Reviewed: No
- Accurate Time is essential for:
- Accurate logs for troubleshooting.
- Coordinating activities like authentication and logging across multiple devices.
- Syslog: Logging system events; helps correlate events in troubleshooting.
show logging: Displays the logs of the device
- Device Internal Clock:
- Can drift over time, resulting in inaccurate time.
show clockcommand displays the time.show clock detailshows the time source (internal hardware calendar by default).
- Set Time Manually:
clock set: Manually set the software clock of the device (done in privileged exec mode, not global config mode).
- Hardware Clock (Calendar) Configuration:
calender set: Manually set the internal hardware clock (calendar).clock update-calender: Sync hardware calendar to software clock.clock read-calender: Sync software clock to hardware calendar.
clock timezone: Set the time zone (configured in global config mode and part of running configuration).- Daylight Saving Time (DST) Configuration:
clock summer-time: Configure DST for automatic clock adjustment (e.g., forward in March, backward in November).
- NTP Purpose: Automatically synchronize the time between devices in a network.
- Why NTP: Manually setting time on multiple devices is inefficient and inaccurate due to clock drift.
- How NTP Works:
- NTP Servers: Provide accurate time (devices sync their time with NTP servers).
- Stratum Levels:
- Stratum 0: Atomic or GPS clocks (reference clocks).
- Stratum 1: NTP servers directly connected to stratum 0 clocks.
- Stratum 2+: Sync from stratum 1 and above (closer to stratum 0 means higher accuracy).
- NTP Port: UDP 123.
ntp server <ip>command: Configure NTP servers for the device to sync with (can specify multiple servers).show ntp associations: Displays the NTP servers configured and their status.- Asterisk (*): Indicates the server the device is syncing to (sys.peer).
- Plus sign (+): Indicates a candidate server.
show ntp status: Displays the status of NTP synchronization, including stratum level and reference clock.- Loopback Interface as NTP Source:
- Useful for redundancy and reliability in case a physical interface fails.
ntp source <loopback>: Specify the loopback interface for NTP messages.
- Server Mode: Device acts as an NTP server for other clients.
- Client Mode: Device synchronizes time from NTP servers.
- Symmetric Active Mode (NTP Peering): Devices at the same stratum level sync with each other and act as backups.
ntp master <stratum level>: Makes a device act as an NTP master server, even if it’s not synced to another NTP server.- Default stratum is 8 (can be specified with the command).
- 127.127.1.1: Loopback address used for the NTP master server.
- Purpose: Ensures NTP clients only sync with authenticated NTP servers.
ntp authenticate: Enable NTP authentication.ntp authentication-key <key-number> md5 <password>: Create an authentication key (MD5 hash).ntp trusted-key <key-number>: Mark a key as trusted.ntp server <ip> key <key-number>: Use authentication when syncing with an NTP server.
- NTP SERVER: Configures the device as an NTP client to sync with an NTP server.
- NTP PEER: Configures symmetric active mode (NTP peering).
- NTP MASTER: Configures the device to operate as an NTP server, even if it’s not syncing to an external server.
- NTP AUTHENTICATE: Enables NTP authentication for secure synchronization.
- Manually Configure Time:
clock set HH:MM:SS MONTH DAY YEARcalendar set HH:MM:SS MONTH DAY YEARclock update-calendarorclock read-calendar- **
clock summer-time <***name>* **recurring <***start> <end>* [*offset*]
- NTP Configuration:
ntp server <ip>(to sync with an NTP server)show ntp associationsshow ntp statusntp master [stratum level](to set the device as an NTP master)ntp peer <ip>(to enable symmetric active mode)
- NTP Authentication:
ntp authenticatentp authentication-key <key-number> md5 <password>ntp trusted-key <key-number>ntp server <ip> key <key-number>