Skip to content

Time Settings on Cisco Devices using NTP

January 5, 2012

Configuring time on our personal computers and phones is a really simple task. Unfortunately, Cisco hasn’t made it very easy to configure time on their devices. Because timestamps are such an important part of network analysis having accurate and consistent time from device to device is very important.

Note: To create consistent time between devices, this tutorial assumes you have an NTP server running or have access to an NTP server on the public Internet which to sync your devices.

All Cisco devices have at least a software based system clock. Some of them have an additional clock called the system calendar (aka. hardware clock). When a system boots, the operating system references the software clock reads the system calendar and assigns itself a time based on the calendar. NTP can set both clocks.

NTP Configuration

NTP can use authentication to make sure authorized devices are accessing the server’s resources. NTP authentication is pretty straight forward:

Router1(config)# ntp authenticate
Router1(config)# ntp authentication-key 123456 md5 value
Router1(config)# ntp trusted-key 1

ntp authenticate Turns on NTP authentication
ntp authentication-key 123456 md5 value The authentication method for NTP requires a key (in this case 123456) and an associated value which is a md5 hash.
ntp trusted-key 1 This is a key which is also used for authentication for NTP. It is different from the key in the previous command.

Note: I am not sure why it requires two different keys. If you know, please comment.

The next step is to assign NTP peers so the device can pull the date and time from the server.

Router1(config)# ntp peer 1.2.3.4

1.2.3.4 is the IP address of the server. There are other arguments which can be specified such as NTP version number and authentication keys. This tutorial is only covering the basics so none of those at this time.

NTP should now be working and the software clock is synchronized. If the system has a system calendar, run the following command to automatically update the calendar’s time:

Router1(config)# ntp update-calendar

Finally, verify your association with show ntp associations. This will output any servers you are associated with. If any of the IP addresses have a * before it, you are successfully synchronized. Cisco has a good document which details the show command.

Advertisements

From → Tutorial

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s