NTP Configuration Tasks

By default, the system is an NTP client. You must configure NTP client parameters to start NTP client operation. You can also configure the system as an NTP server, whether or not you configure NTP client parameters.

Enabling NTP Services

Before you can configure NTP client parameters or enable a virtual router to act as an NTP server, you must enable NTP services. When you enable NTP services, the NTP client associates itself with the current virtual router. Because there is only one system clock to update, only the virtual router on which you configure NTP can act as the NTP client. However, any virtual router can act as an NTP server. To enable NTP services:

  1. (Optional) Access the virtual router with which you want to associate NTP services.
  2. Issue the ntp enable command.

ntp enable

NTP Client Configuration

To configure the system as an NTP client:

  1. Ping the selected NTP servers to ensure that the system can reach them.
  2. Configure the system to acquire NTP data by completing one or both of the following actions:
    • Assign the NTP servers.
    • Enable the system to receive broadcasts on an interface.
  3. If you enable the system to receive broadcasts on an interface, set the estimated round-trip delay between the system and an NTP broadcast server.
  4. Disable NTP on interfaces that you do not want to receive NTP communications for security or other reasons.

ntp broadcast-client

ntp broadcast-delay

ntp disable

ntp server

ping

Directing Responses from NTP Servers

By default, an NTP server sends a response to the interface from which an NTP request originated. You can now direct responses from all NTP servers to one interface on the system or direct responses from a specific NTP server to a specific interface.

ntp source

Refusing Broadcasts from NTP Servers

You can prevent the system from receiving certain types of broadcasts and specify the servers from which the system will accept NTP broadcasts. To do so:

  1. Issue the ntp access-group command.
  2. Configure an access list.

access-list

ntp access-group

Note: The system can accept, but does not use, NTP control queries.

NTP Server Configuration

To enable a virtual router to act as an NTP server:

  1. Access the virtual router context.
  2. Specify that the virtual router acts as an NTP server.

    Caution: Be sure that you do not override a valid time source if you specify the stratum of the NTP server. Issuing the ntp master command on multiple systems in the network might lead to unreliable timestamps if those systems do not agree on the time.

  3. (Optional) Specify the stratum of this NTP server.

ntp broadcast

ntp master

ntp server enable

Configuration Examples

The following examples show how to configure the system as an NTP client and an NTP server.

Example 1

NTP communications are established on the virtual router boston. The system is a client of the NTP server with IP address 172.16.5.1.

host1#virtual-router boston host1:boston#ping 172.16.5.1 Sending 5 ICMP echoes to 172.16.5.1, timeout = 2 sec......Success rate = 100% (0/5), round-trip min/avg/max = 0/0/0 mshost1:boston#configure terminal host1:boston(config)#ntp server 172.16.5.1 host1:boston(config)#ntp enable

Example 2

NTP communications are established on the virtual router boston. The system is specified as an NTP server.

host1#virtual-router boston host1:boston#configure terminal host1:boston(config)#ntp server

Example 3

NTP communications are established on the virtual router boston. The router is specified as an NTP broadcast server and synchronizes with NTP server 172.16.5.1. The specified interface enabled for NTP broadcasting is configured with version 4 and poll interval 5 for broadcasting NTP messages.

host1#virtual-router boston host1:boston#configure terminal host1:boston#ntp enable host1:boston(config)#ntp server 172.16.5.1 host1:boston(config)#interface fastethernet 9/3 host1:boston(config-if)#ntp broadcast 4 5

Note: In Example 3, the router that acts as the NTP broadcast server must either synchronize to another server or master (specified by the ntp server command) or act as master (ntp master command).