Today I am going to talk about NTP (Network Time Protocol). NTP is a UDP protocol (port 123) that is used to synchronize the clocks of network devices on a network. NTP usually has a source that serves as the ultimate time source where all the devices receive their time from. The reason why NTP is an important protocol is because it is useful for logging accuracy in terms of timestamps or security in terms of logs used for security auditing or verifying digital certificates as many of certificates have an expiration date. If the time is not correct on devices it will be hard to correlate events especially when using syslog messages to troubleshoot a network or system issue.<\/p>\n\n\n\n
Reference Clock- <\/strong>In order to fully understand NTP you will need to know some vital components of it such as a \u201cstratum\u201d or a \u201creference clock.\u201d A reference clock is a highly accurate time source that serves as the foundation of time synchronization within a network. A reference clock is the clock where every device looks to when determining what exact date and time it should synchronize to up to the seconds. Essentially the reference clock serves as a \u201csource of truth.\u201d Other devices sync their clocks to it because of its accuracy and it is highly trusted. Typical reference clocks are GPS receivers, radio clocks, or atomic clocks. These clocks are essentially the authoritative source of getting an accurate time.\u00a0<\/p>\n\n\n\n Stratum- <\/strong>Now a stratum is a numerical value that represents the hierarchical distance between a network device and an authoritative reference clock. Valid stratum numbers range from 1 to 15 with 1 being the most accurate and 15 being the least accurate representation of the time from the reference clock. Seeing the stratum number in a configuration such as (show ntp associations), allows the person reading the configuration to gauge how accurate the NTP server is. A stratum 1 server is the most accurate and that is because it is directly connected to a reference clock such as an atomic clock and synchronizes its time\/clock directly from it. If you view a configuration and see stratum 1 then you will be able to confirm that it is the most accurate as it can be versus when you see stratum 15. The only valid numbers a NTP server can be is 1 through 15, a stratum 0 is the actual reference clock serving as the ultimate reference for every synchronized device on the network.\u00a0<\/p>\n\n\n\n Client-Server – <\/strong>NTP runs its protocol in a client-server model. The NTP server is the network device responsible for providing the accurate time information to other devices (NTP clients) on the same network. The NTP client is the network device that synchronizes its internal clock by requesting time information from the NTP server. The NTP server has two options when it is configured to be a NTP server. It can either synchronize its clock with a higher stratum NTP server or it can synchronize its clock directly from a reference clock if it is a stratum 1 server. An example would be configuring (ntp master.) Typing \u201cNTP master\u201d with no numerical value after it automatically configures it with a stratum of 8. When another device is configured with \u201cNTP server [NTP server on stratum 8 IP],\u201d then it will synchronize its clock to an NTP server on stratum 8. If another NTP server is configured with \u201cNTP server [device on stratum 9 IP address] ,\u201d then it would synchronize its time with NTP device on stratum 9 and the pattern continues. The last eligible number is 15, so if a NTP device has its time from stratum 16 source that means that time is invalid. A stratum 16 seen on a network device means that its clock is unsynchronized, and that its time source is unreachable and should not be trusted by other NTP clients.\u00a0<\/p>\n\n\n\n Symmetric-Active Mode- <\/strong>Although NTP is mainly a client server model, there is a mode called \u201csymmetric active mode.\u201d Symmetric Active mode is a mode where two NTP devices called peers mutually synchronize their clocks. In a standard NTP model, the client requests and receives time information from the NTP server. In a symmetric active mode two or more devices send and receive timing updates, synchronizing their times with each other often at similar stratum levels. Essentially every device operating via symmetric active mode takes on the role of both a client and a server. This kind of NTP setup allows for redundancy and fault tolerance. The reason for this is because a NTP device in symmetric active mode can synchronize its clock with multiple peers, so if one were to fail it would still receive accurate timing information from other peers.\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":" Today I am going to talk about NTP (Network Time Protocol). NTP is a UDP protocol (port 123) that is used to synchronize the clocks of network devices on a network. NTP usually has a source that serves as the ultimate time source where all the devices receive their time from. The reason why NTP…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-971","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/networkingnotebook.com\/index.php?rest_route=\/wp\/v2\/posts\/971","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/networkingnotebook.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/networkingnotebook.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/networkingnotebook.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/networkingnotebook.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=971"}],"version-history":[{"count":2,"href":"https:\/\/networkingnotebook.com\/index.php?rest_route=\/wp\/v2\/posts\/971\/revisions"}],"predecessor-version":[{"id":973,"href":"https:\/\/networkingnotebook.com\/index.php?rest_route=\/wp\/v2\/posts\/971\/revisions\/973"}],"wp:attachment":[{"href":"https:\/\/networkingnotebook.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=971"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/networkingnotebook.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=971"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/networkingnotebook.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=971"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}