Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NTP peering and and client...at the same time?

I've a customer who wants to peer some of our network devices so that in case of a loss of our authoritative NTP sources, they will remain synchronized with each other. These devices also act as NTP servers to every device downstream from them.

 

In essence, these peers will occupy all three states- server, client and peer. 

Is this possible? Does it even make sense to do so?

 

The Cisco NTP Best Practices white paper calls out 3 architectures- flat peer, hierarchy and star. It seems like my customer is asking for a merging of the first two.

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

Re: NTP peering and and client...at the same time?

Thanks for the additional information. The fact that this is a closed environment and has its own authoritative ntp server, so will not use the Internet is good to know. But it does not chage the important parts of my response. An IOS device will not serve ntp time to a client unless the IOS device has learned ntp time from an authoritative source or that device is configured as ntp master. So if your customer has IOS routers (or switches) configured with ntp server pointing to the authoritative ntp source and has ntp peer configured pointing to the other IOS routers but none of them have ntp master configured, then if all of the IOS routers lose their ntp sync with the authoritative source then they will all stop serving ntp time to clients. As long as at least one router still has ntp sync with the authoritative ntp source or one router has ntp master configured then all routers can serve ntp time to clients. But if none of the routers have ntp sync with the authoritative source and none have ntp master then all will stop serving ntp time to clients.

 

HTH

 

Rick

9 REPLIES
Hall of Fame Super Blue

Re: NTP peering and and client...at the same time?

I may be misreading the document you mention but isn't the first example exactly what your customer wants ie.  A0-R1, R2 and R3 are getting time off internet servers, peering with each other and acting as NTP servers for A1-R1, R2 and R3. 

 

Jon

New Member

Re: NTP peering and and client...at the same time?

I guess the diagram does imply that. I'm trying to set up a lab to try it out.

Hall of Fame Super Blue

Re: NTP peering and and client...at the same time?

Should work fine as far as I can see but be interested to hear if you have any problems etc. 

 

Jon

Hall of Fame Super Silver

Re: NTP peering and and client...at the same time?

The original post asks this question "these peers will occupy all three states- server, client and peer. 

Is this possible?"

Clearly the answer is that yes it is possible for a device to function in all 3 states.

 

I would add a comment that having the devices peer with each other is certainly possible. If one device loses its ntp sync with the authoritative Internet time source then this device would continue to learn ntp time from its peers and continue to offer time to clients who request time from this device. But this only works as long as at least one of the devices is learning time from the authoritative Internet time source. To really provide the service when all time servers have lost their ntp sync with the authoritative Internet time source, then at least one of the devices must be configure with ntp master (at a strata lower than the authoritattive server).

 

HTH

 

Rick

New Member

Re: NTP peering and and client...at the same time?

@Richard BurtsRick,

 

Yes, this helps and I mocked it up in our lab this morning and took it for a test drive.

 

You state: "To really provide the service when all time servers have lost their ntp sync with the authoritative Internet time source, then at least one of the devices must be configure with ntp master (at a strata lower than the authoritattive server)."

 

What my customer expects, is that the "peered" sites will drift together, if they lose contact with the NTP master device.

 

A little background: This is a (relatively) small, closed environment. We will have an authoritative time source, but we won't be using the internet. Our needs for precise timekeeping are modest. The theory goes, that if we lose our authoritative source for a period of time, it's not a big deal as long as the core devices are peered and drift together, as they serve the rest of the clients downstream.

 

 

Hall of Fame Super Silver

Re: NTP peering and and client...at the same time?

Thanks for the additional information. The fact that this is a closed environment and has its own authoritative ntp server, so will not use the Internet is good to know. But it does not chage the important parts of my response. An IOS device will not serve ntp time to a client unless the IOS device has learned ntp time from an authoritative source or that device is configured as ntp master. So if your customer has IOS routers (or switches) configured with ntp server pointing to the authoritative ntp source and has ntp peer configured pointing to the other IOS routers but none of them have ntp master configured, then if all of the IOS routers lose their ntp sync with the authoritative source then they will all stop serving ntp time to clients. As long as at least one router still has ntp sync with the authoritative ntp source or one router has ntp master configured then all routers can serve ntp time to clients. But if none of the routers have ntp sync with the authoritative source and none have ntp master then all will stop serving ntp time to clients.

 

HTH

 

Rick

New Member

Re: NTP peering and and client...at the same time?

This. Exactly this. 

 

My customer is under the impression that the peer group, with no connection to the authoritative source, and no NTP master connected, will contintue to serve time to downstream clients.

 

Major thanks for the assist.


Rich A.

Highlighted
Hall of Fame Super Silver

Re: NTP peering and and client...at the same time?

You are quite welcome. Based on your customer not having a requirement for high accuracy, their impression that the routers should continue to serve time to clients even when it has no ntp sync to an authoritative server and no ntp master is logical and might be true in some other time protocols. But ntp was designed to maintain a high degree of accuracy and faced with loss of ntp sync to the authoritative source and no ntp master then the IOS device in ntp will stop serving ntp time. Configuring at least one router with ntp master is quite simple and would make things work as they expect. I assume that the results when you set this up in the lab agree with my description.

 

HTH

 

Rick

Hall of Fame Super Blue

Re: NTP peering and and client...at the same time?

Apologies if I am pointing out something you have already understood but you can configure one of the peer group to be an NTP master just make sure, as Rick says, it is a higher stratum and then what your customer wants is exactly what will happen. 

 

Please ignore if I am stating the obvious. 

 

Jon

179
Views
0
Helpful
9
Replies
CreatePlease login to create content