NTP time service

It’s defined in RFC 1305. It’s an UDP based protocol, with is taken for time syncrounisation with NTP servers. An NTP server can be any source speaking the time protocol. Normaly this server has a atomic or radio clock attached. NTP uses a stratum to describe how many NTP hops away a machine. It stratum 1 if the NTP server with clock is directly available. If there is another stratum 1 time server in between, it a stratum 2 server. Cisco does not provide stratum 1 server with clock attached. Normaly this is a Unix daemon from www.ntp.org. Well i just read cisco provides an external clock. But as an extension kit for the cisco 7200 series routers only. If found this, as there is an “ntp refclock” variable in the IOS 12.4 documentation. You find this information here:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cr/hcf_r/cfn_05h.htm#wp1047024

To configure an NTP server for a router:

ntp server [ip add]

ntp timezone [WORD] +/- hours

The timezone is the difference between the UTC or called GMT and the local time. Here in germany in the summer it’s +2. With the variable

NTP Authentication:

Server:

ntp server [ip]

ntp authentication-key [number] md5 [password]

ntp trusted-key [number]

Client:

ntp server [ip]

ntp authentication-key [number] md5 [password]

ntp authenticate

ntp trusted-key 1

It could be a good idea to keep times on routers and server in sync. This can help a lot, to identify problems. You can always exactly track down the problem to a specific time.

Configuring authentication does not mean other ntp client’s can not connect to an server any more. You have to configure this with access lists.

A good source about NTP on cisco routers:

http://www.oreilly.com/catalog/hardcisco/chapter/ch10.html

Download PDF Download as PDF

Kommentieren