User's Manual
7-2
Cisco IE 2000 Switch Software Configuration Guide
OL-25866-01
Chapter 7  Performing Switch Administration
Information About Performing Switch Administration
The system clock keeps track of whether the time is authoritative or not (that is, whether it has been set 
by a time source considered to be authoritative). If it is not authoritative, the time is available only for 
display purposes and is not redistributed. For configuration information, see the 
“Configuring Time and 
Date Manually” section on page 7-9.
Network Time Protocol
NTP is designed to time-synchronize a network of devices. NTP runs over User Datagram Protocol 
(UDP), which runs over IP. NTP is documented in RFC 1305. 
An NTP network usually gets its time from an authoritative time source, such as a radio clock or an 
atomic clock attached to a time server. NTP then distributes this time across the network. NTP is 
extremely efficient; no more than one packet per minute is necessary to synchronize two devices to 
within a millisecond of one another.
NTP uses the concept of a stratum to describe how many NTP hops away a device is from an 
authoritative time source. A stratum 1 time server has a radio or atomic clock directly attached, a 
stratum
 2 time server receives its time through NTP from a stratum 1 time server, and so on. A device 
running NTP automatically chooses as its time source the device with the lowest stratum number with 
which it communicates through NTP. This strategy effectively builds a self-organizing tree of NTP 
speakers.
NTP avoids synchronizing to a device whose time might not be accurate by never synchronizing to a 
device that is not synchronized. NTP also compares the time reported by several devices and does not 
synchronize to a device whose time is significantly different than the others, even if its stratum is lower.
The communications between devices running NTP (known as associations) are usually statically 
configured; each device is given the IP address of all devices with which it should form associations. 
Accurate timekeeping is possible by exchanging NTP messages between each pair of devices with an 
association. However, in a LAN environment, NTP can be configured to use IP broadcast messages 
instead. This alternative reduces configuration complexity because each device can simply be configured 
to send or receive broadcast messages. However, in that case, information flow is one-way only.
The time kept on a device is a critical resource; you should use the security features of NTP to avoid the 
accidental or malicious setting of an incorrect time. Two mechanisms are available: an access list-based 
restriction scheme and an encrypted authentication mechanism.
Cisco’s implementation of NTP does not support stratum 1 service; it is not possible to connect to a radio 
or atomic clock. We recommend that the time service for your network be derived from the public NTP 
servers available on the IP Internet.










