Network Time Protocol (NTP) setup and configuration

Introduction

Based on the previous NTP and Linux post, this will cover setting up any Cisco device to be a time server of your network.

Setup

Setting up the timezone of your area:

router1(config)#clock timezone AST 3 0

I am living in a UTC +3:00 zone thus my config reflects it, if you are living in UTC 0:00 use:

router1(config)#no clock timezone

more timezone setup is available at this Cisco page.

router1(config)#clock calendar-valid

configures the device as an authoritative time source for a network based on its hardware clock.

router1(config)#ntp master

configures the Cisco IOS software as a master clock (at default stratum 7) to which peers synchronize themselves when an external source is not available. Here, when the device cannot sync to an external NTP (no Internet connection as an example), it will rely on its internal clock (again at the default stratum number 7) to satisfy any request.

router1(config)#ntp update-calendar

periodically updates the hardware clock (calendar) from the configured time source(s).
Now, setup time source(s):

router1(config)#ntp server ip-address or hostname

if you use hostname in this command, IOS will resolve it to an IP address and then save it. Use as many as you need (I am using 3 sources).

A Working NTP

Leave the device working for around 10 minutes and then issue:

router1#sh ntp a

an output such as:

  address         ref clock       st   when   poll reach  delay  offset   disp
 ~127.127.1.1     .LOCL.           7     12     16   377  0.000   0.000  0.250
*~xxx.xxx.xxx.xxx .MSF.            1    434   1024   377 165.60  -6.331 14.827
+~yyy.yyy.yyy.yyy .PTB.            1    695   1024   377 170.05   7.694 14.834
+~zzz.zzz.zzz.zzz aaa.aaa.aaa.aaa  2    184   1024   377 173.38  -0.953 14.815
 * sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured

and:

router1#sh ntp s
Clock is synchronized, stratum 2, reference is xxx.xxx.xxx.xxx
nominal freq is 250.0000 Hz, actual freq is 249.9943 Hz, precision is 2**24
reference time is D6DC17CD.061F0269 (17:57:17.023 AST Tue Mar 25 2014)
clock offset is -6.3312 msec, root delay is 165.60 msec
root dispersion is 42.01 msec, peer dispersion is 14.82 msec
loopfilter state is 'CTRL' (Normal Controlled Loop), drift is 0.000022822 s/s
system poll interval is 1024, last update was 692 sec ago.

Finally

Setup all your internal devices to use this Cisco node as their master NTP clock.

Network Time Protocol (NTP) server setup and configuration

The Protocol

Network Time protocol (NTP) is a Transport Layer (4) protocol used to synchronize time across networked devices to have consistent and unified time. It uses UDP port 123, and resists the effect of variable latency of packet-switched networks. Time sync is done using UTC (no time zone or daylight saving is provided) and each device adds its time zone and daylight saving (if different) to it.

NTP and SNTP

Simple Network Time Protocol (SNTP) is a less complex time sync protocol. Basically, this protocol (SNTP) does not store information about previous communication, nor it require high accuracy timing.

NTP Servers

NTP is a hierarchical system in terms of servers or clock sources. A stratum(level) determines it distance from the real clock source (GPS, atomic, etc…). Stratum 0 is the clock source itself, while stratum 1 is the directly connected NTP server to stratum 0. Stratum 2 servers are directly querying time from stratum 1 servers and so forth.

Linux NTPd Service

Linux has a native support for NTP. To enable it, just make sure NTP package is installed (RH, CentOS, and others) or check for /etc/ntp.conf file. Shut down NTPd service first (if it is running) by typing (for RH, CentOS):

# /etc/init.d/ntpd stop

Then edit the /etc/ntp.conf file adding/replacing these lines to it (based on where are you located):

server 0.de.pool.ntp.org
server 1.de.pool.ntp.org
server 2.de.pool.ntp.org

You can substitute your 2-letter ISO country’s name (de, uk, fr, etc…). Please refer to http://www.pool.ntp.org/ for list of available servers in your area.
Before starting NTPd service execute the following:

# ntpdate 0.de.pool.ntp.org

to sync the time initially and make the time difference minimal, then, alter the run level of the service to 345:

# chkconfig --level 345 ntpd on

Start the service:

# /etc/init.d/ntpd start

Leave it for 1 hour and then issue this command:

# ntpq -p

and the result should be similar to this:
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
+skywiley.com    173.14.47.149    2 u  851 1024  377  346.070    8.366 118.239
-mirror          128.105.39.11    3 u  763 1024  377  266.614   -9.626   3.613
+ntp2.csl.tjhsst 192.5.41.40      2 u  203 1024  377  266.569   -2.793   0.430
*barium.vps.bitf 193.190.230.66   2 u  869 1024  377  189.283   -2.613   0.287