ntp

Unanswered Question
Jan 26th, 2009

Hi,

easy question i thing, but i`m not sure.

Witch command is used to define cisco router (SUPERVISOR 720) or ASA as NTP source for other devices in local network ?

Thanks.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Richard Burts Mon, 01/26/2009 - 05:56

Lubos

I think that perhaps we can most effectively answer your question by dividing it into several parts. I would suggest this answer:

- what makes the router or Sup able to function as an NTP source to other devices (NTP server)? (note that the ASA can learn NTP time but is not able to function as an NTP server) The router or Sup is able to function as NTP source if it believes that it knows authoritative time. It will believe that it knows authoritative time if it has learned time from some other NTP source (NTP server). Or it will believe that it knows authoritative time if you issue the command ntp master (and may also require use of the command clock set). It is preferable that the router or Sup learn time from an NTP server.

- what tells other devices to look to the router or Sup as the source of NTP time? Other devices can be configured with the command ntp server or with ntp peer . This will cause the device to send queries to the router or Sup for NTP time.

HTH

Rick

lubosbella Mon, 01/26/2009 - 06:06

Thank Rick,

so if i have this config on supervisor:

!

ntp clock-period 17180036

ntp source Vlan1

ntp master 2

ntp update-calendar

ntp peer 172.146.147.3 prefer

!

...peer 172.146.147.3 is a server in DMZ ...

It means that catalyst can be a source for other servers (hosts in vlan1)?

Thanks.

Richard Burts Mon, 01/26/2009 - 09:22

Lubos

Your config would allow the supervisor to be a source for NTP for servers/hosts in VLAN 1.

Since your config uses the ntp master command your supervisor will offer NTP time to other devices in the network. It is generally better practice to have the supervisor learn time from an NTP server (in which case you do not need the ntp master command). But as it is currently configured your supervisor will offer time to servers/hosts in VLAN 1.

Note that using the prefer keyword relates to situations where your device would be learning time, and prefer indicates which source it would prefer to learn from. Since your supervisor is configured as ntp master at stratum 2, it will not learn from its peer, unless the peer is also operating at stratum 2.

HTH

Rick

johnlloyd_13 Mon, 01/26/2009 - 06:07

first, you want to make sure your central router have correct clock and timezone configured and then do the following:

Router1(config)#ntp server --> the ip address could be a public hosted ntp server or a source (could be your internal server) with an atomic/very accurate clock.

Router1(config)#ntp master --> try to put 2 as the stratum number. stratum number just says how accurate the device clock is. stratum is 1 is the one which we first configured in ntp server

lastly, you associate your other devices to this master router by doing:

Router2(config)#ntp server

Mohamed Sobair Mon, 01/26/2009 - 09:38

Hello,

The (NTP Master) command will allow a device to be NTP source. But make sure it has the lowest NTP stratum number within your NTP Devices.

HTH

Mohamed

Actions

This Discussion