Shulou(Shulou.com)06/02 Report--

Introduction to NTP

NTP (Network Time Protocol, Network time Protocol) uses the transport layer protocol UDP, and the UDP port number is 123.

Basic working principle of NTP

The basic operation of NTP is shown in. Device An and Device B are connected through the network. The time of Device An and Device B is different, so it is necessary to realize automatic time synchronization through NTP. For ease of understanding, make the following assumptions:

Before time synchronization for Device An and Device B, the time for Device A was set to 10:00:00 and the time for am,Device B was set to 11:00:00 am.

DeviceB acts as a NTP time server, that is, the time synchronization between Device An and DeviceB.

The one-way transmission time of NTP messages from Device A to Device B and from Device B to Device An is 1 second.

The time required for DeviceB to process NTP messages is 1 second.

Device An and Device B time synchronization works as follows:

(1) Device A sends a NTP message to Device B with the time stamp it left Device A with the time stamp 10:00:00 am (T1).

(2) when the NTP message arrives at Device B, Device B adds a timestamp to the NTP message when it arrives at Device B. the timestamp is 11:00:01 am (T2).

(3) when the NTP message leaves Device B, Device B adds a timestamp of 11:00:02 am (T3) to the NTP message when the message leaves Device B.

(4) when Device A receives the response message, the local time of Device An is 10:00:03 am (T4).

At this point, Device A can calculate two important parameters based on the above timestamp:

Round trip delay of NTP message Delay = (T4-T1)-(T3-T2) = 2 seconds.

The time difference between DeviceA and Device B is offset = (T2-T1) + (T3-T4) / 2 = 1 hour.

In this way, Device A can set its own time based on this information to synchronize it with the time of Device B.

The above is only a rough description of how NTP works. For details, please refer to the relevant protocol specifications.

NTP network structure and the number of clock layers

NTP defines the accuracy of the clock by the number of clock layers. The value range of the number of clock layers is 1-16. The smaller the value is, the higher the clock accuracy is. Clocks with layers of 1 to 15 are synchronized; clocks with layers of 16 are unsynchronized.

Typically, the number of layers of the NTP server that obtains time synchronization from an authoritative clock, such as an atomic clock, is set to 1 and is used as the primary time server to provide time synchronization for the clocks of other devices in the network. The NTP distance between the device in the network and the master time server, that is, the number of NTP servers on the NTP synchronization chain, determines the number of layers of the clock on the device. For example, the number of clock layers of a device that obtains time synchronization from a master time server is 2, which is 1 higher than that of the master time server; the clock layer of a device that obtains time synchronization from a time server with clock layers 2 is 3, and so on.

The working mode of NTP

Pattern

Working process

Time synchronization direction

Application situation

Client / server mode

The address of the NTP server needs to be specified manually on the client. The client sends a NTP time synchronization message to the NTP server. After receiving the message, the NTP server will automatically work in the server mode and reply to the reply message.

If the client can obtain time synchronization from a plurality of time servers, after receiving the reply message, the client performs clock filtering and selection, and synchronizes with the preferred clock.

The client can synchronize time with the NTP server

The NTP server cannot synchronize with the client's time

As shown in the figure above, this mode is usually used for lower-level devices to obtain time synchronization from a superior's time server.

Peer mode

The address of the passive peer (Symmetricpassivepeer) needs to be specified manually on the active peer (Symmetricactivepeer). The active peer sends a NTP time synchronization message to the passive peer. After receiving the message, the passive peer will automatically work in the passive peer mode and reply to the reply message.

If the active peer can obtain time synchronization from multiple time servers, after receiving the reply message, the active peer performs clock filtering and selection, and synchronizes with the preferred clock.

The time of active peer and passive peer can be synchronized with each other.

If both clocks are synchronized, the clock with a large number of layers is synchronized with the clock with a small number of layers

As shown in the figure above, this mode is typically used to synchronize devices at the same level to form backups between devices at the same level. If the communication between a device and all superior time servers fails, the device can still obtain time synchronization from the same level time server.

Broadcast mode

The broadcast server periodically sends NTP time synchronization messages to the broadcast address 255.255.255.255. The broadcast client listens for the broadcast message from the broadcast server and synchronizes the time of the device with the time of the broadcast server according to the received broadcast message.

After receiving the first NTP message sent by the broadcast server, the broadcast client will interact with the broadcast server to obtain the round-trip delay of the message and provide the necessary parameters for time synchronization. After that, only the broadcaster sends messages in one direction

Broadcast client can synchronize with the time of broadcast server

The broadcast server cannot synchronize the time with the broadcast client

The broadcast server broadcasts and sends time synchronization messages, which can synchronize the time of multiple broadcast clients in the same subnet.

As shown in the figure above, when using the same time server to provide time synchronization for a large number of devices in the same subnet, broadcast mode can be used to simplify the network configuration because only the broadcast server sends messages in one direction. Broadcast mode is not as accurate as client / server mode and peer mode.

Multicast mode

The multicast server periodically sends NTP time synchronization messages to the specified multicast address. The client listens for multicast messages from the server and synchronizes the time of the device with the time of the multicast server according to the received multicast messages.

The multicast client can synchronize the time with the multicast server

The multicast server cannot synchronize with the time of the multicast client

The multicast mode extends the broadcast mode, and the multicast server can provide time synchronous multicast mode for multiple multicast clients in the same subnet and different subnets at the same time. The time accuracy of multicast mode is not as accurate as that of client / server mode and peer mode.

Configuration test

Ntp-srv (88.1.1.254) as ntp server

Ntp-client01 (88.1.1.1) serves as a ntp client, and the service points to ntp-srv (88.1.1.254)

Ntp-client01 (88.1.1.2) serves as a ntp client, and the service points to ntp-srv (88.1.1.254)

Ntp-client01 (88.1.1.3) serves as ntp client, and the service points to ntp-srv (88.1.1.1)

Ntp-client01 (88.1.1.4) is used as ntp client, and the service points to ntp-srv (88.1.1.254 and 88.1.1.1, 88.1.1.2).

Ntp-srv configuration:

Configure the local time first:

[ntp-srv] clock protocol none

Clock datetime 12:00:002017/05/28

# ntp service is configured as follows:

Ntp-service enable

Ntp-service refclock-master 1

The # ntp-service refclock-master command is used to set the local clock as the reference clock and determine the number of layers. If you do not specify the number of layers, ntp-server will automatically specify it. In my simulator configuration, I see that it is automatically specified as 8, which is recommended to be specified manually, generally 1 or 2.

In a real network, the number of layers of a NTP server that obtains time synchronization from an authoritative clock (such as an atomic clock) is set to 1, and it is used as the master time server to synchronize the clocks of other devices in the network.

NTP status: Ntp-srv:

Dis ntp sessions

Source reference stra reach poll now offset delay disper

* * [12345] LOCAL (0) LOCL 0 255 64 8 0.0000 0.0000 0.9460

Notes: 1 source (master), 2 source (peer), 3selected, 4 candidate, 5 configured.

Total sessions: 1

Dis ntp status

Clock status: synchronized

Clock stratum: 1

System peer: LOCAL (0)

Local mode: client

Reference clock ID: LOCL

Leapindicator: 00

Clock jitter: 0.000031 s

Stability: 0.000 pps

Clock precision: 2 ^-15

Rootdelay: 0.00000 ms

Rootdispersion: 11.16943 ms

Reference time: dcd54bbf.b54d3a2e Sun, May 28 2017 13:14:39.708

#

Dis ntp sessions parameter description:

Source: clock source. When the reference clock is the local clock, it is displayed as LOCAL (number)

Reference: reference clock, when the stra field is 0 or 1, this field will be displayed as LOCAL

Stra: clock layers

Reach: reachability count. 0 means the time server is unreachable.

Poll: polling interval, that is, the time interval between two consecutive NTP messages, in seconds

Now: the interval between the last time a NTP message was received or the local time it was updated

Offset: the clock offset of the system clock from the reference clock, in milliseconds

Delay disper: the maximum error of the unified clock relative to the reference clock, in milliseconds

[12345]: 1: the time server selected by the system, that is, the time server that is currently synchronizing with the device

2: the clock layer of the time server is less than or equal to 15

3: the clock of the time server passed the clock selection algorithm.

4: the clock of the time server is the candidate clock

5: the clock of the time server is specified by the configuration command

# dis ntp status parameter description

Clock status: synchronization status, synchronized: system time is synchronized, unsynchronized: system time is not synchronized

Clock stratum: number of layers of the system clock

System peer: the IP address of the time server selected by the system clock

Local mode: the mode of operation of the local device

Unspec: no mode specified

Sym_active: active peer mode

Sym_passive: passive peer mode

Client: client mode

Server: server mode

Broadcast: broadcast server mode or multicast server mode

Bclient: broadcast client mode or multicast client mode)

Reference clock ID: reference clock ID

Leapindicator: alarm statu

00: normal statu

01: leap second flag, indicating that the last minute of the day has 61 seconds

10: leap second flag, indicating that the last minute of the day has 59 seconds

11: alarm status in which time is not synchronized

Clock jitter: the offset of the system clock from the reference clock, in seconds

Stability: the stability of the clock frequency. The smaller the value, the more stable the clock frequency.

Clock precision: the accuracy of the system clock

Rootdelay: round-trip delay from the local device to the master time server, in milliseconds

Rootdispersion: the maximum error of the system clock relative to the master reference clock, in milliseconds

Reference time: reference timestamp

#

Dis ntp sessions

Source reference stra reach poll now offset delay disper

* * [12345] LOCAL (0) LOCL 0 255 64 8 0.0000 0.0000 0.9460

Notes: 1 source (master), 2 source (peer), 3selected, 4 candidate, 5 configured.

Total sessions: 1

#

# clock source (source) is the local clock (LOCAL (0)), reference clock is LOCL, and the number of clock layers is 0 (local)

#

Dis ntp status

Clock status: synchronized

Clock stratum: 1

System peer: LOCAL (0)

Local mode: client

Reference clock ID: LOCL

Leapindicator: 00

Clock jitter: 0.000031 s

Stability: 0.000 pps

Clock precision: 2 ^-15

Rootdelay: 0.00000 ms

Rootdispersion: 11.16943 ms

Reference time: dcd54bbf.b54d3a2e Sun, May 28 2017 13:14:39.708

#

# time status (Clock status) is synchronized (synchronized), clock layer is 1, server IP is local (LOCAL (0)), server mode is client (client, Huasan defaults to client) reference clock is local (LOCL)

Ntp-client01

Dis ntp sessions

Source reference stra reach poll now offset delay disper

* * [12345] 88.1.1.254 LOCL 1 25564 271 111.87 0.9307 0.0762

Notes: 1 source (master), 2 source (peer), 3selected, 4 candidate, 5 configured.

Total sessions: 1

#

# the clock source (source) is ntp-srv (88.1.1.254), the reference clock is LOCL, and the number of clock layers is 1, so we can see that the reference clock of dis ntp session refers to the reference clock of the clock source, and the number of clock layers also refers to the clock layers of the clock source.

#

Dis ntp status

Clock status: synchronized

Clock stratum: 2

System peer: 88.1.1.254

Local mode: client

Reference clock ID: 88.1.1.254

Leapindicator: 00

Clock jitter: 0.011368 s

Stability: 0.000 pps

Clock precision: 2 ^-15

Rootdelay: 0.93079 ms

Rootdispersion: 138.96179 ms

Reference time: dcd550a1.77781a5e Sun, May 28 2017 13:35:29.466

#

# the clock layer is 2, the server IP is 88.1.1.254, and the reference clock is 88.1.1.254

The number of clock layers in dis ntp session also refers to the local clock layers.

#

Ntp-client02

Dis ntp sessions

Source reference stra reach poll now offset delay disper

*

[12345] 88.1.1.254 LOCL 1 255 64 31 960.74 1.9531 2.3040

Notes: 1 source (master), 2 source (peer), 3selected, 4 candidate, 5 configured.

Total sessions: 1

Dis ntp st

Dis ntp status

Clock status: synchronized

Clock stratum: 2

System peer: 88.1.1.254

Local mode: client

Reference clock ID: 88.1.1.254

Leapindicator: 00

Clock jitter: 0.945007 s

Stability: 0.000 pps

Clock precision: 2 ^-15

Rootdelay: 1.95313 ms

Rootdispersion: 1919.72351 ms

Reference time: dcd5538c.1df3f67c Sun, May 28 2017 13:47:56.117

#

Dis ntp session is the same as clint01

The number of clock layers in dis ntp status is 2, so the number of clock layers is independent of topology location.

#

Ntp-client03

Dis ntp sessions

Source reference stra reach poll now offset delay disper

*

[12345] 88.1.1.1 88.1.1.254 2 255 64 44 1192.9 1.0986 4.8522

Notes: 1 source (master), 2 source (peer), 3selected, 4 candidate, 5 configured.

Total sessions: 1

Dis ntp status

Clock status: synchronized

Clock stratum: 3

System peer: 88.1.1.1

Local mode: client

Reference clock ID: 88.1.1.1

Leapindicator: 00

Clock jitter: 0.517822 s

Stability: 0.000 pps

Clock precision: 2 ^-15

Rootdelay: 2.09045 ms

Rootdispersion: 1800.03357 ms

Reference time: dcd55428.a6a220e1 Sun, May 28 2017 13:50:32.650

#

# dis ntp sesion clock source (source) is ntp-client01 (88.1.1.1), reference clock is ntp-srv88.1.1.254, and the number of clock layers is 2 (the clock layers of the clock source 88.1.1.1)

# dis ntp status clock layer is 3 (clock source + 1), server is clock source 8.1.1.1, reference clock is also clock source 8.1.1.1

#

Ntp-client04

Dis ntp sessions

Source reference stra reach poll now offset delay disper

*

[12345] 88.1.1.254 LOCL 1 255 64 50-98.51 1.8768 2.4719

[5] 88.1.1.1 INIT 16 0 64-0.0000 0.0000 0.0000

[5] 88.1.1.2 INIT 16 0 64-0.0000 0.0000 0.0000

Notes: 1 source (master), 2 source (peer), 3selected, 4 candidate, 5 configured.

Total sessions: 3

Dis ntp status

Clock status: synchronized

Clock stratum: 2

System peer: 88.1.1.254

Local mode: client

Reference clock ID: 88.1.1.254

Leapindicator: 00

Clock jitter: 0.153503 s

Stability: 0.000 pps

Clock precision: 2 ^-15

Rootdelay: 1.87683 ms

Rootdispersion: 266.90674 ms

Reference time: dcd555eb.f296693d Sun, May 28 2017 13:58:03.947

#

# specify multiple time servers for a device, filter and select clocks according to parameters such as the number of clock layers, and select the optimal clock from multiple time servers to synchronize with them

#

NTP switch level 1 clock source down

If the level 2 clock source has not been sensed or switched

Dis ntp sessions

Source reference stra reach poll now offset delay disper

*

[12345] 88.1.1.254 LOCL 1 224 64 358-101.1 1.0986 8.5144

Notes: 1 source (master), 2 source (peer), 3selected, 4 candidate, 5 configured.

Then the level 3 clock source will still be synchronized to the level 2 clock source after restart (those with multiple ntp will switch to level 2)

Dis ntp sessions

Source reference stra reach poll now offset delay disper

*

[5] 88.1.1.254 INIT 16 0 64-0.0000 0.0000 0.0000

[245] 88.1.1.1 88.1.1.254 2 120 64 203 2546.3 1.0070 0.9765

[12345] 88.1.1.2 88.1.254 2 31 64 64-548.1 2.7465 2.2277

Notes: 1 source (master), 2 source (peer), 3selected, 4 candidate, 5 configured.

Total sessions: 3

#

If the secondary clock source senses the primary clock source down

Dis ntp sessions

Source reference stra reach poll now offset delay disper

*

[5] 88.1.1.254 INIT 16 0 64-0.0000 0.0000 0.0000

Notes: 1 source (master), 2 source (peer), 3selected, 4 candidate, 5 configured.

Total sessions: 1

#

Then the level 3 clock source will also down.

Dis ntp sessions

Source reference stra reach poll now offset delay disper

*

[5] 88.1.1.254 INIT 16 0 64-0.0000 0.0000 0.0000

[5] 88.1.1.1 INIT 16 0 64-0.0000 0.0000 0.0000

[5] 88.1.1.2 INIT 16 0 64-0.0000 0.0000 0.0000

Notes: 1 source (master), 2 source (peer), 3selected, 4 candidate, 5 configured.

Summary

When the NTP clock source is local, assuming that the specified number of local clock layers is 1, the

When the local clock dis ntp sessions, the display clock source and reference clock are both local (local), and the number of clock layers is 0

When the local clock is dis ntp status, the mode of the local clock is local, and the clock server and reference clock are both local (local).

When the secondary clock uses the primary clock source as the server

The reference clock of dis ntp session refers to the reference clock of the clock source, and the number of clock layers also refers to the number of clock layers of the clock source, which shows the reference clock of the clock source.

The clock layers of dis ntp status also refer to the local clock layers, and the clock server and reference clock are primary clock sources.

#

When the third-level clock uses the secondary clock source as the server

The reference clock of dis ntp session refers to the reference clock of the clock source, and the number of clock layers also refers to the number of clock layers of the clock source, which shows the reference clock of the clock source.

The clock layers of dis ntp status also refer to the local clock layers, and the clock server and reference clock are secondary clock sources.

When a device is configured with multiple ntp servers, it points to both level 1 clock source and level 2 clock source

According to the priority strategy, priority will be given to primary clock source synchronization.

When the first-level clock source down and the second-level clock source have not been switched to init, the new equipment (with multiple ntp) will synchronize the second-level clock source time as the third-level clock source.

When the first-level clock source down, the second-level clock source senses switching to the init state, the third-level clock source and the new (with multiple ntp) devices will also init, and will not synchronize with the local clock of the clock source.

Unless ntp-servicerefclock-master 2 is configured on the level 2 clock source, this command will configure the device's clock source bit locally and the number of layers is 2.

But when this command is configured on the level 2 clock source, if the first level clock source up,2 level clock source is also a local clock source.

By configuring prefer parameters for all primary clock sources and configuring master 2 locally, cisco can realize that when the primary clock source down, the third level clock source can synchronize with the local time of the secondary clock source.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.