NTP Configuration on Cisco Router

What is NTP?

NTP is one of the oldest internet protocol in current use. It is used to synchronize the clock between network devices.

The accuracy of time and date is important in the following conditions

  • If we are using Time-based Access control list
  • Certificate-based authentication between server and client
  • When Log messages are getting tracked to monitor the device

Time is managed through the central clock. It’s very important to keep time and date up to date in all network devices like switches, firewall or routers. Maintaining accuracy of time and date helps administrator to look at some log information and their timestamps so that Administrator can understand when and how the logs were generated and where the problem occurred.

If all devices are not running on correct time then it becomes difficult to track the issue and troubleshoot a problem.

NTP is the perfect solution for keeping time and date up to date in all the devices. NTP uses UDP as a transport layer protocol with a port number of 123.

NTP uses a term called “Stratum” which is defined as the distance between a device and authoritative time server. In another way It means that how many hopes a device is away from authoritative time server or reference clock.

NTP has got 16 different stratum levels. “Stratum 0″ is considered as a reference clock.

Stratum 0 is directly maintained by the Global Positioning System, Atomic clock and other upstream devices and no delay are associated with it. The lower a server’s stratum the more accurate it is.

Stratum 1 devices are synchronized according to stratum 0 reference clock and similarly, Stratum 2 devices are synchronized according to stratum 1 devices and the process goes on. Stratum 2 devices may not be as accurate as stratum 1 due to network delays and jitter. NTP client can receive a time source from multiple stratum servers for reliability and accuracy.

NTP is not only used in cisco devices but supported by all other network devices. There are two types of clocks used in most of the Cisco devices

1 – Software Clock

2 – Hardware Clock

1- Software Clock – Software clock is the primary clock to update time and date. Software clock can be updated from an external source like – NTP Server, Simple NTP and hardware Clock.

Initially, Software clock is updated from the hardware clock during boot time. Software clock is the most accurate because It can be configured with an external source.

You can view software clock in IOS CLI

# show clock

2 – Hardware Clock – It is an integrated clock powered by a battery. Hardware clock can be synchronized with software clock. Hardware clock sometimes referred a “Calendar”

You can view hardware clock in IOS CLI

# show calendar

Software clock can update the hardware clock in Cisco device by giving the following command in the configuration mode of IOS CLI

Router# clock update calendar

Generally, Cisco devices are run in NTP client mode. They are updated from NTP server, NTP server. NTP Server may be located globally or locally. NTP communication uses Coordinated Universal Time (UTC). UTC – It’s a global standardized to represent time. It is the best idea to keep updating clocks on all the network devices to UTC.

Cisco devices can be configured in three NTP modes

1. NTP Server Mode

2. NTP Client Mode

3. NTP Symmetric active mode

1. Server Mode – In this mode devices operate as a NTP server and serve time source for the client.

2. NTP Client Mode – Local router or switch can be synchronized by the remote server but vice versa can’t occur.

3. NTP Symmetric active mode – In this mode, local router or switch and the remote server can be synchronized with each other. This mode is used as a backup when the remote NTP server is not available. The local router or switch may become time source for NTP clients.

NTP Configuration Example:

I’m going to use the lab for a demonstration. This article will demonstrate how to configure clock and how a client can get time from an external time source. We will be covering configuration of NTP server on Cisco router and will make sure all device are synchronized. later on, we will complete with verification.

http://www.pool.ntp.org website shows the best available public NTP servers and can be used as per your zone.

LAB objectives:-

1. Differentiation between software clock and hardware clock

2. Configure software clock and sync software clock with the hardware clock

3. Configure NTP_CLIENT to synchronize with public NTP pool server

4. Configure the Cisco router as a NTP server and client as per topology. Make sure both devices are synchronized.

 

1. Differentiation between software clock and hardware clock

First let’s verify the software clock using the following command

NTP_CLIENT# show clock

*00:24:23.283 UTC Fri Mar 1 2002

 

* indicates that it is not from authoritative source time server but it is synced with hardware clock at boot time.

This can be seen in more detail by using below command ” show clock detail “

NTP_CLIENT# show clock detail

*00:28:22.019 UTC Fri Mar 1 2002Time source is hardware calendar

 Let’s verify the hardware clock by using the following command

NTP_CLIENT# show calendar

00:28:22 UTC Fri Mar 1 2002

 

1. Configure software clockConfiguration of software clock is very simple and this can be configured in privilege exec mode of Cisco IOS CLI.

NTP_CLIENT# clock set 20:49:00 17 JULY 2018

NTP_CLIENT#*Jul 17 20:49:00.000: %SYS-6-CLOCKUPDATE: System clock has been updated from 00:40:23 UTC Fri Mar 1 2002 to 20:49:00 UTC Tue Jul 17 2018, configured from console by console.

After giving “clock set” one gets a notification.

Now let’s verify software clock again

NTP_CLIENT# show clock

20:54:11.287 UTC Tue Jul 17 2018

NTP_CLIENT# show clock detail

20:55:23.543 UTC Tue Jul 17 2018Time source is user configuration

NTP_CLIENT# show calendar

00:35:23 UTC Fri Mar 1 2002

This time we can see that * has disappeared and time source is user configuration. We think that system time is updated properly but hardware clock does not get updated therefor It is recommended to check both the clocks and to make sure that both are synchronized with each other.

As per above output, if we reboot the device then we will lose the configured software clock’s setting and Software clock will be reverted to hardware clock and we may have incorrect time.

 

2. Configure software clock and sync software clock with the hardware clock

Now let’s synchronise hardware clock with software clock by giving below command

NTP_CLIENT#  clock update-calendar

NTP_CLIENT# show calendar

20:55:23 UTC Tue Jul 17 2018

 

3. Configure NTP_CLIENT to sync with public NTP pool server

There are very few commands to configure NTP client. This configuration will be carried on in the global configuration mode of IOS CLI. If one is using public NTP server then we need to make sure router is connected to internet and DNS is configured. DNS is optional if one is using NTP name instead of NTP server IP.

NTP_CLIENT# config t

NTP_CLIENT(config)# ip name-server 4.2.2.2

NTP_CLIENT(config)# ntp server pool.ntp.org

Translating “pool.ntp.org”…domain server (4.2.2.2) [OK]

Now we can see that name resolution is successfully done because we have configured DNS name address in NTP client. Now NTP client is synchronized with the public server.

Cisco router is using NTP version 3 as a default NTP version.

Here is a glance at Wireshark packets

The packet from NTP Client

The packet from NTP Server

Let’s verify the configuration using below command

NTP_CLIENT# show ntp associations

address               ref clock             st    when  poll reach  delay  offset    disp*~167.99.64.239    103.1.106.69      2    27         64  377       43.9   -3.45     7.4* master (synced), # master (unsynced), + selected, – candidate, ~ configured

NTP synchronisation may take some time so the administrator needs to see the similar output.

“Show ntp association command” shows synchronisation status.  When one see * in front of ~ this tell the clock is synchronised with the server. We have to make sure that we see * in the output.

Second option st shows that which stratum the clock is synchronised with. Stratum 2 means we are very close to reference clock source.

The poll is also important to observe here.. The poll is used to tell the device to synch clock every 64 seconds.

Let’s verify with one more command

NTP_CLIENT# show ntp status

Clock is synchronized, stratum 3, reference is 167.99.64.239nominal freq is 250.0000 Hz, actual freq is 250.0005 Hz, precision is 2**18reference time is DEF89706.95E6AF32 (16:25:42.585 UTC Tue Jul 17 2018)clock offset is -14.8988 msec, root delay is 108.11 msecroot dispersion is 26.89 msec, peer dispersion is 10.89 msec

This output also shows that our clock is synchronised and stratum value of 3 from this router. In the above output it was st 2 but from this router, it has increased by one hop so the output is 3.

Once the software clock is updated then you can update the hardware clock by giving below command (It is recommended to update both the clocks)

NTP_CLIENT(config)# ntp update-calendar

NTP_CLIENT# show clock

16:44:47.310 UTC Tue Jul 17 2018

NTP_CLIENT# Show calendar

16:44:47 UTC Tue Jul 17 2018

The hardware clock is updated with software clock and that’s all I wanted to configure in the topology.

4. Configure Cisco router as an Authoritative NTP server and client as per topology. Make sure that both are synchronized. Let’s remove the previous NTP configure from NTP_CLIENT
NTP_CLIENT(config)# no ntp server pool.ntp.org

Manually Configure NTP_SRV router as a NTP server and the other router as a NTP_CLIENT as per topology

Before configuring server we check the clock on both the devices

NTP_SRV# show clock

22:27:34.567 UTC Tue Jul 17 2018

NTP_SRV# show ntp status%NTP is not enabled.

 

NTP_CLIENT# show clock

*00:03:07.383 UTC Fri Mar 1 2002

NTP_CLIENT# show ntp status%NTP is not enabled.

 

Now we can see that both the device are not synchronized and have different clock settings.

NTP is not running on both the devices. Now we can proceed further and configure NTP_Srv router

 

NTP_SRV# debug ntp events

NTP_SRV(config)# ntp master 1

Before configuring NTP master ntp debug is enabled to see what’s going to happen between client and server. Here I’ve taken stratum source 1 but you can take any number between 1 to 15.

NTP_SRV# debug ntp events

NTP_SRV(config)# ntp server 12.0.0.2

Only one command and it will start looking for NTP Server.

Let’s verify the debug output what has happened between server and client,

NTP_SRV(config)#

.Jul 17 22:46:08.411: NTP: 127.127.7.1 reachableJul 17 22:46:08.411: NTP: 127.127.7.1 synced to new peerJul 17 22:46:08.415: NTP: sync changeJul 17 22:46:08.415: NTP: peer stratum change

 

NTP_CLIENT#

*Jul 17 22:46:21.205: NTP: peer stratum change*Jul 17 22:46:21.205: NTP: clock resetJul 17 22:46:22.209: NTP: 12.0.0.2 synced to new peerJul 17 22:46:22.209: NTP: sync changeJul 17 22:46:22.209: NTP: peer stratum changeJul 17 22:46:22.213: NTP: 12.0.0.2 reachable

The output is as per our expectation. CLIENT has changed the stratum value and reset the clock. Output includes the NTP master address.

Now it’s time to verify client and server both using “show ntp association”, show ntp status

NTP_SRV# show ntp status

Clock is synchronized, stratum 1, reference is .LOCL.nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**18reference time is DEF8F37F.6958D8A2 (23:00:15.411 UTC Tue Jul 17 2018)clock offset is 0.0000 msec, root delay is 0.00 msecroot dispersion is 0.02 msec, peer dispersion is 0.02 msec

 

NTP_SRV# show ntp associations

address         ref clock          st  when    poll  reach  delay  offset    disp*~127.127.7.1      .LOCL.            0    43    64    377     0.0    0.00     0.0* master (synced), # master (unsynced), + selected, – candidate, ~ configured

 

NTP_SRV# show clock

23:08:17.307 UTC Tue Jul 17 2018

 

NTP_CLIENT# show ntp status

Clock is synchronized, stratum 2, reference is 12.0.0.2nominal freq is 250.0000 Hz, actual freq is 250.0003 Hz, precision is 2**18reference time is DEF8F40B.30058A4C (23:02:35.187 UTC Tue Jul 17 2018)clock offset is -5.6857 msec, root delay is 11.93 msecroot dispersion is 13.60 msec, peer dispersion is 7.87 msec

 

NTP_CLIENT# show ntp associations

address         ref clock     st  when     poll  reach  delay  offset    disp

*~12.0.0.2         127.127.7.1       2    62    64    377    11.9   -5.69     7.9

* master (synced), # master (unsynced), + selected, – candidate, ~ configured

 

NTP_CLIENT# show clock

23:08:10.617 UTC Tue Jul 17 2018

The client has successfully synchronised with 12.0.0.2 (NTP_Srv).  The client has got stratum 2 because it’s 1 hop away from stratum 1.  After all our software clock is get synchronized with NTP server then we can update hardware clock by giving “ntp update-calendar”.

This was the basic configuration of NTP server and client on the Cisco router. There are many other options available in NTP to configure but I will be covering other topics in different articles.

Conclusion

If this article seems useful then don’t forget to comment below,

Like, Share and don’t forget to subscribe to my channel.

https://www.facebook.com/networkinginfo/

https://www.youtube.com/channel/UC0-p23p1xWsZsTXHUQ7CiJg?view_as=subscriber

https://www.linkedin.com/in/dinesh-jangid-515b6a23/

Comments (7)

Write a Message