Configure NTP on Cisco

zero comment
Cisco Cisco Router Cisco Switch
Configure Cisco NTP

For demonstration purpose, let us consider the topology below to explain NTP configuration on Cisco router and switch. NTP runs on port UDP 123 (both source and destination port being UDP 123). NTP synchronization is basically incremental, that means, you will not see the time to sync to happen in the next second after NTP configuration. You need to wait for atleast 15 minutes.

NTP uses a concept called “stratum” that defines how many NTP hops away a device is from an authorative time source. For example, a device with stratum 1 is a very accurate device and might have an atomic clock attached to it. Another NTP server that is using this stratum 1 server to sync its own time would be a stratum 2 device because it’s one NTP hop further away from the source. When you configure multiple NTP servers, the client will prefer the NTP server with the lowest stratum value.

Source: networklessons.com

Configure Cisco NTP

In both the scenarios, you need to configure clock source for router that is acting as NTP master so that other NTP clients can sync time with master.

R1(config)# clock timezone GMT 3

R1(config)# clock set 18:05:20 12 July 2019

 

Scenario 1: NTP without Authentication

To configure R1 as NTP master, only single command is required on R1.

R1(config)# ntp master

 

To configure SW1 as NTP client, issue command pointing to NTP server

All in One WordPress Hosting
HostGator $2.75 per month
HostGator
24/7/365 Technical Support, Free Site Building Tools, 4500 Website Templates, Free Shopping Cart Software, Ideal for WordPress, 45 Day Money Back Guarantee
Go to the deal
Starts at 30$ per month
All in One WordPress Hosting
WordPress
High optimized WordPress hosting, secure firewall, HTTPS, Backup, hack-fix guarantee and many others at 30$ per month
Go to the deal

SW1(config)# ntp server 192.168.5.1

 

Scenario 2: NTP with Authentication

To configure R1 as NTP master

R1(config)# ntp master

R2(config)# ntp authentication-key 45 md5 itadminguide

R2(config)# ntp trusted-key 45

 

To configure SW1 as NTP client

SW1(config)# ntp authentication-key 45 md5 itadminguide

SW1(config)# ntp trusted-key 45

SW1(config)# ntp authenticate

I have seen some guys issue #ntp authenticate on NTP master devices. This is wrong. #ntp authenticate command must be issued on NTP client devices only.

 

Troubleshooting Commands

#show ntp statusGeneral NTP status on the Cisco device
#show ntp associationsSummary of all NTP association of Cisco device. If you notice 127.127.1.1 that means, Cisco device syncs with its own internal clock.
#show ntp associations detailDetailed information of Cisco device with all time sources associated.
#debug ntp packetIdentify if NTP traffic flows
#debug ntp authenticationDebug NTP association
#show clockView software clock
#show calendarView hardware clock
#ntp update-calendarUpdate the hardware clock with the time of the software clock
Cisco ntp

Administrator

Related Articles

OSI & TCP/IP Layer Model
Read More
Configure SNMPv3 on Cisco Switch
Read More
Difference Between SNMP V1, V2c and V3
Read More