Powered by Blogger.
Home » CCIE » Network Time Protocol » NTP » NTP configurations on CISCO router » Time Synchronization on network » The Mystery of Network Time Protocol

The Mystery of Network Time Protocol

Posted by Unknown Friday, March 29, 2013 2 comments

NTP : Network Time Protocol Services on CISCO routers.

Time synchronization is very critical on CISCO routers, as without accurate date and time settings, we would not be able to generate any meaningful logs on the routers. Most of the time, all the devices on a network are in synch with famous NTP servers on the internet. All the NTP servers are in synch with some Radio or Atomic Clock. Atomic clock is the defacto standard for time keeping in the world.  Atomic clocks are also used as the primary standard for controlling television broadcast wave frequency and in global positioning systems!

If our network is not connected to the internet, we can define one or two routers/switches on our network as an NTP server. We can also create different NTP peers to create redundancy and to avoid any inaccurate tuning of time.

Some quick facts about NTP:

  • NTP uses UDP as transport protocol
  • Client/Server Protocol ( Client request time from Server)
  • All NTP communication is in UTC (Universal Coordinated Time) or GMT ( Greenwich Mean Time) Format
  • NTP Startum is the value of the number of hops an NTP server is away from Root Servers, Stratum 1 value is the best value. 


In addition to above points, we can enable NTP authentication to avoid any malicious time hack on our account. We can enable NTP authentication on the client, to authenticate the NTP server prior to synchronizing with it. I think we have enough info about NTP and good to go for a small configuration example. Once again, we are using GNS3!

NTP server and Client configuration in GNS3:

In our simple NTP demonstration, we will configure two 2691 routers, one as a Server and the other as a Client. The server router is called the Master router, or in simple words, every router try to get in synch with the Master Router on the network for time keeping. Below mentioned topology is used:


R1: Master Router/NTP Server
R2: Client Router

R1: Fast Ethernet 0/0 ( 192.168.2.1/24) / R2: Fast Ethernet 0/0 ( 192.168.2.2/24)

Just imagine, we traveled via a time machine into the future, 2020, and the task is to configure our NTP servers J

As a starting step we set clock on Master router:



As the time is set, in the next step we designate our R1 as Master by issuing ntp master command:






To confirm , all the values set on our NTP Master router, use below command:











Okay, we are good to go. Now we will configure R2 as our NTP Cleint:













And after an instant, it got synchronized with its master:











We can also check ntp associations detail via:


























The above command, confirm that the originating time and the received time are totally in synchronization.
And the time can be confirmed via simple show clock command once the whole synchronization process is done:

Cient_NTP_Router#show clock detail
13:40:46.290 UTC Wed Jan 1 2020
Time source is NTP


From the above command, it can be seen that for R2, the Time source is NTP J

NTP Authentication:

NTP Authentication is one of the major requirements in production networks, as it avoids any unwanted changed to our routers and switched time clock. It's enabled on the client, to authenticate the server before accepting it as its Master. The configuration needed on the client to enable authentication are:

Cient_NTP_Router(config)#ntp authenticate
Cient_NTP_Router(config)#ntp authentication-key 1 md5 NTPDOMAIN
Cient_NTP_Router(config)#ntp trusted-key 1
Cient_NTP_Router(config)#ntp server 192.168.2.1 key 1


We only need to define the key and md5 hash value (NTPDOMAIN) on our server, which we have defined on our client:

Master_NTP_Router(config)#ntp authentication-key 1 md5 NTPDOMAIN

And that’s it!

NTP Peers: beside the Master router, we can enable other routers as NTP peers with the client routers. NTP peers create a bidirectional sort of NTP settings, in which Peer continuously updates each other time settings. In our above GNS3 topology, we have put another router, R3, as an NTP peer with R2:

































I think, i should stop now, or for the next few weeks, you will dream about NTP!! :) Enjoy.






Categories: , , , , icon
Pin It

Related Post:



2 comments:

  1. UnknownMarch 31, 2013 at 9:31 PM

    Wow, its certainly a wonderful artical.....

    ReplyDelete
    Replies
    1. UnknownApril 3, 2013 at 6:26 AM

      Thanks a lot Jawad, for you kind comments. Please keep me posted with your feedback regarding the articles.

      Delete

Copyright © My CISCO Journal . All rights reserved.