Exact time

The exact time on the network is big. Today we will talk about setting the exact time using Cisco equipment.


There is no difference in principle whether it is a router or a switch.
So, set the exact time.
First of all we will create an interface on the router when accessing which we will get the exact time.

RTR-001#conf t
RTR001(config)#interface Loopback100
RTR001(config)# description -=I=- NTP service -=I=-
RTR001(config)# ip address 10.10.10.100 255.255.255.255
RTR001(config)#^Z
RTR001#

In fact, I have this Loopback has an address from a completely different network, and then announced in OSPF
')
(RTR-002 # sho ip ro | inc 57.100
O 10.10.57.100/32
[110/11] via 10.10.57.1, 02:02:25 FastEthernet0 / 1.822)


Let's set up external servers from which we will receive time.

RTR-001#conf t
RTR001(config)#ntp update-calendar RTR-001#conf t
RTR001(config)#ntp update-calendar — update the calendar from the NTP server.
RTR001(config)#ntp server 192.73.48.1 prefer
RTR001(config)#ntp server 192.73.48.2
RTR001(config)#ntp server 192.73.48.6 RTR001(config)#ntp server 192.73.48.1 prefer
RTR001(config)#ntp server 192.73.48.2
RTR001(config)#ntp server 192.73.48.6 - we set the addresses of NTP servers, the first of which is preferred.

Checking:
RTR001#sho clock
14:11:54.530 MSD Thu Oct 1 2009
RTR001#
It looks like the exact time on our router :) Check the NTP status:
RTR001#sho ntp status
Clock is synchronized, stratum 3, reference is 192.73.48.1
nominal freq is 250.0000 Hz, actual freq is 249.9948 Hz, precision is 2**24
reference time is CE6EFA48.2E139AA2 (13:52:08.179 MSD Thu Oct 1 2009)
clock offset is -0.0232 msec, root delay is 0.32 msec
root dispersion is 0.08 msec, peer dispersion is 0.01 msec
loopfilter state is 'CTRL' (Normal Controlled Loop), drift is 0.000020656 s/s
system poll interval is 1024, last update was 1199 sec ago.
RTR001#

It is considered a good practice to set the time zone and daylight saving time on the router / switch:
clock timezone MSK 3 - time zone
clock summer-time MSD recurring last Sun Mar 2:00 last Sun Oct 2:00 - days of daylight saving time and back

Now let's move on to setting the time on the rest of our network devices.
We implant the following structure onto the switches:
C2970(config)#ntp server 10.10.10.100

after which they will start to take time from our router:
C2970#sho ntp stat
Clock is synchronized, stratum 4, reference is 10.10.10.100
nominal freq is 119.2092 Hz, actual freq is 119.2072 Hz, precision is 2**18
reference time is CE6F0038.2117CCA0 (14:17:28.129 MSD Thu Oct 1 2009)
clock offset is -0.8434 msec, root delay is 329.33 msec
root dispersion is 93.77 msec, peer dispersion is 1.75 msec
C2970#

In order to have a switch as a time server, we just need to release it to the Internet :) And we’ll go to the Vlan interface.

And now the most interesting, we will force workstations to take time from our equipment. For this purpose I use a batch file in group policies tied to autologon:
@echo
net time /setsntp
@echo : 10.10.10.100
w32tm /config /syncfromflags:manual /manualpeerlist:10.10.10.100
@echo
w32tm /config /update
@echo
w32tm /resync
net time /querysntp
pause
where I took the text batch file I do not remember, but the author - Respect !!!

For a more detailed study of the article recommended article for reading.

In this tour, we did not consider the issue of NTP authentication (ntp authenticate), access to NTP via ACL, setting up a broadcast service, and security issues. If it is interesting, write in comments - I will add.