Note: If the other peer is not specifically configured in this way, a symmetric passive association is activated upon arrival of a symmetric active message. Since an intruder can impersonate a symmetric active peer and inject false time values, symmetric mode should always be authenticated. Normally, these modes are not utilized by servers with dependent clients.
The advantage is that clients do not need to be configured for a specific server, allowing all operating clients to use the same configuration file. Broadcast mode requires a broadcast server on the same subnet. Since broadcast messages are not propagated by routers, only broadcast servers on the same subnet are used.
Broadcast mode is intended for configurations involving one or a few servers and a potentially large client population. A broadcast server is configured using the broadcast command and a local subnet address. A broadcast client is configured using the broadcastclient command, allowing the broadcast client to respond to broadcast messages received on any interface. Since an intruder can impersonate a broadcast server and inject false time values, this mode should always be authenticated.
There are options for adding and deleting leap seconds. There are two constraints for this to occur:. The command is accepted only within the month before the leap is to happen.
It will not set leap if the current time is before 1 month of the occurrence of the leap. In a flat peer structure, all the routers peer with each other, with a few geographically separate routers configured to point to external systems.
The convergence of time becomes longer with each new member of the NTP mesh. In a hierarchical structure, the routing hierarchy is copied for the NTP hierarchy. These relationships are called hierarchy scales. A hierarchical structure is the preferred technique because it provides consistency, stability, and scalability. The dedicated time servers are the center of the star and are usually UNIX systems synchronized with external time sources, or their own GPS receiver.
Normally, client workstations and servers with a relatively small number of clients do not synchronize to primary servers. Approximately public secondary servers are synchronized to the primary servers, providing synchronization to a total in excess of , clients and servers on the Internet.
There are also numerous private primary and secondary servers not normally available to the public. In certain cases, where highly accurate time services are required on the private enterprise, such as one-way metrics for Voice over IP VoIP measurements, network designers may choose to deploy private external time sources. The diagram below shows a comparative graph of the relative accuracy of the current technologies. Until recently, the use of external time sources have not been widely deployed in enterprise networks due to the high cost of quality external time sources.
However, as the Quality of Service QoS requirements increase and the cost of the time technology continues to decrease, external time sources for enterprise networks are becoming a viable option. In the diagram below, a corporate autonomous system AS obtains time information from three public time servers. The corporate AS is shown as Area 0 and Area 1 time servers. It is only used as an illustrative example. The previous section described a WAN time distribution network.
This section moves one step down in the hierarchy to discuss time distribution on a high stratum campus network. The primary difference when considering time distribution on a high stratum campus network is the potential usage of the broadcast association mode. As described earlier, the broadcast association mode simplifies the configurations for the LANs, but reduces the accuracy of the time calculations.
Therefore, the trade-off in maintenance costs must be considered against accuracy in performance measurements. The high stratum campus network, shown in the diagram above, is taken from the standard Cisco Campus network design and contains three components.
The server component, located in the lower section of the figure, has two Layer 3 routers labeled SD-1 and SD The remaining devices in the server block are Layer 2 devices. In the upper left, there is a standard access block with two Layer 3 distribution devices labeled dl-1 and dl The remaining devices are Layer 2 switches.
In this client access block, the time is distributed using the broadcast option. In the diagram below, a GPS or Cesium time source is provided at the central data center for the low stratum campus network. This provisions a stratum 1 time source on the private network. If there are multiple GPS or Cesium time sources located in the private network, then the time distribution in the private network should be modified to take advantage of the available time sources.
In general, the same principles and configurations apply as with the previous examples. The primary difference in this case is that the root of the synchronization tree is a private time source rather than a public time source from the Internet.
This changes the design of the time distribution network to take advantage of the high accuracy private time source. The private time source is distributed throughout the private network using the principles of hierarchy and modularity that have been described in the previous sections.
A process definition is a connected series of actions, activities, and changes performed by agents with the intent of satisfying a purpose or achieving a goal. Process control is the process of planning and regulating, with the objective of performing a process in an effective and efficient way. The output of the process has to conform to operational norms that are defined by an organization and are based on business objectives.
If the process conforms to the set of norms, the process is considered effective since it can be repeated, measured, managed, and it contributes to the business objectives. If the activities are carried out with a minimum effort, the process is also considered efficient. Processes span various organizational boundaries. Therefore, it is important to have a single process owner who is responsible for the definition of the process.
The owner is the focal point for determining and reporting if the process is effective and efficient. If the process fails to be effective or efficient, the process owner drives the modification of the process.
Modification of the process is governed by change control and review processes. Process goals are established to set the direction and scope for the process definition. Goals are also used to define metrics that are used to measure the effectiveness of a process. The goal of this process is to provide criteria to be documented during the NTP design phase, and to provide an audit capability for a deployed NTP architecture ensuring long-term compliance with the intended design.
Process performance indicators are used to gauge the effectiveness of the process definition. The performance indicators should be measurable and quantifiable.
For instance, the performance indicators listed below are either numeric or measured by time. The frequency of execution required in order to proactively detect NTP issues before they impact users. The number of items added, removed, or modified in the seed file.
This is an indication of accuracy and stability. Process inputs are used to define criteria and prerequisites for a process. Many times, identification of process inputs provides information on external dependencies. A list of inputs related to NTP management is provided below. NTP configuration reports defined in the Data Presentation section of this paper.
The following sections define the initialization and iterative tasks associated with NTP management. Initialization tasks are executed once during the implementation of the process and should not be executed during each iteration of the process. In verifying prerequisite tasks, if it is determined that any one of the tasks is not implemented or does not provide sufficient information to effectively serve the needs of this procedure, this fact should be documented by the process owner and submitted to management.
The table below outlines the prerequisite initialization tasks. The NTP management process requires the use of a seed file to remove the need for a network discovery function. The seed file records the set of routers that are governed by the NTP process and is also used as a focal point to coordinate with the change management processes in an organization. For example, if new nodes are entered into the network, they need to be added to the NTP seed file.
If changes are made to the SNMP community names because of security requirements, those modifications need to be reflected in the seed file. The table below outlines the processes for creating a seed file. Several of the parameters available for monitoring the NTP network exhibit some normal expected variations. The process of baselining is used to characterize the normal expected variations and to set thresholds that define unexpected or abnormal conditions.
This task is used to baseline the variable set of parameters for the NTP architecture. Iterative tasks are executed during each iteration of the process and their frequency is determined and modified in order to improve the performance indicators. The seed file is critical for the effective implementation of the NTP management process. Therefore, the current state of the seed file must be actively managed. Changes to the network that impact the contents of the seed file need to be tracked by the NTP management process owner.
Collect information on critical, interesting, and configuration scans defined by this procedure. Run these three scans at different frequencies. Critical nodes are devices that are seen as very important to the performance collection data points. The critical node scan is executed often, for example, hourly, or on a demand basis before and after changes. Interesting nodes are devices that are deemed important to the overall integrity of the NTP architecture, but may not be in the time synchronization tree for critical performance data collection.
This report is executed periodically, for example, daily or monthly. The configuration report is a comprehensive and resource intense report that is used to characterize the overall NTP deployment configuration against design records. This report is executed less frequently, for example, monthly or quarterly.
An important point to consider is that the frequency that the reports are collected can be adjusted based on the observed stability of the NTP architecture and business needs. This task requires that the critical, interesting, and configuration reports are reviewed and analyzed.
If issues are detected, then corrective actions should be initiated. The following table describes data that is considered interesting for analyzing the NTP architecture.
The target node is the destination of the SNMP queries. All of the information required by this procedure can be collected through SNMP queries. In order to parse the data and produce the reports, custom scripts or software programs will have to be developed. Critical nodes are devices that are important in the synchronization tree of selected performance data collection points.
If there is a high revenue VoIP service being monitored and one-way-delay-variation metrics are being collected, then the source and destination nodes where the time stamps are recorded are considered critical nodes. In cases where a node has interfaces in multiple areas, a decision must be made by the report generation software as to which area the node will be listed for report purposes.
It is only used in this paper as an illustrative example. The format of the interesting node report is the same as the format for the critical node report. Interesting nodes are nodes that are considered important to the overall NTP architecture, but may not directly contribute to the time synchronization of critical performance monitoring points. The configuration report is a comprehensive report that collects information on the overall NTP architecture.
This report is used to record and verify the NTP deployment against design records. Contents Introduction. Create a detailed design document for the NTP architecture that meets design requirements and cost objectives. Design technical and economic requirements Existing network design documentation Criteria defining required aspects to be recorded in the design to enable management functions IT application deployment information Performance monitoring requirements.
Network engineer architect Network operations architect. Network design technical approval by Engineering and Operations reviewers Network design costs approved by responsible budget manager.
Create seed file that identifies three categories of network devices Critical devices—Polled on a frequent basis for configuration information Interesting devices—Polled less frequently All NTP enabled devices—Polled the least amount. NTP design documentation Network topology documentation.
Design criteria that will be used to identify and prioritize the nodes involved in the NTP architecture. Tools for collecting SNMP data and calculating baselines. Maintain accuracy of the seed file. Reports, notifications, meetings concerning changes. Software applications to collect data and produce reports.
Stability analysis Corrective actions. Access to network devices for further investigation and verification. The configured peers for the device. The selected peer for synchronization. Parameters used to judge the consistency of the NTP design.
Parameters used to characterize the quality of the NTP associations. The stratum of the local clock. If the value is set to 1, a primary reference, then the Primary-Clock procedure described in Section 3.
Signed integer indicating the precision of the system clock, in seconds, to the nearest power of two. The value must be rounded to the next larger power of two. For instance, a Hz 20 ms or Hz A signed fixed-point number indicating the total round-trip delay in seconds, to the primary reference source at the root of the synchronization subnet. The maximum error in seconds, relative to the primary reference source at the root of the synchronization subnet. Only positive values greater than zero are possible.
The local time when the local clock was last updated. If the local clock has never been synchronized, the value is zero. The current synchronization source containing the unique association identifier cntpPeersAssocId of the corresponding peer entry in the cntpPeersVarTable of the peer acting as the synchronization source. If there is no peer, the value is zero.
The current local time. NTP analyzes the timestamp values and the frequency of errors and its stability. An NTP server maintains an estimate of the quality of both the reference clocks and itself. This section lists some common issues that can be encountered with NTP and provides solutions for each. In this case the output of the show ntp associations detail command shows that the server is flagged as insane, invalid. If the server is not synchronized, the routers are not able to transmit to and receive packets from the server.
As an alternative, you can choose not to run the W32Time service on the Windows system. Instead, you can use NTP 4. All versions of Windows and later can serve as an NTP server. Other machines on the network can then use the NTP server to synchronize their time. Misconfiguration in the routers, such as the clock timezone and clock summer-time commands are absent on the routers. High offset and more between the server and the router use the show ntp association detail command to check for this.
This error message appears when the sensor attempts to sync to a server that reports its stratum as This is because a server stratum value of 15 makes the sensor stratum value 16, which is illegal. As a result, the sensor instead rejects the server and displays the Strata too high - too many indirections from sensor to master NTP server error message.
0コメント