Configure and verify NTP as a client

Exam: Cisco 200-120 - Interconnecting Cisco Networking Devices: Accelerated (CCNAX)

One of the important topic under the section IP services is “Configure and verify NTP as a client”. In this chapter we will discuss the same in more details. We hope that this will help you to understand the topic better. NTP stands Network Time Protocol. The NTP can be applied on Cisco NX-OS devices. The NTP is something that synchronizes the time of day among a set of servers and clients. The NTP will always use the UDP (User datagram protocol) for transport within the protocol. The NTP communications use coordinated universal time (UTC). The NTP server will receive time from a recognised time source. These sources of time are a radio clock or an atomic clock that is generally attached to a time server. This source distributes the time across the network. The NTP very efficient this can be proved from the fact that only one packet per minute is required to ensure that the two machines synchronize in less than a millisecond. A stratum is usually used to describe the distance between the time source and the network device. The time kept in a device is a very important resource and this must be maintained accurately. Even a little mistake can lead to setting a wrong time.

NTP can be distributed using the CFS (Cisco Fabric Services). This CFS allows distributing local NTP configuration to all Cisco devices that are working in the same network. After the CFS is enabled on a device a network lock is applied to the NTP when the NTP configuration is started. Once the NTP configuration changes have happened you can discard or you can commit them. For both these to situations to happen the CFS lock must be released for the NTP application.

The clocks are the resources that need to be shared across different VDC (virtual device context) and processes. NTP and PTP (precision time protocol) are generally running at the same time. There may be a situation when same protocol is running in different VDC. Once the protocol and the VDC are given the system clock will start updating. The stateless restarts are always supported by the NTP. After a reboot the running configuration is applied. If the NTP server fails you can configure a NTP peer.

Unless you specify the VDC you will be placed in the default VDC. One NTP is supported for the whole platform in Cisco NX – OS release that are prior to 5.2. The Cisco NX- OS release after 5.2 allows multiple instances of NTP to run. Only one VDC will synchronize the system clock at a given time. The command that is used to synchronize the system clock is clock protocol ntpvdcvdc – id. The NTP recognizes VRF (virtual routing and forwarding). The NTP will automatically choose a default VRF if the VRF is not specified.

One point that must be mentioned here is that NTP do not need a licence. To configure a NTP you must keep the following points in mind:

  1. Configure the advanced services license in order to configure the VDC.
  2. For configuring the NTP one must have connectivity to one server in a running NTP.

Some of the limitations of the NTP are as follows:

  1. One peer association with another device is required for the NTP to work properly.
  2. The NTP server is supported in the Cisco NX-OS release 5.2 only.
  3. If only one server is used then all the devices must be configured as clients to the server.
  4. Up to 64 NTP can be configured in servers and peers.
  5. If the CFS is disabled then the NTP will not distribute any configuration.
  6. If the CFS is used to distribute NTP then all the devices in the network must have the same VRF.
  7. One must manually distribute the NTP across the devices and among the Cisco NX-OS devices.

As we have already mentioned the NTP is enabled in all the VDC by default. To change the VDC one can use the switchtovdc command. This must be done to ensure that you are in the correct VDC. You must also know the IP address and the DNS names of the NTP servers that you are using. The steps that you need to take for configuring the NTP are:

  1. Use the command config t to place the server in global configuration mode.
  2. As a second step you can manually enable or disable the NTP in a given VDC.
  3. The command show ntp status is optional. It can be used to display the status of the NTP application.
  4. The command copy running – configstartupconfig is another optional command or step. This allows saving the changes by rebooting and restarting the systems.

The device can be configured to act as a NTP server. We will now discuss how the NTP server and its peers can be configured. The steps are as follows:

  1. Use the config t command to get the global configuration mode.
  2. As the second step you can use the key as keyword to configure a key as you communicate with the NTP server. The key id can range from 1 to 65535. The maxpoll and the minpoll are keywords that are used to configure the intervals between peers. The prefer keyword is used to set the preferred NTP server. The use vrf is another keyword that is used to configure the NTP server with the specific vrf.
  3. In step three you must ensure that association is formed between the peers.
  4. Using the show ntp peers command you can be used to display the servers and peers that have been configured.

Using the ntp trusted-key command can be used to configure the device to an authenticate time source. The NTP authentication is disabled by default so you must configure the authentication. The steps to be followed are:

  1. Get into the global configuration mode.
  2. Define the authentication keys.
  3. Display the configured authentication keys.
  4. You must specify the keys that the time source must provide.
  5. Display the NTP trusted keys that were configured.
  6. You can enable or disable the NTP authentication feature as required using the show ntp authentication status.

This is all that you must know under the section “Configure and verify NTP as a client”. Spend some good time on this chapter so that you can prepare better for the CCNA exam.

Related IT Guides

  1. Configure and verify trunking on Cisco switches
  2. Describe the operation and necessity of using private and public IP addresses for IPv4 addressing
  3. Determine the technology and media access control method for Ethernet networks
  4. Identify basic switching concepts and the operation of Cisco switches
  5. Recognize High availability (FHRP)
  6. Shutdown unused ports
  7. Troubleshoot and resolve interVLAN routing problems
  8. Troubleshoot and resolve routing issues
  9. Troubleshoot and resolve spanning tree operation issues
  10. Troubleshoot and resolve trunking problems on Cisco switches
  11. Troubleshoot and resolve VLAN problems