- Network time protocol (NTP)
- Simplified NTP (SNTP)
Network time protocol (NTP)
- server selection:
- best stratum
- configured > bcast/mcast
- server, whose message is received first
- modes
- peer
- full access
- the only mode that can become synchronized
- serve
- reply to NTP requests and Control queries, drop NTP updates
- serve-only
- reply to NTP requests only
- query-only
- reply to Control queries only
- ACL search: peer → serve → serve-only → query-only
- bcast/mcast mode has lower precision
- client authenticates server, server does not authenticate client
- synchronization with stratum 15 is impossible
- orphan mode: if server is lost, assume session being up – preserves sync with peer
- version 4:
- IPv6 support
- hierarchy auto-build using mcast
- X.509 support
; enabled authentication, does not enforce it, NTP server config
(config)# ntp authentication
(config)# ntp authentication-key <N> md5 <TEXT>
; permit to use key N
(config)# ntp trusted-key <N>
; prefer does not have priority over stratum
(config)# ntp server <IP> key <N> [prefer] [version 3|4]
; for master NTP ACL must permit 127.127.7.1, if deny is hit, other modes are not searched
(config)# ntp access-group peer|serve|serve-only|query-only <ACL>
; update hardware clock using NTP
(config)# ntp update-calender
(config)# ntp orphan <STRATUM>
; becaome NTP server
(config)# ntp master <STRATUM>
(config)# clock timezone <TIMEZONE> <OFFSET>
(config)# clock summer-time <NAME> date ...
(config)# clock summer-time <NAME> recurring ...
; HW clock – authoritative source
(config)# clock calendar-valid
; server
(config-if)# ntp broadcast|multicast ...
; client
(config-if)# ntp broadcast|multicast client
; HW clock, not reset across reboot
# calendar set <TIME>
# show ntp association detail
# show ntp status
# debug ntp packet
# debug ntp validity
Simplified NTP (SNTP)
- client only, cannot function as server
- less precise result
- ntp commands → sntp commands
- incompatible with NTP on same device: uses same port
Networking and IT 