In this example I'm going to configure Cisco router to by NTP server and the source for his time will be local configured time, best practice is to use more then one NTP server and use GPS Network Time Server (hardware or software)
R1#show clock
*00:06:25.899 UTC Fri Mar 1 2002
R1#clock set 21:51:50 22 july 2013
- Use clock set command
As Juniper routers support MD5 for NTP authentication I created authentication key 10 on NTP server, that key will be used later on for NTP authentication in Juniper configuration.
R1(config)#ntp authentication-key 10 md5 ntptest
- Authentication key for trusted time sources
This will set Cisco router to act as NTP server an the stratum is 1, because R1 is the source for time synchronization on the network.
Later you will see that Juniper has value stratum 2 or one hop away from the source.
R1(config)#ntp master 1
- Act as NTP master clock
R1#show ntp associations
address ref clock st when poll reach delay offset disp
*~127.127.7.1 .LOCL. 0 20 64 377 0.0 0.00 0.0
* master (synced), # master (unsynced), + selected, - candidate, ~ configured
R1#show ntp status
Clock is synchronized, stratum 1, reference is .LOCL.
nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**18
reference time is D5983081.CDCBB388 (22:28:17.803 UTC Mon Jul 22 2013)
clock offset is 0.0000 msec, root delay is 0.00 msec
root dispersion is 0.02 msec, peer dispersion is 0.02 msec
JunOS configuration
darko@juniper_test> show ntp associations
localhost: timed out, nothing received
***Request timed out
- You can see that request timed out, there in non configuration on Juno router to send request to NTP server.
[edit system]
darko@juniper_test# set ntp boot-server 192.168.10.3 trusted-key 10
- This will configuration set time from NTP server during boot up process.
[edit system ntp]
darko@juniper_test# set authentication-key 10 type md5 value ntptest
- Enable router to receive and respond to server authentication, key is 10 and the MD5 value is the same as on Cisco router R1 "ntptest" (with out quotes)
[edit system ntp]
darko@juniper_test# set server 192.168.10.3 prefer key 10
- Set the ip address of server and use key 10 for authentication, this is required if you have more then one NTP server with different authentication key.
darko@juniper_test# run show ntp associations
remote refid st t when poll reach delay offset jitter
==============================================================================
192.168.10.3 .STEP. 16 - 70 64 0 0.000 0.000 4000.00
darko@juniper_test> show ntp status
status=0664 leap_none, sync_ntp, 6 events, event_peer/strat_chg,
version="ntpd 4.2.0-a Sat Mar 24 07:52:24 UTC 2012 (1)",
processor="i386", system="JUNOS12.1R1.9", leap=00, stratum=2,
precision=-21, rootdelay=37.226, rootdispersion=472.097, peer=19116,
refid=192.168.10.3,
reftime=d598305a.ffaeec0c Mon, Jul 22 2013 22:27:38.998, poll=6,
clock=d598307a.b6309284 Mon, Jul 22 2013 22:28:10.711, state=4,
offset=19.944, frequency=-253.046, jitter=14.081, stability=0.018
Captured packets related to NTP communication between R1 and juniper_test router.
No comments:
Post a Comment