status	To display the current NTP status, including stratum and reference time
show clock	To display the current system time and check whether the time is synchronized correctly

Monitoring Command Example

show ntp status

Displayed Result	Description and Analysis
Current NTP status information Clock is synchronized, stratum 3, reference is 128.255.40.145 reference time is BC17C9CE.E22220B3 (00:33:18.883 Sat Jan 01 2011)	The clock is synchronized. The reference source address is 128.255.40.145. The time is 00:33: 18, Jan. 1, 2011.

show clock 

Displayed Result	Description and Analysis
UTC SAT JAN 01 00:37:07 2011	The system time is 00:37:07, Jan 1, 2011.

Debugging Commands

Command	Description
(no) debug ntp events | packet	To enable/disable the NTP event and packet debugging switch

Hope this example will help you for NTP configuration reference.

For any feedback, Plz put comment with your mail id…

NTP – Network Time protocol

Today, in this section we will discuss about NTP protocol. This is commonly used in every network. 

As you know time is very important parameter in monitoring of routers and any network devices.The best practices recommend having same clock synchronized between all network devices (Routers/Switches/etc).

          

             This will help to maintain logs and troubleshoot any network incident. Suppose anything wrong happens in network and while troubleshooting we are reviewing logs. That time we will find all devices with different clocks, some are not configured. So it will be big problem when exactly the incident happened and what is status of supporting devices at that time.

The Network Time Protocol (NTP) is a protocol designed to time synchronization in network. NTP runs over UDP, which in turn runs over IP. We configure NTP to provide accurate timestamps for system log messages.

NTP versions was described in below RFCs–

•  NTP v1 - RFC 958
•  NTP v2 - RFC 1119  
•  NTP v3 - RFC 305
•  NTP v4 - RFC 5905

NTPv4 overview-

NTP Version 4 (NTPv4) is an extension of NTP version 3. NTPv4 supports both IPv4 and IPv6 and is backward-compatible with NTPv3.

• NTPv4 supports IPv6, making NTP time synchronization possible over IPv6.
• Security is improved over NTPv3. The NTPv4 protocol provides a whole security framework based on public key cryptography and standard X509 certificates.
• Using specific multicast groups, NTPv4 can automatically calculate its time-distribution hierarchy through an entire network. 
• NTPv4 automatically configures the hierarchy of the servers in order to achieve the best time accuracy for the lowest bandwidth cost. This feature leverages site-local IPv6 multicast addresses.

Stratum- you can see stratum levels in show ntp status.

Let see what is stratum -

         Stratum levels define the distance from the reference clock to device (router). Stratum describes accuracy of your clock.

         When you enable NTP, Router/network devices can learn clock from many sources in 

network.

         For selection of best NTP server/clock in available sources. Stratum will help router 

to find most accurate clock. Whichever device is having lowest stratum that is best.

It is common to see stratum 3, 4

Detailed example of  stratum levels -

• Stratum 0 - will be for GPS devices and Atomic clocks.
• Stratum 1 - These are servers/ computers which connect to GPS devices and atomic clocks. These server acts as servers which serve time in hierarchal way to downstream devices.
• Stratum 2 - These are computers/ network devices. Which send NTP request to stratum 1 devices to synchronize most accurate clock. Stratum 2 servers can serve time to stratum 2 servers also
• Stratum 3 - these devices also perform same function like Stratum 2 , These servers collects the data from startum 2 servers.

Below diagram will explain you about stratum levels.

Hope this diagram will help you for better understanding about stratum.

Working flow of NTP -

NTP communication consists of time requests and control queries. Time requests provide the standard client/server relationship in which a client requests time synchronization from an NTP server.

             Control queries provide ways for remote systems to get configuration information and reconfigure NTP servers.

NTP modes -

NTP can operate in four different modes--client, server, peer, and broadcast. These modes provide NTP with a great amount of flexibility in configuration and synchronization in network.

Here is a short explanation of the NTP modes:

• Client Mode - An NTP client is configured to let its clock be set and synchronized by an external NTP timeserver (Router/server/etc). NTP clients can be configured to use multiple servers to set their local time and are able to give preference to the most accurate time sources. They will not provide synchronization services to any other devices. 

• Server Mode -An NTP server is configured to synchronize NTP clients. Servers can be configured to synchronize any client or only specific clients.NTP servers will not accept synchronization information from their clients and will not let clients update or affect the server's time settings.

• Peer Mode -With NTP peers, one NTP-enabled device does not have authority over the other. With the peering model, each device shares its time information with the other, and each device can also provide time synchronization to the other.

• Broadcast/multicast Mode -Broadcast/multicast mode is a special NTP mode with which the NTP server broadcasts its synchronization information to all clients. Broadcast mode requires that clients be on the same subnet as the server.Multicast mode requires that clients and servers have multicast access available and configured.

Hope this information is informative for you..

For like and queries, Plz put comment with your mail id ...