NTP and your network

Having your entire network in time sync may seen like a luxury but when troubleshooting problems in one part of the network or the network as a whole, it can be priceless. If you have a network that crosses multiple timezones, you need to think about what timezone to use on each piece of gear. While it may make sense to set the timezone to what is local for the gear, picking a single timezone and using that firmwide will make correlating a multiple location problem that much easier. The next thing to think about is how accurate that your timestamps need to be on all the gear. If you need timestamps to be as accurate as possible, one option to consider is a local hardware timesource that uses the time stream found in the GPS signal that is available just about anywhere. There are several companies that offers solutions in this area. Do a search via your favorite search engine using the keywords ntp gps receiver. For those in the hospital or financial services industries, this may be a good option to consider. For the rest of us, we can use ntp available over the internet and use multiple servers just in case one or more may be offline or otherwise unreachable.

One website that I would suggest be put on your short list is www.pool.ntp.org. This will help you identify the best ntp servers to use for your particular location. For several years, I would use one or more of the various lists to pick the nearest ntp server(s) that were closest to me. Had to periodically check to make sure that the system clocks were still set correctly. Usually my first clue was when I was troubleshooting a problem and found that the clock was not set correctly. What I have found works best is to use the pool fqdn and let ntp’s dns servers pick the systems for you. What I have done is to use us.pool.ntp.org (change the us to whatever continent or country that you are in. I use the statement one time with the prefer keyword at the end and then again at least one or two more times. You will get different dns servers on the additional times you use the command. You may need to enable dns name resolution on the cisco devices on your network or you can issue the command on another device to get the ip addresses that you will need to use.

One thing that I would suggest is to use your most forward facing routers (i.e. your Internet router(s) for example) as your reference points for the network to get ntp info from for your network and then point everything to your internet router(s) as the point to get ntp clock info from. In this way, you are not generate what could be a significant amount of NTP traffic for what could be limited to a couple of devices and then “shared” with everything else on your network.

Send to Kindle
This entry was posted in Blog Entries. Bookmark the permalink.