Thanks Georg!

I need to know the configs for Core, Dist and Access nodes.

It'd be great if someone can share.

Hello,

below is a basic NTP configuration. You can add authentication, as well as peering between switches on the same level, for redundancy, if required:

Core

interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
ntp update-source loopback0
!
ntp server pool.ntp.org
ntp master 2

Distribution

interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
ntp update-source loopback0
ntp server 1.1.1.1

Access

interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
ntp update-source loopback0
ntp server 2.2.2.2

Obviously, make sure that your loopback IP addresses can be reached throughout the network.

Thanks for support Dear Georg!!

In fact, I don't have loopbacks configured on the Access Layer because the Access nodes are communicating via mgmt vlan through the default GW of an SVI residing on the distribution node. 

I'v loopbacks only on the Core & Dist boxes - not on the Access ones.

Any solution that can sync the time of Access and Dist whilst considering the Core as NTP server? 

Can I possibly use the loopback address of the Core as NTP source since it's reachable throughout the topology?

Kindly, let me know please

Hello Umer,

you don't need to use the loopback IP addresses as update sources. You can also use the IP addresses of the management interfaces. The NTP update source needs to be an IP address that is configured on the device itself. So for example:

Core

interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
ntp update-source loopback0
!
ntp server pool.ntp.org
ntp master 2

Distribution

interface Vlan1
ip address 192.168.1.1 255.255.255.0
!
ntp update-source Vlan1
ntp server 1.1.1.1

Access

interface Vlan1
ip address 192.168.1.2 255.255.255.0
!
ntp update-source Vlan1
ntp server 192.168.1.1

Hope that makes sense...

Dear Georg, thanks again for your prompt response.

Is there any possibility to use only 1.1.1.1 (loopback of Core) as the NTP source for all the devices in the network?

It's a new network block deployment in an existing premises. So we have our own Core, Dist and Access nodes.

Our core will be further connected to the client's corporate network which has dedicated NTP server running.

In short, within our block NTP server will be our Core and our Core will be synchronized the client's corporate NTP server appliance in an hierarchical order. 

Hello,

I don't know how your devices are physically connected, but yes, you can use the Loopback address 1.1.1.1 as the source for all devices (as long as 1.1.1.1 is reachable, obviously, from every device in the network).

Can you check if below will work if 1.1.1.1 is reachable throughout the network

Core

interface loopback0
ip address 1.1.1.1 255.255.255.255
!
ntp update-source loopback0
!
ntp server x.x.x.x // IP address of corporate NTP appliance 
ntp master 2

Distribution

interface loopback0
ip address 2.2.2.2 255.255.255.255
!
ntp update-source loopback0
ntp server 1.1.1.1

int vlan1 

ip add 192.168.1.1 255.255.255.0

Access

ntp update-source Vlan1

ntp server 1.1.1.1

interface Vlan1
ip address 192.168.1.2 255.255.255.0

ip default-gateway 192.168.1.1

Hi Georg, you're simply awesome Bro!

Thanks a lot for all your support.