09-04-2024 10:44 AM - edited 09-18-2024 07:38 PM
Network Time Protocol (NTP)
Introduction
NTP Modes
NTP Configuration for IPv4
NTP Versions
NTP Configuration for IPv6
Introduction
NTP Modes:
Cisco routers and switches can use three different NTP modes:
The symmetric active mode is used between NTP devices to synchronize with each other, it’s used as a backup mechanism when they are unable to reach the (external) NTP server.
NTP configuration for IPv4
This tells us that the time source is actual hardware calendar-local clock
We want all our devices to be synchronized together if we are able to going to correlate our logs correctly. We set manually clock if you would like to do that.
Obviously, manually setting clock is not best practice. We want to point this instead to an authoritative NTP Server.
Now, the server itself should pointed to an external authoritative NTP server as well. It’s usually a public NTP server like US NIST Internet Time Service or it is pointed to an internal NTP server. A Windows Server or Linux server running with NTP service.
These tell us that R2 has 10.0.0.1 configured as the NTP server and it’s currently not synchronized.
This debug tells us that R1 is sending NTP packets, and R2 is receiving anything.
Troubleshooting NTP
There are a couple of things that could go wrong with NTP:
Once you confirm that NTP packets are not received, you must:
For more information about Troubleshooting, Please follow the following cisco document:
https://www.cisco.com/c/en/us/support/docs/ip/network-time-protocol-ntp/108076-ntp-troubleshoot.html
Broadcast(ipv4) vs multicast(ipv6)
In broadcast mode, the NTP server sends synchronization information to all clients on the same subnet. In multicast mode, the NTP server sends data to a multicast group, and all devices in that group can access the data
NTP Versions
The current NTP version is 3. NTPv4 is an extension of NTPv3 that supports IPv4 and IPv6. It is backward compatible with NTPv3, offers some new features, and time synchronization is faster and more precise.
Security has improved, NTPv4 supports public key cryptography and standard X509 certificates.
When using NTP for IPv4, broadcast is a popular option as it allows you to send NTP packets in the broadcast domain to everyone. We can’t do this with IPv6, but NTPv4 does support site-local multicast.
DNS support is also improved. With NTPv3, if you configure a hostname to sync with, your device does a lookup for the hostname and stores the IP address in the configuration, the hostname is then lost. With NTPv4, the hostname is stored in the configuration.
NTP Configuration for IPv6
R1#clock set 05:35:00 3 Sep 2024
I will configure R1 as an NTP master so that I don’t need an external server:
R1(config)#ntp master 1
Clients
Let’s configure our clients. R2 will be an NTP unicast client and for R3 we will use multicast.
Unicast: We can configure the IPv6 address of R1 but instead, we’ll use a hostname to test if R2 stores the hostname in its configuration. I’ll create a manual host record for this:
R2(config)#ipv6 host R1 2001:DB8:0:12::1
Now we configure R1 as the NTP server. The version 4 parameter sets the correct version:
R2(config)#ntp server R1 version 4
Multicast: To make multicast work, we need to configure R1 to send NTP multicast packet and R3 to receive them.
R3(config)#ntp server 2001:db8:0:13::1 version 4
Thank you very much..!!
-------------------------------------------THE END ------------------------------------------------------
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: