Share this
It's About Time – The Importance of NTP for Networks
by PivIT Global on Sep 13, 2022 7:04:00 AM
There is no doubt that time is money, and time is of utmost importance when dealing with network devices. An incorrect time running on network devices almost always reflects negatively on the stability and overall network behavior. Many services used daily heavily depend on the correct time, and any deviation can lead to disastrous results inside enterprise networks, causing a potential decrease in a business's profits.
For instance, generating logs with incorrect timestamps would make troubleshooting almost impossible. An incorrect time could also cause digital certificates to expire prematurely, preventing many users not being able to authenticate themselves and get appropriate access to the network. Because of expiring authentication keys, many routing protocol links will partially fail and generate reachability issues inside the local network.
___________________
Can't get the hardware you need?
Here's what one recent customer had to say:
"That was the fastest delivery, once you had PO I had the equipment in my warehouse." -- Robert W.
Send PivIT a request or connect with our Team in real-time using our chat feature.
___________________
In this article, we provide an overview of the Network Time Protocol (NTP), the benefits, and walk through the configuration steps to deploy basic NTP functionality to avoid network time issues.
View some of our other configuration guides:
- What Is a GRE Tunnel and How Do You Configure One?
- Best Practices for Switch Stacking Configuration
- Your Ultimate NAT Configuration Guide for Cisco IOS – Pt. 1
NTP Overview
Applying the correct time on network devices can be accomplished in two ways, manually or automatically. The manual approach requires setting the clock on each device separately. This approach will not only lead to time gaps between the clocks of the network devices but also be time-consuming. That is why this method is heavily avoided and rarely used.
On the other side, the automatic approach synchronizes the time across network devices dynamically. NTP is a simple yet clever protocol that runs over UDP on the source and destination port 123. Its design makes it extremely efficient because no more than one packet per minute is necessary for two devices to stay synchronized within a millisecond.
Look at the image above to understand how NTP operates. The source of the correct time is an authoritative time source such as a radio, GPS clock, or an atomic clock to which a time server is attached. This NTP server then distributes the time to other NTP servers or clients configured to use that one as an NTP source.
For example, when your edge router synchronizes its time with some public NTP server on the internet, it becomes an NTP server by default, and all other internal devices use it as an NTP server.
NTP is a very clever protocol and always avoids synchronizing to an NTP source that is not synchronized itself. Also, when several NTP servers are configured, NTP always compares the reported times and never synchronizes to an NTP source whose time is significantly different from the time of the others, even if its stratum is lower.
NTP Stratum
NTP uses the concept of a stratum to describe how many hops the synchronizing device is from the configured NTP server. Only the atomic and radio clocks have a stratum of 0 because they are the real source of the time shared.
Every other NTP server has a stratum number from 1 to 15. The highest possible level is stratum 16 and identifies a device that does not have a synchronized time source.
The reason for using the stratum number is the preference, meaning the lower the stratum, the closer the NTP server is to the device, resulting in less delay and a better overall time source. You can easily find many free-of-charge public NTP servers on the internet with a pretty low stratum number.
However, suppose you want to use a top-notch time source and have additional security (authentication). In that case, you usually have to pay for those services.
NTP Modes
NTP can operate in four different modes. These modes are:
- Server: The device in server mode is responsible for providing time information to NTP clients.
- Client: This mode is responsible for synchronizing its time to the NTP server. In most cases, devices that do not need to provide time to other devices are configured as NTP clients. However, even in client mode, the device can provide time information to other devices when required.
- Peer (Symmetric): This mode is best suited for situations where a group of peers with low stratum operate as mutual backups to one another.
- Broadcast/Multicast: This is a special mode for an NTP server, where it pushes time information to many clients without needing to be configured to use a specific NTP server.
___________________
Before we continue, ask yourself a couple of questions:
Do I have the time to handle configurations?
Do I have the bandwidth to configure my devices?
If you answered "No" to these questions, let PivIT handle the NTP configuration on your network with EXTEND. Hire an engineer to take on these basic configurations and more. Click below to learn more about SmartHands.
___________________
Example NTP Configuration
The configuration for basic NTP functionality consists of only a few commands. We will use the topology in the image below as a use case for this configuration example.
Router R1 serves as an edge router for connecting to the internet, as the NTP client should synchronize its time with the public NTP server using the IP address 203.0.113.1. Then, R1 should be used as an NTP server for the internal switches A-SW and D-SW, which will operate as NTP clients.
Setup NTP
The following commands should be used on the network devices to accomplish the NTP requirement:
Receiving the time information from the NTP server does not mean that the device has the correct time. It is based on GMT 0 time zone, so you must define that parameter anytime you are in a different time zone. Additionally, you need to enable daylight saving time (DLS) if that is the case. The commands for time zone +3 and using DLS time would look like this:
Verifying NTP
After the NTP configuration is finished, you need to verify that NTP is working correctly. You can use the "show clock" command to verify the local time on the device after the synchronization. To verify that the device is successfully synchronized to the NTP server, you can use the "show ntp associations" and "show ntp status" commands:
Check out our Cisco article where we configure NTP on a Nexus 7000.
Require More Advanced NTP Features?
Now that you are familiar with NTP, you can easily implement this protocol in your network and protect against various problems that might arise from using an incorrect time on devices.
Although the above configuration is basic, advanced features can be implemented if your network environment requires it. Look out for future PivIT articles detailing these advanced features. Don't miss a single article, and subscribe to our newsletter.
Share this
- Configuration Guides (47)
- Cisco Routers (29)
- Switches (27)
- Network Security (23)
- Cisco Switches (21)
- Routing Protocols (21)
- Routers (20)
- Cisco (19)
- Product Comparisons (19)
- Firewall (18)
- Cisco Security (17)
- Cisco Technical Information (17)
- IT Hardware Solutions (17)
- Network Protocols (17)
- Wireless (17)
- Security (15)
- OneCall (13)
- Servers (12)
- cisco asa (12)
- Cisco Wireless (11)
- Router Protocols (11)
- Cisco Catalyst (9)
- Cisco UCS (9)
- Upgrading Network (9)
- Cisco Servers (8)
- Product Highlight (8)
- Access Control Lists (7)
- Fortinet (7)
- Server Comparisons (7)
- Access Points (6)
- Arista Networks (6)
- OSPF (6)
- Wireless APs (6)
- Cisco ASR (5)
- Cloud Solutions (5)
- HPE-Aruba Wireless (5)
- Juniper Mist (5)
- Network Management (5)
- SD-WAN (5)
- Storage (5)
- Switch Comparison (5)
- Back To Basics (4)
- Cybersecurity (4)
- EIGRP (4)
- Firewall Architecture (4)
- HSRP (4)
- Juniper Networks (4)
- Network Automation (4)
- Network Servers (4)
- OEM Comparison (4)
- Aruba Central (3)
- Cisco Telephony (3)
- DHCP (3)
- DHCP Snooping (3)
- Dell EMC PowerEdge (3)
- Internet (3)
- Maintenance (3)
- Maintenance Renewal (3)
- Network Accessories (3)
- TPM (3)
- Telephony (3)
- aruba (3)
- Cisco NX-OS (2)
- Cisco Nexus (2)
- Dell Servers (2)
- Fortinet NGFWs (2)
- IT Trends (2)
- LAN Networks (2)
- Network Time Protocol (2)
- Palo Alto NGFWs (2)
- Rapid PVST+ (2)
- Remote Configuration (2)
- Software Defined Networking (2)
- WLAN (2)
- Ways to Save (2)
- fortigate (2)
- Asset Management (1)
- CPU Usage (1)
- Cisco AIR-CT (1)
- Cisco Aironet (1)
- Cisco DNA (1)
- Cisco ISR (1)
- Cisco Supervisor Engines (1)
- Cisco UCS Manager (1)
- Cognitive Campus (1)
- Cost of Downtime (1)
- Dell EMC Data Domain (1)
- Edge Switches (1)
- Fabric Extenders (1)
- GRE Tunnel (1)
- HPE BL (1)
- Juniper SRX (1)
- Nexus Switches (1)
- Nutanix (1)
- Optics (1)
- PowerEdge R740xd (1)
- STP Extension (1)
- Sparing Integrity Program (1)
- Switched Virtual Interface (1)
- TCP (1)
- UCS Fabric Interconnects (1)
- hyperconverge (1)
- April 2024 (2)
- March 2024 (1)
- February 2024 (2)
- January 2024 (1)
- December 2023 (1)
- November 2023 (2)
- October 2023 (1)
- September 2023 (3)
- August 2023 (5)
- July 2023 (2)
- June 2023 (4)
- May 2023 (5)
- April 2023 (8)
- March 2023 (7)
- February 2023 (5)
- January 2023 (2)
- December 2022 (3)
- November 2022 (3)
- October 2022 (8)
- September 2022 (9)
- August 2022 (9)
- July 2022 (8)
- June 2022 (9)
- May 2022 (5)
- April 2022 (3)
- March 2022 (1)
- February 2022 (2)
- November 2021 (2)
- October 2021 (1)
- September 2021 (2)
- August 2021 (2)
- July 2021 (3)
- June 2021 (2)
- May 2021 (4)
- April 2021 (4)
- March 2021 (2)
- February 2021 (1)
- January 2021 (2)
- December 2020 (2)
- November 2020 (2)
- October 2020 (2)
- September 2020 (2)
- August 2020 (4)
- July 2020 (5)
- June 2020 (4)
- May 2020 (6)
- April 2020 (2)
- March 2020 (1)
- February 2020 (2)
- January 2020 (2)
- December 2019 (1)
- May 2019 (2)
- April 2019 (5)
- February 2019 (1)
- January 2019 (3)
- December 2018 (1)
No Comments Yet
Let us know what you think