PG1X WIKI

My Knowledge Base

User Tools

Site Tools


tech:network:cisco:ntp:ntp

This is an old revision of the document!


NTP

Topology

Physical Lab.

Initial config

/etc/chrony/chrony.conf
pool ntp.nict.jp iburst
pool ntp.jst.mfeed.ad.jp iburst
 
allow 192.168.10.0/24
allow 172.16.0.0/12
  • R2
en
conf t
!
! ip configuration
int f0/1
ip addr dhcp
no shut
exit
int f0/0
ip addr 172.16.2.2 255.255.255.0
no shut
exit
!
ip name-server 8.8.8.8 8.8.4.4 1.1.1.1
!
end
R2#
*May 29 23:57:41.935: %SYS-5-CONFIG_I: Configured from console by console
R2#
*May 29 23:57:44.791: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
*May 29 23:57:44.915: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
R2#sh ip ro
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

      172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C        172.16.2.0/24 is directly connected, FastEthernet0/0
L        172.16.2.2/32 is directly connected, FastEthernet0/0
R2#sh ip int bri
Interface                  IP-Address      OK? Method Status                Protocol
FastEthernet0/0            172.16.2.2      YES manual up                    up
FastEthernet0/1            unassigned      YES DHCP   up                    up
Serial0/0/0                unassigned      YES NVRAM  administratively down down
R2#
*May 29 23:58:21.511: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0/1 assigned DHCP address 192.168.10.23, mask 255.255.255.0, hostname R2

R2#sh ip int bri
Interface                  IP-Address      OK? Method Status                Protocol
FastEthernet0/0            172.16.2.2      YES manual up                    up
FastEthernet0/1            192.168.10.23   YES DHCP   up                    up
Serial0/0/0                unassigned      YES NVRAM  administratively down down
R2#sh ip ro
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is 192.168.10.1 to network 0.0.0.0

S*    0.0.0.0/0 [254/0] via 192.168.10.1
      172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C        172.16.2.0/24 is directly connected, FastEthernet0/0
L        172.16.2.2/32 is directly connected, FastEthernet0/0
      192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.10.0/24 is directly connected, FastEthernet0/1
L        192.168.10.23/32 is directly connected, FastEthernet0/1
R2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R2(config)#ip name-server 8.8.8.8 8.8.4.4 1.1.1.1
R2(config)#^Z
R2#
*May 29 23:59:42.023: %SYS-5-CONFIG_I: Configured from console by console
R2#ping 8.8.8.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/10/12 ms
R2#ping www.google.co.jp
Translating "www.google.co.jp"...domain server (203.138.71.154) [OK]

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.217.161.195, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/17/20 ms
✘╹◡╹✘  18-05-30 9:04:34 /home/wnoguchi
% ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether f4:30:b9:3c:99:56 brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.21/24 brd 192.168.10.255 scope global dynamic enp3s0
       valid_lft 174600sec preferred_lft 174600sec
    inet6 fe80::de50:dd15:552c:9161/64 scope link
       valid_lft forever preferred_lft forever
3: enx84afec739c0a: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 84:af:ec:73:9c:0a brd ff:ff:ff:ff:ff:ff
    inet 172.16.2.245/24 brd 172.16.2.255 scope global enx84afec739c0a
       valid_lft forever preferred_lft forever
    inet6 fe80::86af:ecff:fe73:9c0a/64 scope link
       valid_lft forever preferred_lft forever
4: wlo1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000
    link/ether 7c:67:a2:29:00:68 brd ff:ff:ff:ff:ff:ff
✘╹◡╹✘  18-05-30 9:04:52 /home/wnoguchi
% sudo apt -y install chrony
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
  libtomcrypt0 libtommath1
The following NEW packages will be installed:
  chrony libtomcrypt0 libtommath1
0 upgraded, 3 newly installed, 0 to remove and 1 not upgraded.
Need to get 522 kB of archives.
After this operation, 1,328 kB of additional disk space will be used.
Get:1 http://jp.archive.ubuntu.com/ubuntu artful/main amd64 libtommath1 amd64 1.0-4 [45.2 kB]
Get:2 http://jp.archive.ubuntu.com/ubuntu artful/universe amd64 libtomcrypt0 amd64 1.17-9 [285 kB]
Get:3 http://jp.archive.ubuntu.com/ubuntu artful/universe amd64 chrony amd64 3.1-5 [192 kB]
Fetched 522 kB in 0s (936 kB/s)
Selecting previously unselected package libtommath1:amd64.
(Reading database ... 290289 files and directories currently installed.)
Preparing to unpack .../libtommath1_1.0-4_amd64.deb ...
Unpacking libtommath1:amd64 (1.0-4) ...
Selecting previously unselected package libtomcrypt0:amd64.
Preparing to unpack .../libtomcrypt0_1.17-9_amd64.deb ...
Unpacking libtomcrypt0:amd64 (1.17-9) ...
Selecting previously unselected package chrony.
Preparing to unpack .../chrony_3.1-5_amd64.deb ...
Unpacking chrony (3.1-5) ...
Setting up libtommath1:amd64 (1.0-4) ...
Processing triggers for ureadahead (0.100.0-20) ...
ureadahead will be reprofiled on next reboot
Setting up libtomcrypt0:amd64 (1.17-9) ...
Processing triggers for libc-bin (2.26-0ubuntu2.1) ...
Processing triggers for systemd (234-2ubuntu12.3) ...
Processing triggers for man-db (2.7.6.1-2) ...
Setting up chrony (3.1-5) ...
Creating '_chrony' system user/group for the chronyd daemon…

Creating config file /etc/chrony/chrony.conf with new version

Creating config file /etc/chrony/chrony.keys with new version
Created symlink /etc/systemd/system/chronyd.service → /lib/systemd/system/chrony.service.
Created symlink /etc/systemd/system/multi-user.target.wants/chrony.service → /lib/systemd/system/chrony.service.
Processing triggers for systemd (234-2ubuntu12.3) ...
Processing triggers for ureadahead (0.100.0-20) ...
✘╹◡╹✘  18-05-30 9:05:34 /home/wnoguchi
% sudo vim /etc/chrony/chrony.conf
✘╹◡╹✘  18-05-30 9:06:40 /home/wnoguchi
% sudo systemctl restart chrony
✘╹◡╹✘  18-05-30 9:06:46 /home/wnoguchi
% sudo chronyc sources
210 Number of sources = 7
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^+ ntp-a2.nict.go.jp             1   6    17     1    +47us[  +13us] +/- 5084us
^+ ntp-b2.nict.go.jp             1   6    17     1   +180us[ +141us] +/- 5112us
^* ntp-b3.nict.go.jp             1   6    17     0   -139us[ -195us] +/- 5381us
^+ ntp-a3.nict.go.jp             1   6    17     0   -178us[ -229us] +/- 5325us
^- ntp3.jst.mfeed.ad.jp          2   6    17     0    -86us[ -132us] +/-  116ms
^- ntp1.jst.mfeed.ad.jp          2   6    17     1  -1604us[-1626us] +/-   75ms
^- ntp2.jst.mfeed.ad.jp          2   6    17     1   -280us[ -308us] +/-   80ms
✘╹◡╹✘  18-05-30 9:06:54 /home/wnoguchi
% sudo chronyc sources
210 Number of sources = 7
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^+ ntp-a2.nict.go.jp             1   6    17    13    +47us[  +13us] +/- 5084us
^+ ntp-b2.nict.go.jp             1   6    17    13   +180us[ +141us] +/- 5112us
^* ntp-b3.nict.go.jp             1   6    17    12   -139us[ -195us] +/- 5381us
^+ ntp-a3.nict.go.jp             1   6    17    12   -178us[ -229us] +/- 5325us
^- ntp3.jst.mfeed.ad.jp          2   6    17    12    -86us[ -132us] +/-  116ms
^- ntp1.jst.mfeed.ad.jp          2   6    17    13  -1604us[-1626us] +/-   75ms
^- ntp2.jst.mfeed.ad.jp          2   6    17    13   -280us[ -308us] +/-   80ms
✘╹◡╹✘  18-05-30 9:07:06 /home/wnoguchi
% sudo chronyc sources
210 Number of sources = 7
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^+ ntp-a2.nict.go.jp             1   6    17    16    +47us[  +13us] +/- 5084us
^+ ntp-b2.nict.go.jp             1   6    17    16   +180us[ +141us] +/- 5112us
^* ntp-b3.nict.go.jp             1   6    17    15   -139us[ -195us] +/- 5381us
^+ ntp-a3.nict.go.jp             1   6    17    15   -178us[ -229us] +/- 5325us
^- ntp3.jst.mfeed.ad.jp          2   6    17    15    -86us[ -132us] +/-  116ms
^- ntp1.jst.mfeed.ad.jp          2   6    17    16  -1604us[-1626us] +/-   75ms
^- ntp2.jst.mfeed.ad.jp          2   6    17    16   -280us[ -308us] +/-   80ms
✘╹◡╹✘  18-05-30 9:07:09 /home/wnoguchi
% sudo date
Wed May 30 09:09:01 JST 2018

Configure NTP

conf t
!
ntp server ntp.jst.mfeed.ad.jp
ntp server ntp.nict.jp
ntp server 192.168.10.21 prefer

!
ntp source f0/1
!
ntp update-calendar
!
end
R2(config)#ntp server ntp.jst.mfeed.ad.jp
Translating "ntp.jst.mfeed.ad.jp"...domain server (203.138.71.154) [OK]

R2(config)#ntp server ntp.nict.jp
Translating "ntp.nict.jp"...domain server (203.138.71.154) [OK]

R2(config)#ntp server 192.168.10.21 prefer
R2(config)#ntp source f0/1

Verify

R2#sh ntp associations

  address         ref clock       st   when   poll reach  delay  offset   disp
 ~192.168.10.21   .INIT.          16      -     64     0  0.000   0.000 15937.
 ~210.173.160.57  133.243.236.17   2     45     64    17  9.276  -9.838  1.719
*~133.243.238.244 .NICT.           1     41     64    17 10.117  -4.679  2.669
 * sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured

why synchronize private NTP server… and stratum max 16.

OK, I identify chrony misconfiguration.

After allow network f0/1, f0/0 synchronized private NTP server stratum 2.

R2#sh ntp associations

  address         ref clock       st   when   poll reach  delay  offset   disp
*~192.168.10.21   133.243.238.16   2     40     64     3  1.153 -60.371  0.117
+~210.173.160.57  133.243.236.17   2     40     64   377  9.608 -60.690  2.174
+~133.243.238.244 .NICT.           1     39     64   377 10.656 -61.192  2.290
 * sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured
R2#sh ntp associations

  address         ref clock       st   when   poll reach  delay  offset   disp
*~192.168.10.21   133.243.238.16   2    101    128   377  1.171 -67.505  4.614
+~210.173.160.57  133.243.236.17   2     24    128   377  9.539 -85.043  3.946
+~133.243.238.244 .NICT.           1     23    128   377 10.518 -70.877  6.527
 * sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured

133.243.238.244 reference NICT.

also ntp.jst.mfeed.ad.jp, private NTP server references ntp.nict.jp.

133.243.238.16 - Japan - IP Address Details - IP lookup - proxio.io

R2#sh ntp status
Clock is synchronized, stratum 3, reference is 192.168.10.21
nominal freq is 250.0000 Hz, actual freq is 250.0001 Hz, precision is 2**24
reference time is DEB86F20.B292FEEC (00:30:24.697 UTC Wed May 30 2018)
clock offset is -67.5055 msec, root delay is 11.97 msec
root dispersion is 81.33 msec, peer dispersion is 6.13 msec
loopfilter state is 'CTRL' (Normal Controlled Loop), drift is -0.000000502 s/s
system poll interval is 128, last update was 436 sec ago.
R2#sh clock
00:39:42.187 UTC Wed May 30 2018

References

tech/network/cisco/ntp/ntp.1527721095.txt.gz · Last modified: 2018/05/31 07:58 by wnoguchi