Date and time

On the server

Changing the server’s date and time, or time zone

  1. Display the server’s current system date and time:

    router{}show date
    
  2. If necessary, change the server’s system date and time:

    router{}date [MMDDhhmm[[CC]YY][.ss]]
    
    MM

    Month. A number from 1 to 12.

    DD

    Day. A number from 1 to 31.

    hh

    Hours. A number from 0 to 23.

    mm

    Minutes. A number from 0 to 59. Mandatory.

    CC

    Century (either 19 or 20).

    YY

    Year in abbreviated form (e.g. 89 for 1989, 06 for 2006).

    ss

    Seconds. A number from 0 to 61 (59 plus a maximum of two leap seconds).

  3. If necessary, change the server’s time zone:

    router{myconfig-gen}timezone GMT|(REGION CITY)
    
    GMT

    Use Greenwich Mean Time zone (also known as CUT). Default.

    REGION

    Local region

    CITY

    Local city

    Note

    To list all available region or city names, press the <TAB> key twice.

Examples

router{}date 0613162785   # Sets the date to June 13, 1985, 4:27 PM.
router{}date 05251432     # Sets the date to May 25, 2:32 PM, without modifying the year.
router{myconfig-gen}timezone Europe Paris     # Sets the time zone to Paris, France.

Via NTP

The NTP protocol (documented in RFC 1305) allows to time-synchronize a network of machines with remote NTP servers.

NTP runs over UDP (port 123) which in turn runs over both IPv4 and IPv6. The Turbo Router NTP client complies with versions 1 to 4 of the protocol.

You can set up NTP:

  • Statically: you must then define the IP addresses of the machines with which the equipment will establish an association (communication between the NTP client and the NTP server).
  • Via IP broadcast messages: timekeeping accuracy is then weaker, because the information flow is one-way only.

In either case, you can secure communication with the NTP server.

Specifying the NTP servers

  1. Enter the ntp context:

    router{myconfig}ntp
    
  2. Display the current NTP configuration:

    router{myconfig-ntp}display
    

    Note

    To display the current NTP configuration in another context than ntp, enter:

    router{myconfig}display ntp
    
  3. Set the NTP default version:

    router{myconfig-ntp}defaultversion NUMBER
    
    NUMBER

    NTP version number, from 1 to 4. Default is 4.

    By default, all NTP commands use this NTP version.

  4. Specify one or more NTP servers to use at boot time. When the ntp service starts, it immediately synchronizes time with the first reachable boot server:

    router{myconfig-ntp}bootserver {dhcp|HOST} [key NUMBER] [version VERSION]
    
    dhcp

    The DHCP client provides the bootserver address.

    HOST

    Remote NTP server name or IP address.

    key NUMBER

    md5 key number (reference to the NTP server’s MD5 key), from 1 to 65536 (NTPv3 or NTPv4). Required to authenticate the session with the NTP server.

    version VERSION

    NTP version number, from 1 to 4.

    Note

    To remove a boot server from the list of NTP boot servers, enter:

    router{myconfig-ntp}delete bootserver {HOST|all}
    

    Note

    A valid configuration must define at least one boot server.

  5. Specify one or more NTP remote servers to maintain system time after the NTP service has started:

    router{myconfig-ntp}remoteserver {dhcp|HOST} [key NUMBER] [version VERSION] [prefer]
    
    HOST

    Unicast, broadcast or multicast IP address, or host name of the NTP server. In broadcast mode, NTP broadcast messages are received by any local interface.

    key NUMBER

    md5 key number (reference to the NTP server’s MD5 key), from 1 to 65536 (NTPv3 or NTPv4). Required to authenticate the session with the NTP server.

    version VERSION

    NTP version number, from 1 to 4.

    prefer

    Mark the peer as the preferred peer for time synchronization.

    Note

    To remove a remote server from the list of NTP servers, enter:

    router{myconfig-ntp}delete remoteserver {HOST|all}
    

    Note

    A valid configuration must define at least one remote server.

  6. Set the NTP default polling interval:

    router{myconfig-ntp}defaultpolling number
    
    number

    NTP polling interval, ranging from 1 to 99 (power of 2 seconds). Default is 8.

  7. Enable NTP:

    router{myconfig-ntp}ntp enable
    

    Note

    To disable NTP, enter:

    router{myconfig-ntp}ntp disable
    

Securing NTP

To avoid man-in-the-middle attacks, NTP can authenticate the time source by using an agreed set of MD5 encrypted keys between the time source and the client.

  1. Enter the ntp context:

    router{myconfig}ntp
    
  2. Enable NTP message authentication:

    router{myconfig-ntp}authentication enable
    

    Note

    To disable NTP message authentication, enter:

    router{myconfig-ntp}authentication disable
    
  3. Add an authentication key:

    router{myconfig-ntp}key INDEX VALUE
    
    INDEX

    md5 key number (reference to the NTP server’s MD5 key), from 1 to 65536 (NTPv3 or NTPv4).

    VALUE

    1-32 ASCII string.

    Note

    • The NTP server must use an md5 key number.

    • To delete an authentication key, enter:

      router{myconfig-ntp}delete key {INDEX|all}
      

See also

md5 key number

NTP configuration example

router{myconfig-ntp}ntp enable
router{myconfig-ntp}bootserver 1.2.3.4
router{myconfig-ntp}key 1 azerty
router{myconfig-ntp}key 2 qwerty
router{myconfig-ntp}remoteserver ntp.mynetwork.com key 1 version 3
router{myconfig-ntp}remoteserver 3ffe::1 key 2 version 3 prefer