Wednesday, January 30, 2013

Configuring the System as an Authoritative NTP Server

 
Configuring the System as an Authoritative NTP Server
 
If you want your system to become an authoritative NTP server from which other internal routers or machines can synchronise, you can achieve this with the following command:
 
  • R1(config)# ntp master
 
The router now acts as an NTP server and is able to respond to internal clients NTP requests. Checking the 'ntp association' will reveal that the router is obtaining its time synchronisation from itself:
 
  • R1# show ntp associations
  • address ref clock st. when poll reach delay offset disp
  • *~127.127.1.1 LOCL. 7 4 16 377 0.000 0.000 0.253
  • ~195.97.91.220 131.188.3.221 2 64 64 1 0.000 -179.09 7937.5
  • * sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured
 
Troubleshooting and Monitoring NTP Status
 
Troubleshooting NTP messages and events is important when you are trying to verify everything is working correctly. You might notice that your Cisco router is not able to create a peer connection with a configured NTP server or your internal LAN clients might not be able to synchronise with your Cisco router; In any case, knowing how to troubleshoot NTPs is something every engineer must be aware of.
 
Thankfully Cisco provides a number of options that allow you to troubleshoot many aspects of your NTP service.
 
  • R1# debug ntp ?
  • adjust NTP clock adjustments
  • all NTP all debugging on
  • core NTP core messages
  • events NTP events
  • packet NTP packet debugging
  • refclock NTP refclock messages
 
The most useful debug commands are the 'debug ntp events', 'debug ntp adjust' and 'debug ntp core'. These three commands provide enough debugging to help you troubleshoot problems you might encounter.
 
Closing, if you would like more information on the ntp associations created by your router you can try the following command:
 
  • R1# show ntp associations detail
  • 195.97.91.220 configured, our_master, sane, valid, stratum 2
  • ref ID 131.188.3.221 , time CD94E194.58EA9A78 (02:32:36.347 Athens Sun Apr 19 2009)
  • our mode client, peer mode server, our poll intvl 64, peer poll intvl 64
  • root delay 0.05 msec, root disp 41.32, reach 377, sync dist 0.16
  • delay 0.00 msec, offset -292.8879 msec, dispersion 3.02
  • precision 2**20, version 4
  • org time CD94E561.D6FE7162 (02:48:49.839 Athens Sun Apr 19 2009)
  • rec time CD94E562.287A2A0D (02:48:50.158 Athens Sun Apr 19 2009)
  • xmt time CD94E562.22E5E145 (02:48:50.136 Athens Sun Apr 19 2009)
  • filtdelay = 0.02 0.02 0.02 0.02 0.02 0.02 0.02 0.02
  • filtoffset = -0.30 -0.30 -0.29 -0.28 -0.27 -0.27 -0.26 -0.25
  • filterror = 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
  • minpoll = 6, maxpoll = 10
 
The 'show ntp associations detail' command will provide much information on the association created with the NTP servers. This is most helpful when you see you are unable to create an association with an NTP server.
 
Article Summary
 
This article provided an insight to NTP configuration on Cisco routers. We analysed why the NTP service is important and how it can be used to keep every node in a network synchronised. We examined different methods of NTP synchronisation and provided a fairly in-depth analysis.
 
If you have found the article useful, we would really appreciate you sharing it with others by using the provided services on the top left corner of this article. Sharing our articles takes only a minute of your time and helps Firewall.cx reach more people through such services.
 

No comments:

Post a Comment