Re: NTP Question

From: Petr Lapukhov (petr@internetworkexpert.com)
Date: Wed Nov 22 2006 - 13:16:55 ART

• Next message: ccie anees: "Re: BGP confederation"
• Previous message: Scott Morris: "RE: WCCP complexity"
• Maybe in reply to: Lab Rat #109385382: "NTP Question"
• Next in thread: M A: "Re: NTP Question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Scott, i have specifically verified this one...

Case1: ================

Client:

ntp authentication-key 1 md5 cisco
ntp authenticate
ntp trusted-key 1
ntp server 155.1.0.5

Server:

ntp authentication-key 1 md5 cisco
ntp master

Output:

R4#show ntp associations detail
155.1.0.5 configured, our_master, sane, valid, stratum 8
ref ID 127.127.7.1, time C909C4D7.7FEE184D (17:43:51.499 UTC Sat Nov 18
2006)
our mode client, peer mode server, our poll intvl 64, peer poll intvl 64
root delay 0.00 msec, root disp 0.03, reach 377, sync dist 24.597
delay 48.42 msec, offset -0.3627 msec, dispersion 0.37
precision 2**18, version 3
org time C909C4E6.B3C2F6FD (17:44:06.702 UTC Sat Nov 18 2006)
rcv time C909C4E6.BA0DAD26 (17:44:06.726 UTC Sat Nov 18 2006)
xmt time C909C4E6.ADA44A58 (17:44:06.678 UTC Sat Nov 18 2006)
filtdelay = 48.42 48.13 48.00 48.74 48.61 62.99 48.16 48.11
filtoffset = -0.36 -0.06 -0.06 -0.41 0.25 -7.47 -0.18 0.02
filterror = 0.02 0.99 1.01 1.02 1.04 1.05 1.07 1.08

Case2: ==================

ntp authentication-key 1 md5 cisco
ntp authenticate
ntp trusted-key 1
ntp server 155.1.0.5 key 1

Server:

ntp authentication-key 1 md5 cisco
ntp master

Output:

R4#show ntp associations detail
155.1.0.5 configured, authenticated, our_master, sane, valid, stratum 8
ref ID 127.127.7.1, time C909C517.7FFCC37E (17:44:55.499 UTC Sat Nov 18
2006)
our mode client, peer mode server, our poll intvl 64, peer poll intvl 64
root delay 0.00 msec, root disp 0.03, reach 377, sync dist 25.650
delay 48.42 msec, offset -0.3627 msec, dispersion 1.42
precision 2**18, version 3
org time C909C526.B4F98FCC (17:45:10.706 UTC Sat Nov 18 2006)
rcv time C909C526.BCB04F6B (17:45:10.737 UTC Sat Nov 18 2006)
xmt time C909C526.ADAA32CE (17:45:10.678 UTC Sat Nov 18 2006)
filtdelay = 58.38 48.42 48.13 48.00 48.74 48.61 62.99 48.16
filtoffset = -0.94 -0.36 -0.06 -0.06 -0.41 0.25 -7.47 -0.18
filterror = 0.02 0.99 1.97 1.98 2.00 2.01 2.03 2.04

2006/11/22, Scott Morris <swm@emanon.com>:
>
> The parameter is designed for if you have more than one key/server
> configured. If you only have one, mentioning the key on the ntp server
> line
> is not necessary.
>
>
> Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713, JNCIE
> #153, CISSP, et al.
> CCSI/JNCI-M/JNCI-J
> IPExpert VP - Curriculum Development
> IPExpert Sr. Technical Instructor
> smorris@ipexpert.com
> http://www.ipexpert.com
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Lab
> Rat #109385382
> Sent: Wednesday, November 22, 2006 4:26 AM
> To: 'Petr Lapukhov'
> Cc: Cisco certification; security@groupstudy.com
> Subject: RE: NTP Question
>
> Petr.not sure about that. I've labbed up both ways and they both work
> (with
> only one key configured). Maybe I didn't wait long enough, but NTP was
> sync'd in both scenarios.
>
>
>
>
>
> From: petrsoft@gmail.com [mailto:petrsoft@gmail.com] On Behalf Of Petr
> Lapukhov
> Sent: Wednesday, November 22, 2006 12:56 AM
> To: Lab Rat #109385382
> Cc: Cisco certification; security@groupstudy.com
> Subject: Re: NTP Question
>
>
>
> You definitely need "ntp server x.x.x.x key y" in order to let your router
> know, what key to use when polling the NTP server. This is because you may
> have many keys configured on the same router, and use different keys for
> different servers.
>
> 2006/11/22, Lab Rat #109385382 <techlist01@gmail.com>:
>
> I have seen two different configurations by a from leading training
> vendors.
>
> If you have the following commands set:
>
>
> ntp authenticate
> ntp authentication-key 1 md5 PASSWORD
> ntp trusted-key 1
>
>
> do you need the following command:
>
>
> ntp server x.x.x.x key 1
>
>
> I have seen the solution stated as such:
>
>
> ntp server x.x.x.x
>
>
> Thanks,
>
> Ed
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
> --
> Petr Lapukhov, CCIE #16379
> petr@internetworkexpert.com
>
> Internetwork Expert, Inc.
> http://www.InternetworkExpert.com
> Toll Free: 877-224-8987
> Outside US: 775-826-4344
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>

-- 
Petr Lapukhov, CCIE #16379
petr@internetworkexpert.com
Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987
Outside US: 775-826-4344

• Next message: ccie anees: "Re: BGP confederation"
• Previous message: Scott Morris: "RE: WCCP complexity"
• Maybe in reply to: Lab Rat #109385382: "NTP Question"
• Next in thread: M A: "Re: NTP Question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Dec 01 2006 - 08:05:48 ART