This post will cover how to implement NTP in service provider network. The document will be used as reference for enterprise and corporate networks also.
In the given figure two routers which are 7600 are used as client who is getting NTP clock from the global servers. The same clock is being distributed to the downstream GSR routers. Thereafter GSR are distributing clock to the downstream tier 2 routers. This is the hierarchical implementation of NTP. In fact implementation of NTP is really a awesome job if you are having patience.
How NTP flow will work
7600 routers are getting global NTP clock of stratum 0 from global servers. List of global server is given below. Once the clock is received by 7600; both will work as master for the downstream GSR routers. Now GSRs will receive clock from 7600 as client and distribute the same clock to the downstream tier 2 routers. For sending the clock GSR will act as server for tier2 routers and client for 7600. Now tier2 routers will receive the clock from GSR as client and distribute the same clock to the downstream tier2 routers. For this we need to implement tier2 routers as servers for downstream routers and client for GSRs.
Security
Access-list is used for security purpose because once the routers will become as server; internet cloud can use the same routers as reference clock.
List of free servers
Philippines ph.pool.ntp.org
Malaysia my.pool.ntp.org
Turkey tr.pool.ntp.org
Singapore sg.pool.ntp.org
India in.pool.ntp.org
Hong Kong hk.pool.ntp.org
Japan jp.pool.ntp.org
Bangladesh bd.pool.ntp.org
Israel il.pool.ntp.org
Korea kr.pool.ntp.org
Thailand th.pool.ntp.org
Iran ir.pool.ntp.org
Taiwan tw.pool.ntp.org
China cn.pool.ntp.org
Indonesia id.pool.ntp.org
Vietnam vn.pool.ntp.org
Pakistan pk.pool.ntp.org
Oman om.pool.ntp.org
Configuration
On 7600 [Both 7600 will act as server as well as client]
Clock timezone GMT +5 30
Ntp server in.pool.ntp.org
Ntp server sg.pool.ntp.org
Ntp master 2 ---------- This command is used for creating 7600 as server
Ntp access-group peer 2
ntp access-group serve-only 1
Access-list 1 permit
Access-list 1 permit
Access-list 2 permit <7600 loopback> 0.0.0.0
Access-list 2 permit 127.127.7.1 0.0.0.0
On GSR
Clock timezone GMT +5 30
Ntp server <7600 loopback>
Ntp server <7600 loopback>
Ntp master 3
Ntp access-group peer 2
ntp access-group serve-only 1
Access-list 2 permit
Access-list 2 permit 127.127.7.1 0.0.0.0
Access-list 1 permit
On Tier2
Clock timezone GMT +5 30
Ntp server 172.29.255.254
Ntp server 172.30.255.254
Ntp master 4
Tier 2 Downstream Routers
Clock timezone GMT +5 30
Ntp server
Note:- 127.127.7.1 is used for synchronization of clock between the servers in case of failure on global NTP server.
Verfification
Show ntp associations
Show ntp status
Show ntp clock
regards
shivlu jain
Monday, March 23, 2009
NTP Implementation In Service Provider Network
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment