ntp server

To allow for software clock synchronization by the NTP server for the system, use the ntp server command in Configuration mode. Allows up to three servers each with a key in a separate line. The key is an optional parameter but the key is required for NTP authentication. The Cisco CDA always requires a valid and reachable NTP server.

Although key is an optional parameter, it must be configured if you need to authenticate an NTP server.

To disable this capability, use the no form of this command only when you want to remove an NTP server and add another one.

ntp server {ip-address | hostname} key <peer key number>

Syntax Description

ntp

The command to specify NTP configuration.

server

Allows the system to synchronize with a specified server.

ip-address | hostname

IP address or hostname of the server providing the clock synchronization. Arguments are limited to 255 alphanumeric characters.

key

(Optional) Peer key number. Supports up to 65535 numeric characters. This key needs to be defined with a key value, by using the ntp authentication-key command, and also needs to be added as a trusted-key by using the ntp trusted-key command. For authentication to work, the key and the key value should be the same as that which is defined on the actual NTP server.

Defaults

No servers are configured by default.

Command Modes

Configuration.

Usage Guidelines

Use this ntp server command with a trusted key if you want to allow the system to synchronize with a specified server.

The key is optional, but it is required for NTP authentication. Define this key in the ntp authentication-key command first and add this key to the ntp trusted-key command before you can add it to the ntp server command.

The show ntp command displays the status of synchronization. If none of the configured NTP servers are reachable or not authenticated (if NTP authentication is configured), then this command displays synchronization to local with the least stratum. If an NTP server is not reachable or is not properly authenticated, then its reach as per this command statistics will be 0.

To define an NTP server configuration and authentication in the Cisco CDA admin user interface, see the System Time and NTP Server Settings section in the Cisco Identity Services Engine User Guide, Release 1.1.1.

Note This command gives conflicting information during the synchronization process. The synchronization process can take up to 20 minutes to complete.

Examples

Example 1

/admin(config)# ntp server ntp.esl.cisco.com key 1

% WARNING: Key 1 needs to be defined as a ntp trusted-key.

/admin(config)#

/admin(config)# ntp trusted-key 1

% WARNING: Key 1 needs to be defined as a ntp authentication-key.

/admin(config)#

/admin(config)# ntp authentication-key 1 md5 plain SharedWithServe

/admin(config)#

 

/admin(config)# ntp server ntp.esl.cisco.com 1

/admin(config)# ntp server 171.68.10.80 2

/admin(config)# ntp server 171.68.10.150 3

/admin(config)#

/admin(config)# do show running-config

Generating configuration...

!

hostname cda

!

ip domain-name cisco.com

!

interface GigabitEthernet 0

ip address 172.21.79.246 255.255.255.0

ipv6 address autoconfig

!

ip name-server 171.70.168.183

!

ip default-gateway 172.21.79.1

!

clock timezone UTC

!

ntp authentication-key 1 md5 hash ee18afc7608ac7ecdbeefc5351ad118bc9ce1ef3

ntp authentication-key 2 md5 hash f1ef7b05c0d1cd4c18c8b70e8c76f37f33c33b59

ntp authentication-key 3 md5 hash ee18afc7608ac7ec2d7ac6d09226111dce07da37

ntp trusted-key 1

ntp trusted-key 2

ntp trusted-key 3

ntp authenticate

ntp server ntp.esl.cisco.com key 1

ntp server 171.68.10.80 key 2

ntp server 171.68.10.150 key 3

!

--More--

/admin# show ntp

Primary NTP : cd-acs-ntp.cisco.com

 

synchronised to local net at stratum 11

time correct to within 448 ms

polling server every 64 s

 

remote refid st t when poll reach delay offset jitter

==============================================================================

*127.127.1.0 .LOCL. 10 l 46 64 37 0.000 0.000 0.001

171.68.10.80 .RMOT. 16 u 46 64 0 0.000 0.000 0.000

171.68.10.150 .INIT. 16 u 47 64 0 0.000 0.000 0.000

 

Warning: Output results may conflict during periods of changing synchronization.

 

/admin#

Related Commands

Command

Description

ntp

The command to specify NTP configuration.

ntp authenticate

Enables authentication of all time sources.

ntp authentication-key

Configures authentication keys for trusted time sources.

ntp trusted-key

Specifies key numbers for trusted time sources that needs to be defined as NTP authentication keys.

show ntp

Displays the status information about the NTP associations.