ntp
hi guys!
how can I config NTP Server? please say me what is NTP config command?
Thank's alot my dude!
how can I config NTP Server? please say me what is NTP config command?
Thank's alot my dude!
Comments
-
malcybood Member Posts: 900 ■■■□□□□□□□hi guys!
how can I config NTP Server? please say me what is NTP config command?
Thank's alot my dude!
ntp server 2.2.2.2 -
SubnetZero Member Posts: 124So you have a couple of options here. First one, if your Cisco router is going to be acting as an NTP server it either needs to be synched with an authoritative time source, or you can force your Cisco router to be the authoritative time source.
Typically what I see is that your redundant distribution layer routers are configured to sync with an authoritative time source, and then all of your other Cisco devices below sync to the distribution routers. It's also a good idea to authenticate your NTP as well.
Here is an example configuring what will be an NTP server[COLOR=#000080]ntp authentication-key 1 md5 1234567891011121314 7[/COLOR] [COLOR=#000080]ntp authenticate[/COLOR] [COLOR=#000080]ntp trusted-key 1[/COLOR] [COLOR=#000080]ntp update-calendar[/COLOR] [COLOR=#000080]ntp server 198.60.73.8[/COLOR] [COLOR=#000080]ntp server 131.107.13.100[/COLOR] [COLOR=#000080]ntp server 64.147.116.229[/COLOR]
To verify your clocks are synched do the following:[COLOR=#000080]Router#show ntp ass[/COLOR] [COLOR=#000080] address ref clock st when poll reach delay offset disp[/COLOR] [COLOR=#000080]-~198.60.73.8 .ACTS. 1 1 1024 377 31.6 0.64 0.8[/COLOR] [COLOR=#000080]+~127.127.7.1 127.127.7.1 2 44 64 377 0.0 0.00 0.0[/COLOR] [COLOR=#000080]+~131.107.13.100 .ACTS. 1 310 1024 377 43.6 -1.34 4.9[/COLOR] [COLOR=#000080]*~64.147.116.229 .ACTS. 1 964 1024 377 17.1 -4.17 4.2[/COLOR] [COLOR=#000080] * master (synced), # master (unsynced), + selected, - candidate, ~ configured [/COLOR]
[COLOR=#000080]Router#show ntp status[/COLOR] [COLOR=#000080]Clock is synchronized, stratum 2, reference is 198.60.73.8[/COLOR] [COLOR=#000080]nominal freq is 250.0000 Hz, actual freq is 250.0012 Hz, precision is 2**18[/COLOR] [COLOR=#000080]reference time is D2DE7306.22FCE98A (08:29:58.136 PST Thu Feb 9 2012)[/COLOR] [COLOR=#000080]clock offset is -2.7579 msec, root delay is 31.31 msec[/COLOR] [COLOR=#000080]root dispersion is 9.99 msec, peer dispersion is 2.29 msec[/COLOR]
Now just point your clients to your internal NTP server's[COLOR=#000080]SV3750-MDF-1A#sh run | i ntp[/COLOR] [COLOR=#000080]ntp authentication-key 1 md5 1234567891011121314 7[/COLOR] [COLOR=#000080]ntp authenticate[/COLOR] [COLOR=#000080]ntp trusted-key 1[/COLOR] [COLOR=#000080]ntp clock-period 36028713[/COLOR] [COLOR=#000080]ntp server 10.75.176.2 key 1[/COLOR] [COLOR=#000080]ntp server 10.75.176.3 key 1[/COLOR]
Verify it[COLOR=#000080]SV3750-MDF-1A#sh ntp ass[/COLOR] [COLOR=#000080] address ref clock st when poll reach delay offset disp[/COLOR] [COLOR=#000080]*~10.75.176.2 198.60.73.8 2 68 128 377 0.6 0.59 0.1[/COLOR] [COLOR=#000080] ~10.75.176.3 0.0.0.0 16 952 1024 0 0.0 0.00 16000.[/COLOR]
[COLOR=#000080]SV3750-MDF-1A#show ntp stat[/COLOR] [COLOR=#000080]Clock is synchronized, stratum 3, reference is 10.75.176.2[/COLOR] [COLOR=#000080]nominal freq is 119.2092 Hz, actual freq is 119.2095 Hz, precision is 2**18[/COLOR] [COLOR=#000080]reference time is D2DE77D9.E36302AC (08:50:33.888 PST Thu Feb 9 2012)[/COLOR] [COLOR=#000080]clock offset is 0.5941 msec, root delay is 31.94 msec[/COLOR] [COLOR=#000080]root dispersion is 10.67 msec, peer dispersion is 0.08 msec[/COLOR]
Alternatively you can configure an unsynchronized router to act as an authoritative NTP source using the ntp master command.
Note: Cisco and NTP experts discourage the use of this command if any other NTP time sources are available because it violates NTP's hierarchical trust model. When using this command, you should choose a high stratum number, such as 10, so time associations through the fake master clock are ignored if more trustworthy NTP information is made available.
To enable an unsynchronized Cisco router to act as an authoritative NTP clock at stratum 10:[COLOR=#000080]Router#config terminal[/COLOR] [COLOR=#000080]Enter configuration commands, one per line. End with CNTL/Z.[/COLOR] [COLOR=#000080]Router(config)#ntp master 10[/COLOR]
HTH
While no trees were harmed in the transmission of this message, several electrons were severely inconvenienced :cool: -
hadi_x Registered Users Posts: 6 ■□□□□□□□□□SubnetZero wrote: »So you have a couple of options here. First one, if your Cisco router is going to be acting as an NTP server it either needs to be synched with an authoritative time source, or you can force your Cisco router to be the authoritative time source.
Typically what I see is that your redundant distribution layer routers are configured to sync with an authoritative time source, and then all of your other Cisco devices below sync to the distribution routers. It's also a good idea to authenticate your NTP as well.
Here is an example configuring what will be an NTP server[COLOR=#000080]ntp authentication-key 1 md5 1234567891011121314 7[/COLOR] [COLOR=#000080]ntp authenticate[/COLOR] [COLOR=#000080]ntp trusted-key 1[/COLOR] [COLOR=#000080]ntp update-calendar[/COLOR] [COLOR=#000080]ntp server 198.60.73.8[/COLOR] [COLOR=#000080]ntp server 131.107.13.100[/COLOR] [COLOR=#000080]ntp server 64.147.116.229[/COLOR]
To verify your clocks are synched do the following:[COLOR=#000080]Router#show ntp ass[/COLOR] [COLOR=#000080] address ref clock st when poll reach delay offset disp[/COLOR] [COLOR=#000080]-~198.60.73.8 .ACTS. 1 1 1024 377 31.6 0.64 0.8[/COLOR] [COLOR=#000080]+~127.127.7.1 127.127.7.1 2 44 64 377 0.0 0.00 0.0[/COLOR] [COLOR=#000080]+~131.107.13.100 .ACTS. 1 310 1024 377 43.6 -1.34 4.9[/COLOR] [COLOR=#000080]*~64.147.116.229 .ACTS. 1 964 1024 377 17.1 -4.17 4.2[/COLOR] [COLOR=#000080] * master (synced), # master (unsynced), + selected, - candidate, ~ configured [/COLOR]
[COLOR=#000080]Router#show ntp status[/COLOR] [COLOR=#000080]Clock is synchronized, stratum 2, reference is 198.60.73.8[/COLOR] [COLOR=#000080]nominal freq is 250.0000 Hz, actual freq is 250.0012 Hz, precision is 2**18[/COLOR] [COLOR=#000080]reference time is D2DE7306.22FCE98A (08:29:58.136 PST Thu Feb 9 2012)[/COLOR] [COLOR=#000080]clock offset is -2.7579 msec, root delay is 31.31 msec[/COLOR] [COLOR=#000080]root dispersion is 9.99 msec, peer dispersion is 2.29 msec[/COLOR]
Now just point your clients to your internal NTP server's[COLOR=#000080]SV3750-MDF-1A#sh run | i ntp[/COLOR] [COLOR=#000080]ntp authentication-key 1 md5 1234567891011121314 7[/COLOR] [COLOR=#000080]ntp authenticate[/COLOR] [COLOR=#000080]ntp trusted-key 1[/COLOR] [COLOR=#000080]ntp clock-period 36028713[/COLOR] [COLOR=#000080]ntp server 10.75.176.2 key 1[/COLOR] [COLOR=#000080]ntp server 10.75.176.3 key 1[/COLOR]
Verify it[COLOR=#000080]SV3750-MDF-1A#sh ntp ass[/COLOR] [COLOR=#000080] address ref clock st when poll reach delay offset disp[/COLOR] [COLOR=#000080]*~10.75.176.2 198.60.73.8 2 68 128 377 0.6 0.59 0.1[/COLOR] [COLOR=#000080] ~10.75.176.3 0.0.0.0 16 952 1024 0 0.0 0.00 16000.[/COLOR]
[COLOR=#000080]SV3750-MDF-1A#show ntp stat[/COLOR] [COLOR=#000080]Clock is synchronized, stratum 3, reference is 10.75.176.2[/COLOR] [COLOR=#000080]nominal freq is 119.2092 Hz, actual freq is 119.2095 Hz, precision is 2**18[/COLOR] [COLOR=#000080]reference time is D2DE77D9.E36302AC (08:50:33.888 PST Thu Feb 9 2012)[/COLOR] [COLOR=#000080]clock offset is 0.5941 msec, root delay is 31.94 msec[/COLOR] [COLOR=#000080]root dispersion is 10.67 msec, peer dispersion is 0.08 msec[/COLOR]
Alternatively you can configure an unsynchronized router to act as an authoritative NTP source using the ntp master command.
Note: Cisco and NTP experts discourage the use of this command if any other NTP time sources are available because it violates NTP's hierarchical trust model. When using this command, you should choose a high stratum number, such as 10, so time associations through the fake master clock are ignored if more trustworthy NTP information is made available.
To enable an unsynchronized Cisco router to act as an authoritative NTP clock at stratum 10:[COLOR=#000080]Router#config terminal[/COLOR] [COLOR=#000080]Enter configuration commands, one per line. End with CNTL/Z.[/COLOR] [COLOR=#000080]Router(config)#ntp master 10[/COLOR]
HTH
thank you so much it was complete answer