3.2.21. ntp¶
Top-level container for NTP configuration.
vsr running config# vrf <vrf> ntp
enabled¶
Enable or disable the NTP protocol and indicates that the system should attempt to synchronize the system clock with an NTP server from the servers defined in the ‘ntp/server’ list.
vsr running config# vrf <vrf> ntp
vsr running ntp# enabled true|false
- Default value
true
ntp-source-address¶
Source address to use on outgoing NTP packets.
vsr running config# vrf <vrf> ntp
vsr running ntp# ntp-source-address NTP-SOURCE-ADDRESS
|
Description |
|---|---|
<A.B.C.D> |
An IPv4 address. |
<X:X::X:X> |
An IPv6 address. |
auth-key¶
List of NTP authentication keys.
vsr running config# vrf <vrf> ntp auth-key <uint16>
<uint16> |
Integer identifier used by the client and server to designate a secret key. The client and server must use the same key id. |
key-value¶
NTP authentication key value.
vsr running config# vrf <vrf> ntp auth-key <uint16>
vsr running auth-key <uint16># key-value <string>
server-subnet¶
Allow / deny NTP clients to connect to this instance.
vsr running config# vrf <vrf> ntp
vsr running ntp# server-subnet <uint16> allow ALLOW deny DENY
<uint16> |
List sequence. |
allow¶
Allow NTP clients on this subnet to request synchronization.
allow ALLOW
|
Description |
|---|---|
<A.B.C.D/M> |
An IPv4 prefix: address and CIDR mask. |
<X:X::X:X/M> |
An IPv6 prefix: address and CIDR mask. |
<A.B.C.D> |
An IPv4 address. |
<X:X::X:X> |
An IPv6 address. |
all |
Allow all connections. |
deny¶
Deny NTP clients on this subnet to request synchronization.
deny DENY
|
Description |
|---|---|
<A.B.C.D/M> |
An IPv4 prefix: address and CIDR mask. |
<X:X::X:X/M> |
An IPv6 prefix: address and CIDR mask. |
<A.B.C.D> |
An IPv4 address. |
<X:X::X:X> |
An IPv6 address. |
all |
Allow all connections. |
server¶
List of NTP servers to use for system clock synchronization. If ‘/system/ntp/enabled’ is ‘true’, then the system will attempt to contact and utilize the specified NTP servers.
vsr running config# vrf <vrf> ntp server <server>
|
Description |
|---|---|
<A.B.C.D> |
An IPv4 address. |
<X:X::X:X> |
An IPv6 address. |
<host-name> |
The domain-name type represents a DNS domain name. Fully quallified left to the models which utilize this type. Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability. The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation. Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492. |
version¶
Version number to put in outgoing NTP packets.
vsr running config# vrf <vrf> ntp server <server>
vsr running server <server># version <uint8>
association-type¶
The desired association type for this NTP server.
vsr running config# vrf <vrf> ntp server <server>
vsr running server <server># association-type ASSOCIATION-TYPE
|
Description |
|---|---|
SERVER |
Use client association mode. This device will not provide synchronization to the configured NTP server. |
PEER |
Use symmetric active association mode. This device may provide synchronization to the configured NTP server. |
POOL |
Use client association mode with one or more of the NTP servers found by DNS resolution of the domain name given by the ‘address’ leaf. This device will not provide synchronization to the servers. |
iburst¶
Indicates whether this server should enable burst synchronization or not.
vsr running config# vrf <vrf> ntp server <server>
vsr running server <server># iburst true|false
prefer¶
Indicates whether this server should be preferred or not.
vsr running config# vrf <vrf> ntp server <server>
vsr running server <server># prefer true|false
auth-key-id¶
Integer identifier used by the client and server to designate a secret key. The client and server must use the same key id.
vsr running config# vrf <vrf> ntp server <server>
vsr running server <server># auth-key-id <leafref>
stratum (state only)¶
Indicates the level of the server in the NTP hierarchy. As stratum number increases, the accuracy is degraded. Primary servers are stratum while a maximum value of 16 indicates unsynchronized. The values have the following specific semantics: | 0 | unspecified or invalid | 1 | primary server (e.g., equipped with a GPS receiver) | 2-15 | secondary server (via NTP) | 16 | unsynchronized | 17-255 | reserved.
vsr> show state vrf <vrf> ntp server <server> stratum
root-delay (state only)¶
The round-trip delay to the server, in milliseconds.
vsr> show state vrf <vrf> ntp server <server> root-delay
root-dispersion (state only)¶
Dispersion (epsilon) represents the maximum error inherent in the measurement.
vsr> show state vrf <vrf> ntp server <server> root-dispersion
offset (state only)¶
Estimate of the current time offset from the peer. This is the time difference between the local and reference clock.
vsr> show state vrf <vrf> ntp server <server> offset
poll-interval (state only)¶
Polling interval of the peer.
vsr> show state vrf <vrf> ntp server <server> poll-interval
synchronized (state only)¶
True if we are synchronized with this server.
vsr> show state vrf <vrf> ntp server <server> synchronized
state (state only)¶
The server status in the clock selection process.
vsr> show state vrf <vrf> ntp server <server> state
time-sources¶
List of servers.
vsr running config# vrf <vrf> ntp time-sources
server¶
List of NTP servers to use for system clock synchronization. If ‘/system/ntp/enabled’ is ‘true’, then the system will attempt to contact and utilize the specified NTP servers.
vsr running config# vrf <vrf> ntp time-sources server <server>
|
Description |
|---|---|
<A.B.C.D> |
An IPv4 address. |
<X:X::X:X> |
An IPv6 address. |
<host-name> |
The domain-name type represents a DNS domain name. Fully quallified left to the models which utilize this type. Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability. The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation. Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492. |
version¶
Version number to put in outgoing NTP packets.
vsr running config# vrf <vrf> ntp time-sources server <server>
vsr running server <server># version <uint8>
- Default value
4
association-type¶
The desired association type for this NTP server.
vsr running config# vrf <vrf> ntp time-sources server <server>
vsr running server <server># association-type ASSOCIATION-TYPE
|
Description |
|---|---|
SERVER |
Use client association mode. This device will not provide synchronization to the configured NTP server. |
PEER |
Use symmetric active association mode. This device may provide synchronization to the configured NTP server. |
POOL |
Use client association mode with one or more of the NTP servers found by DNS resolution of the domain name given by the ‘address’ leaf. This device will not provide synchronization to the servers. |
- Default value
SERVER
iburst¶
Indicates whether this server should enable burst synchronization or not.
vsr running config# vrf <vrf> ntp time-sources server <server>
vsr running server <server># iburst true|false
- Default value
false
prefer¶
Indicates whether this server should be preferred or not.
vsr running config# vrf <vrf> ntp time-sources server <server>
vsr running server <server># prefer true|false
- Default value
false
auth-key-id¶
Integer identifier used by the client and server to designate a secret key. The client and server must use the same key id.
vsr running config# vrf <vrf> ntp time-sources server <server>
vsr running server <server># auth-key-id <leafref>
stratum (state only)¶
Indicates the level of the server in the NTP hierarchy. As stratum number increases, the accuracy is degraded. Primary servers are stratum while a maximum value of 16 indicates unsynchronized. The values have the following specific semantics: | 0 | unspecified or invalid | 1 | primary server (e.g., equipped with a GPS receiver) | 2-15 | secondary server (via NTP) | 16 | unsynchronized | 17-255 | reserved.
vsr> show state vrf <vrf> ntp time-sources server <server> stratum
root-delay (state only)¶
The round-trip delay to the server, in milliseconds.
vsr> show state vrf <vrf> ntp time-sources server <server> root-delay
root-dispersion (state only)¶
Dispersion (epsilon) represents the maximum error inherent in the measurement.
vsr> show state vrf <vrf> ntp time-sources server <server> root-dispersion
offset (state only)¶
Estimate of the current time offset from the peer. This is the time difference between the local and reference clock.
vsr> show state vrf <vrf> ntp time-sources server <server> offset
poll-interval (state only)¶
Polling interval of the peer.
vsr> show state vrf <vrf> ntp time-sources server <server> poll-interval
synchronized (state only)¶
True if we are synchronized with this server.
vsr> show state vrf <vrf> ntp time-sources server <server> synchronized
state (state only)¶
The server status in the clock selection process.
vsr> show state vrf <vrf> ntp time-sources server <server> state