Config Lab: NTP Client/Server
NTP makes me think of old spy novels and movies, where the team would set their analog watches to the same time, and say something like “On my mark, it will be 9:55… mark!”. NTP uses other mechanisms, of course, with protocol messages, and some devices declaring the time, with others adjusting their time to that declaration. Today’s lab lets you configure the basic time settings on a couple of routers, with two acting as NTP clients, and one as both a client and server.
The Lab Exercise
The Lab Requirements
Configure NTP for this network, with R2 and R3 as NTP clients. R1 acts as an NTP server for this network, while also acting as a client, adjusting its time from an NTP server in the Internet. The specific rules for this lab are:
- Configure R1 to be the primary local time source (Stratum 3) using the IP address from its Loopback0 interface
- Configure R1 as a client to obtain its primary clock from the NTP server pool.ntp.org
- Configure R2 and R3 to obtain their primary clock from R1
- Use R1’s loopback 0 address for any NTP configuration
- Configure all devices to use Eastern Standard Time
- Configure all devices to observe Eastern Daylight Time
- Assumptions:
- All device interfaces shown in the lab are up, working, and correctly configured with IP addresses
- Routing is configured and working correctly
- Name resolution is configured and working on all devices
Figure 1: NTP Topology
Warning: We developed this lab when Cisco Packet Tracer (CPT) Version 8.0 was the most recent version. At that time, NTP support was limited and sometimes differed from real gear. See the “Known Packet Tracer Issues” section for more detail if interested in using CPT for this lab.
Initial Configuration
Examples 1, 2, and 3 show the beginning configuration state of R1, R2, and R3.
hostname R1
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface GigabitEthernet0/1
ip address 10.10.10.1 255.255.255.0
no shutdown
!
interface GigabitEthernet0/2
ip address 20.20.20.1 255.255.255.0
no shutdown
!
router ospf 1
network 0.0.0.0 255.255.255.255 area 0Example 1: R1 Config
hostname R2
!
interface GigabitEthernet0/1
ip address 10.10.10.2 255.255.255.0
no shutdown
!
router ospf 1
network 0.0.0.0 255.255.255.255 area 0Example 2: R2 Config
hostname R3
!
interface GigabitEthernet0/1
ip address 20.20.20.2 255.255.255.0
no shutdown
!
router ospf 1
network 0.0.0.0 255.255.255.255 area 0
Example 3: R3 Config
Answer Options - Click Tabs to Reveal
You can learn a lot and strengthen real learning of the topics by creating the configuration – even without a router or switch CLI. In fact, these labs were originally built to be used solely as a paper exercise!
To answer, just think about the lab. Refer to your primary learning material for CCNA, your notes, and create the configuration on paper or in a text editor. Then check your answer versus the answer post, which is linked at the bottom of the lab, just above the comments section.
You can also implement the lab using the Cisco Packet Tracer network simulator. With this option, you use Cisco’s free Packet Tracer simulator. You open a file that begins with the initial configuration already loaded. Then you implement your configuration and test to determine if it met the requirements of the lab.
(Use this link for more information about Cisco Packet Tracer.)
Use this workflow to do the labs in Cisco Packet Tracer:
- Download the .pkt file linked below.
- Open the .pkt file, creating a working lab with the same topology and interfaces as the lab exercise.
- Add your planned configuration to the lab.
- Test the configuration using some of the suggestions below.
You can also implement the lab using Cisco Modeling Labs – Personal (CML-P). CML-P (or simply CML) replaced Cisco Virtual Internet Routing Lab (VIRL) software in 2020, in effect serving as VIRL Version 2.
If you prefer to use CML, use a similar workflow as you would use if using Cisco Packet Tracer, as follows:
- Download the CML file (filetype .yaml) linked below.
- Import the lab’s CML file into CML and then start the lab.
- Compare the lab topology and interface IDs to this lab, as they may differ (more detail below).
- Add your planned configuration to the lab.
- Test the configuration using some of the suggestions below.
Network Device Info:
The CML topology matches the lab topology.
Lab Answers Below: Spoiler Alert
Lab Answers: Configuration (Click Tab to Reveal)
Answers
Figure 1: NTP Topology
clock timezone EST -5 0
clock summer-time EDT recurring
!
ntp master 3
ntp server pool.ntp.org
ntp source Loopback0Example 1: R1 Config
clock timezone EST -5 0
clock summer-time EDT recurring
!
ntp server 1.1.1.1Example 2: R2 Config
clock timezone EST -5 0
clock summer-time EDT recurring
!
ntp server 1.1.1.1Example 3: R3 Config
Commentary, Issues, and Verification Tips (Click Tabs to Reveal)
Commentary
The configuration of NTP is vital on production networking equipment as it ensures that the timestamps that are placed on all logs and events will be referenced to the same time source. Without NTP, any troubleshooting effort that expands past a single device can be complicated to track down. In a typical network, there will be a master source (or sources) that are referenced by all of the devices in the network; each of the network devices will then reference their clocks back to these sources.
For this lab you were tasked with configuring the routers to use NTP. R1 needs to be configured as the main clock in the network while R2 and R3 use NTP as clients, referencing R1. All of the routers also need to be configured to use Eastern Standard Time AND Eastern Daylight Time.
To configure R1 in NTP client/server mode, R1 requires a few extra NTP commands. The first step is to configure it as the master clock source in the network (stratum 3 as suggested in the lab) using the ntp master 3 global command. The second step is to configure R1 to use pool.ntp.org using the ntp server pool.ntp.org command. The third step is to configure it to use its Loopback0 as the NTP source; to configure this, use the ntp source Loopback0 command.
All three routers happen to be in the same time zone and all use day light savings time, so all three routers:
- Set the use of Eastern Standard Time with the clock timeone EST -5 command.
- Set the router to switch to Eastern Daylight Time with the clock summer-time EDT recurring command.
R2 and R3 act as NTP clients, referencing R1 as the server, so their NTP configuration is identical. The first step is to configure so that they use R1 as their main clock source (1.1.1.1) with the ntp server 1.1.1.1 command. (Note that because R1 used the ntp source loopback0 command, R2 and R3 must reference the IP address used on R1’s loopback0 interface.)
Known Issues in this Lab
This section of each Config Lab Answers post hopes to help with those issues by listing any known issues with Packet Tracer related to this lab. In this case, the issues are:
| # | Summary | Detail |
| 1 | CPT requires manual clock settings before NTP converges | NTP takes time to converge in real networks. In CPT it takes far longer. To speed convergence, use the clock set EXEC command to set the time on each device to set the time to as close to the same time as possible. |
| 2 | CPT does not support some common NTP configuration methods (as of CPT 8.0) |
|
| 3 | The show clock command output differs from real gear. | With a timezone configured on real gear, show clock command shows the correct time in that timezone. CPT shows UTC time. (See next entry.) |
| 4 | The clock set command differs from real gear. | On real gear, the clock set EXEC command sets the time based on the timezone configured on the device. CPT treats the time in the clock set command as UTC time regardless of the configured timezone. |
In fact, you cannot perform the configuration requested in this lab using Cisco Packet Tracer. As an alternative, consider trying this alternative limited set of lab requirements if you want to try something that could work in CPT 8.0. Also, we expect this lab to be available over many versions of CPT, so you can always try this lab with CPT at versions after 8.0 and you might have better results with NTP.
The alternative more basic requirements:
Configure NTP for this network, as follows:
- Configure R1 to be the NTP server:
- R1 should use its internal clock as its only time source, with Stratum 3.
- Do not use a loopback interface address as the clock source.
- Configure R2 and R3 to be NTP clients, using R1 as their NTP server. Refer to R1 by IP address.
- Configure all routers to use Eastern Standard Time
- Assumptions:
- All device interfaces shown in the lab are up, working, and correctly configured with IP addresses
- Routing is configured and working correctly
- Name resolution is configured and working on all devices
Figure 1: NTP Topology
Why Would Cisco Packet Tracer Have Issues?
(Note: The below text is the same in every Config Lab.)
Cisco Packet Tracer (CPT) simulates Cisco routers and switches. However, CPT does not run the same software that runs in real Cisco routers and switches. Instead, developers wrote CPT to predict the output a real router or switch would display given the same topology and configuration – but without performing all the same tasks, an actual device has to do. On a positive note, CPT requires far less CPU and RAM than a lab full of devices so that you can run CPT on your computer as an app. In addition, simulators like CPT help you learn about the Cisco router/switch user interface – the Command Line Interface (CLI) – without having to own real devices.
CPT can have issues compared to real devices because CPT does not run the same software as Cisco devices. CPT does not support all commands or parameters of a command. CPT may supply output from a command that differs in some ways from what an actual device would give. Those differences can be a problem for anyone learning networking technology because you may not have experience with that technology on real gear – so you may not notice the differences. So this section lists differences and issues that we have seen when using CPT to do this lab.
Beyond comparing your answers to this lab’s Answers post, you can test in Cisco Packet Tracer (CPT) or Cisco Modeling Labs (CML). In fact, you can and should explore the lab once configured. For this lab, once you have completed the configuration, try these verification steps.
- Use the show ntp status and show ntp associations command to verify the status of NTP and its associations.
- Particularly when using CPT, note that NTP synchronization on Cisco devices takes time. For instance, it may take at least 10 minutes (or more) for all clocks to become synchronized (assuming your configuration was correct).
It is worth mentioning that the clock timezone global configuration command used in Example 1 includes the minutes offset versus UTC. I’ve updated the Table 9-7 in Volume 2 🙂
Thanks!
Hello Wendell,
On page 187, Example 9-12 of your book you show how to configure an NTP server using the servers’ hostnames. I don’t see an ip name-server configuration pointing to an outside DNS server though (like Google’s 8.8.8.8). Would the configuration steps as shown in the example work even without the name-server configuration? Or must one always configure an outside DNS server in such a scenario?
Thanks.
Attila
Hi Attila,
Yes, that config that refers to hostname relies on working name resolution. In real life, that’s probably a reference to a DNS as you noted. But I didn’t put it in the example.
Wendell
Hi Wendell – why is there a “0” following the command clock timezone EST -5? I don’t see a zero following that command in the example in the book. Thank you!
I’m not near a lab w/ real gear, but I think that final parameter is NOT displayed if its a 0 on real gear. FYI, it’s a minutes field, for those cases in which a timezone is offset from UTC by a non-integer number of hours. EG, I think IST (India) is normally +5:30 vs. UTC. So you could code 30 for 30 minutes. But I don’t go there in the book. One choice of hundreds (thousands?) of what to include or not. Hope this helps…
Wendell
Hey Wendell,
A small thing but the command clock timeone EST -5
is a spelling error in the lab commentary tab.
Fixed. Thanks, Ermundo!