Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Synchronizing and Coordinating Time Distribution Using NTP

Using NTP to synchronize and coordinate time distribution in a large network involves these tasks:

Configuring NTP

  • To configure NTP on the switch, include the ntp statement at the [edit system] hierarchy level:

Configuring the NTP Boot Server

When you boot the switch, it issues an ntpdate request, which polls a network server to determine the local date and time. You need to configure a server that the switch uses to determine the time when the switch boots. Otherwise, NTP will not be able to synchronize to a time server if the server’s time appears to be very far off of the local switch’s time.

  • To configure the NTP boot server, include the boot-server statement at the [edit system ntp] hierarchy level:

  • Junos OS Release 15.1 onwards, to configure the NTP boot server, include the set ntp server statement at the [edit system ntp] hierarchy level:

Specify either the IP address or the hostname of the network server.

Specifying a Source Address for an NTP Server

For IP version 4 (IPv4), you can specify that if the NTP server configured at the [edit system ntp] hierarchy level is contacted on one of the loopback interface addresses, the reply always uses a specific source address. This is useful for controlling which source address NTP uses to access your network when it is either responding to or sending an NTP client request from your network.

When configuring the NTP service in the management VRF (mgmt_junos), you must configure at least one IP address on a physical or logical interface within the default routing instance and ensure that this interface is up in order for the NTP service to work with the mgmt_junos VRF.

To configure the specific source address that the reply will always use, and the source address that requests initiated by NTP server will use, include the source-address statement at the [edit system ntp] hierarchy level:

source-address is a valid IP address configured on one of the switch interfaces.

Note:

If a firewall filter is applied on the loopback interface, ensure that the source address specified for the NTP server at the [edit system ntp] hierarchy level is explicitly included as one of the match criteria in the firewall filter. This enables the Junos OS to accept traffic on the loopback interface from the specified source address.

The following example shows a firewall filter with the source address 10.0.10.100 specified in the from statement included at the [edit firewall filter firewall-filter-name] hierarchy:

If no source address is configured for the NTP server, include the primary address of the loopback interface in the firewall filter.