Manualshelf

Technical data

ManualsBrandsMonitor Products, Inc ManualsBoilerFCX-
41424344454647484950
28 FastIron Ethernet Switch Administration Guide
53-1002637-02
Network Time Protocol Version 4 (NTPv4)
2
The specific mode that you should set for each of your networking devices depends primarily on the
role that you want them to assume as a timekeeping device (server or client) and the device's
proximity to a stratum 1 timekeeping server. A networking device engages in polling when it is
operating as a client or a host in the client mode or when it is acting as a peer in the symmetric
active mode. An exceedingly large number of ongoing and simultaneous polls on a system can
seriously impact the performance of a system or slow the performance of a given network. To avoid
having an excessive number of ongoing polls on a network, you should limit the number of direct,
peer-to-peer or client-to-server associations. Instead, you should consider using NTP broadcasts to
propagate time information within a localized network.
NTP broadcast-based associations
The broadcast-based NTP associations should be used in configurations involving potentially large
client population. Broadcast-based NTP associations are also recommended for use on networks
that have limited bandwidth, system memory, or CPU resources.
The devices operating in the broadcast server mode broadcasts the NTP packets periodically which
can be picked up by the devices operating in broadcast client mode. The broadcast server is
configured using the broadcast command.
A networking device operating in the broadcast client mode does not engage in any polling.
Instead, the device receives the NTP broadcast server packets from the NTP broadcast servers in
the same subnet. The NTP broadcast client forms a temporary client association with the NTP
broadcast server. A broadcast client is configured using the broadcast client command. For
broadcast client mode to work, the broadcast server and the clients must be located on the same
subnet.
Synchronizing time
After the system peer is chosen, the system time is synchronized based on the time difference with
system peer:
If the time difference with the system peer is 128 msec and < 1000 sec, the system clock is
stepped to the system peer reference time and the NTP state information is cleared.
Authentication
The time kept on a machine is a critical resource, so it is highly recommended to use the encrypted
authentication mechanism.
The NTP can be configured to provide cryptographic authentication of messages with the
clients/peers, and with its upstream time server. Symmetric key scheme is supported for
authentication. The scheme uses MD5 keyed hash algorithm.
The authentication can be enabled using the authenticate command. The set of symmetric key and
key string is specified using the authentication-key command.
If authentication is enabled, NTP packets not having a valid MAC address are dropped.
If the NTP server/peer is configured without authentication keys, the NTP request is not sent to the
configured server/peer.
NOTE
The same set or subset of key id and key string should be installed on all NTP devices.