Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
6932
Views
5
Helpful
3
Replies

NTP Client and Server - Same router?

Go to solution
fruition3000
Level 1
Level 1

‎06-04-2012 06:17 AM - edited ‎03-04-2019 04:33 PM

Is it possible to have an ISR authenticate with a secure NTP server and then relay that time by acting as a Stratum 1 NTP server?

1 person had this problem
Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Richard Burts
Hall of Fame
Hall of Fame

‎06-04-2012 11:27 AM

I am not sure that I fully understand your question or what you are trying to achieve. But here is what I know that I hope will answer your question.

It is quite possible to have an ISR authenticate with a secure NTP server and to learn time from that server. After the router has learned authoritative time from the server then the router can pass the time to other NTP clients who would request time from the ISR. So for that part of your question the answer is yes.

But when it learns time from a server the router will pass along time at one level lower than the server from which it learned time. For example if the router learns time from a stratum one server then the router will send out time as a stratum two source. Or if the router learned time from a stratum four server then the router would send time as a stratum five source. So for that part of your question the answer is no it can not send time as stratum one.

If this does not answer your question then please provide clarification of your issue.

HTH

Rick

HTH

Rick

View solution in original post

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to fruition3000

‎06-04-2012 12:48 PM

No other commands are needed to activate the router NTP service. In an IOS router when you enter the ntp server command, and when the router has successfully learned authoritative time then the NTP function is automatically activated.

The command ntp master is not needed unless you want the router to serve NTP time from its own clock. Since the router clock is pretty good but not highly accurate Cisco generally does not suggest using the ntp master command as part of a normal NTP configuration. If there is no other source of time (if the network is really isolated and has no external connectivity for example) then it would be advisable to use ntp master.

HTH

Rick

HTH

Rick

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Richard Burts
Hall of Fame
Hall of Fame

‎06-04-2012 11:27 AM

I am not sure that I fully understand your question or what you are trying to achieve. But here is what I know that I hope will answer your question.

It is quite possible to have an ISR authenticate with a secure NTP server and to learn time from that server. After the router has learned authoritative time from the server then the router can pass the time to other NTP clients who would request time from the ISR. So for that part of your question the answer is yes.

But when it learns time from a server the router will pass along time at one level lower than the server from which it learned time. For example if the router learns time from a stratum one server then the router will send out time as a stratum two source. Or if the router learned time from a stratum four server then the router would send time as a stratum five source. So for that part of your question the answer is no it can not send time as stratum one.

If this does not answer your question then please provide clarification of your issue.

HTH

Rick

HTH

Rick

Go to solution
fruition3000
Level 1
Level 1
In response to Richard Burts

‎06-04-2012 11:56 AM

Ok the stratum issue is fine.  So are there any commands needed to activate the router's NTP service?  Usually I would do NTP server x.x.x.x for an external source and NTP master if I wanted the router to act as an NTP server.  I wasn't sure if one mode negated the other.

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to fruition3000

‎06-04-2012 12:48 PM

No other commands are needed to activate the router NTP service. In an IOS router when you enter the ntp server command, and when the router has successfully learned authoritative time then the NTP function is automatically activated.

The command ntp master is not needed unless you want the router to serve NTP time from its own clock. Since the router clock is pretty good but not highly accurate Cisco generally does not suggest using the ntp master command as part of a normal NTP configuration. If there is no other source of time (if the network is really isolated and has no external connectivity for example) then it would be advisable to use ntp master.

HTH

Rick

HTH

Rick
0 Helpful
Top