Home > NTP Questions

NTP Questions

October 25th, 2018 Go to comments

Quick review of NTP

– NTP is designed to synchronize the time on a network. NTP runs over the User Datagram Protocol (UDP), using port 123 as both the source and destination.
– An Authoritative NTP Server can distribute time even when it is not synchronized to an existing time server. To configure a Cisco device as an Authoritative NTP Server, use the ntp master [stratum] command.
– To configure the local device to use a remote NTP clock source, use the command ntp server <IP address>. For example: Router(config)#ntp server 192.168.1.1
– The ntp authenticate command is used to enable the NTP authentication feature (NTP authentication is disabled by default).
– The ntp trusted-key command specifies one or more keys that a time source must provide in its NTP packets in order for the device to synchronize to it. This command provides protection against accidentally synchronizing the device to a time source that is not trusted.
– The ntp authentication-key defines the authentication keys. The device does not synchronize to a time source unless the source has one of these authentication keys and the key number is specified by the ntp trusted-key number command.
– Two most popular commands to display time sources statistics: show ntp status and show ntp associations

Question 1

Explanation

From a Cisco perspective, getting the clock from an Internet time source and/or from a local timing device both require the same command (ntp server). To have a specific network device consider itself as a reference clock source, another command is used (ntp master)

For example, the command

Router(config)#ntp server 192.168.1.1

configures the local device to use a remote NTP clock source from 192.168.1.1 while the command:

Router(config)#ntp master 1

configures the local device as a NTP reference clock source with stratum of 1.

Reference: http://www.pearsonitcertification.com/articles/article.aspx?p=2141272

Question 2

Explanation

An Authoritative NTP Server can distribute time even when it is not synchronized to an existing time server. To configure a Cisco device as an Authoritative NTP Server, use the ntp master [stratum] command.

Question 3

Question 4

Question 5

Explanation

An Authoritative NTP Server can distribute time even when it is not synchronized to an existing time server. To configure a Cisco device as an Authoritative NTP Server, use the ntp master [stratum] command.

Question 6

Explanation

Maybe the “current time sources” here mention about the status of the clock source. In the below output, the “show ntp associations” command reveals the IP address of the clock source (which is 209.65.200.226), the stratum (st) of this reference clock…

R1#show ntp associations
      address         ref clock     st  when  poll reach  delay  offset    disp
*~10.1.2.1         209.65.200.226    9   509    64  200    32.2   15.44  16000.
 * master (synced), # master (unsynced), + selected, - candidate, ~ configured

Below is the output of the “show ntp status” command. From this output we learn that R1 has a stratum of 10 and it is getting clock from 10.1.2.1.

R1#show ntp status
Clock is synchronized, stratum 10, reference is 10.1.2.1
nominal freq is 250.0000 Hz, actual freq is 249.9987 Hz, precision is 2**18
reference time is D5E492E9.98ACB4CF (13:00:25.596 CST Wed Sep 18 2013)
clock offset is 15.4356 msec, root delay is 52.17 msec
root dispersion is 67.61 msec, peer dispersion is 28.12 msec

For more information about these two commands, please read at: http://www.cisco.com/c/en/us/support/docs/ip/network-time-protocol-ntp/116161-trouble-ntp-00.html

In fact this question is unclear, but other answers are surely not correct.

Question 7

Explanation

+ The “ntp authenticate” command is used to enable the NTP authentication feature (NTP authentication is disabled by default).
+ The “ntp trusted-key” command specifies one or more keys that a time source must provide in its NTP packets in order for the device to synchronize to it. This command provides protection against accidentally synchronizing the device to a time source that is not trusted.
+ The “ntp authentication-key” defines the authentication keys. The device does not synchronize to a time source unless the source has one of these authentication keys and the key number is specified by the “ntp trusted-key number” command.

Question 8

Explanation

In the below output, the “show ntp associations” command reveals the IP address of the clock source (which is 209.65.200.226), the stratum (st) of this reference clock and if a router is synced with the configured time source (in this case R1 is synchronized with 10.1.2.1, presented by a “*”).

R1#show ntp associations
      address         ref clock     st  when  poll reach  delay  offset    disp
*~10.1.2.1         209.65.200.226    9   509    64  200    32.2   15.44  16000.
 * master (synced), # master (unsynced), + selected, - candidate, ~ configured
Comments (0) Comments
  1. No comments yet.
Add a Comment