Setting up NTP on Cisco Switches – Cisco Networking Series Part 1

Clock

This is more for my own reference than anything else, but what follows here is a short tutorial on how to get NTP up and running on your Cisco iOS device.

First we need to get DNS working for the switch to be able to resolve the DNS name for the time server. If you run your own time server you can use the static IP for the NTP server and skip this step, but if you use one of the public NTP pools just resolving the domain name for the pool one time and hard coding that into your switch won’t do it. First of all, that NTP server might go down some time down the line, and then your time synchronization stops working. Secondly, and this is actually a far bigger problem, if you resolve the IP of a NTP pool, you’re actually only using one server in that pool constantly since the pools load balancing is constructed using DNS round robin. This skews the load on the (already heavily loaded) public NTP infrastructure, which isn’t very good. While we’re on the topic, if you are using public NTP servers, consider setting up your own internal NTP servers and have your clients sync to them, thus limiting the load you put on public NTP servers. If you, like me, run your own GPS NTP servers, then you can do as you like (but the DNS round robin trick is also useful to do internal load balancing and fail-over)

So, DNS resolving:
ip name server 8.8.8.8 8.8.4.4

Here I’m using Google’s DNS servers, but you can use whatever you like.

Then we need to set up NTP:
ntp server pool.ntp.org

That’s it. Cisco makes it quite easy for you. But, you still need to configure the clock settings, and this is where it gets bad.

First, we need to set the time zone:

clock timezone UTC+2 2 0

The command clock timezone first asks for the name of the time zone, and then the offset in hours and minutes. So I supplied UTC+2, which is the Finnish time zone, and then 2 for 2 hours offset and 0 for 0 minutes offset.

And now, the truly ugly, daylight savings time (DST) settings:

clock summertime UTC+3 recurring last Sunday March 03:00 last Sunday October 03:00 60

This has to be the most horrid command I’ve ever typed. Not only is it completely manual, but it doesn’t autocomplete as well, so you need to actually correctly type all the names of the days and months. The command, in all it’s horrid splendor, works like this:

clock summertime first asks for the name of the timezone for DST. Here in Finland that’s UTC+3, so that’s what I entered. Then I selected the recurring option, as DST starts and ends in FInland on the last sunday in March and October. If you live in a country where DST is locked to a date and not a weekday, then use date instead of recurring and follow the instructions by hitting a lot. Then it’s pretty much self-explanatory. last Sunday March 03:00 defines when DST starts and last Sunday October 03:00 when it ends. 60 at the end of the command specifies the DST offset in minutes.

That’s all folks, the clock should be up and working now and showing the correct time plus the correct time zone. If you have a problem with DNS, which is the most common problem, the ntp command actually tells you if the DNS query for you specified NTP server failed.

show clock can be used to check what the local time on the switch is, handy for confirming settings.

This post is part of a new series called Network Friday, where I explain a new networking concept every Friday and tell you have to configure it on (mostly) HP hardware. The series will mostly focus on the configuration side, as I feel there are lots of resources out there that do a fine job of explaining complex concepts, but very few that show you how to do it on your specific hardware. This series aims to address this somewhat, at least on the HP side of the fence.

Advertisements
No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s