6-2
Catalyst 2940 Switch Software Configuration Guide
78-15507-02
Chapter6 Administering the Switch
Managing the System Time and Date
The system clock can provide time to these services:
User show commands
Logging and debugging messages
The system clock keeps track of time internally based on Universal Time Coordinated (UTC), also
known as Greenwich Mean Time (GMT). You can configure information about the local time zone and
summer time (daylight saving time) so that the time is correctly displayed for the local time zone.
The system clock keeps track of whether the time is authoritative or not (that is, whether it has been set
by a time source considered to be authoritative). If it is not authoritative, the time is available only for
display purposes and is not redistributed. For configuration information, see the “Configuri ng Time and
Date Manually” section on page 6-10.
Understanding Network Time Protocol
The NTP is designed to time-synchronize a network of devices. NTP runs over User Datagram Pr otocol
(UDP), which runs over IP. NTP is documented in RFC 1305.
An NTP network usually gets its time from an authoritative time source , such as a r adio cl ock o r an
atomic clock attached to a time server. NTP then distributes this time across the network. NTP is
extremely efficient; no more than one packet per minute is necessary to synchronize two devices to
within a millisecond of one another.
NTP uses the concept of a stratum to describe how many NTP hops away a device is from an
authoritative time source. A stratum 1 time server has a radio or atomic clock directly attached, a
stratum 2 time server receives its time through NTP from a stratum 1 time server, and so on. A device
running NTP automatically chooses as its time source the device with the lowest stratum number with
which it communicates through NTP. This strategy effectively builds a self-organizing tree of NTP
speakers.
NTP avoids synchronizing to a device whose time might not be accurate by never synchronizing to a
device that is not synchronized. NTP also compares the time reported by several devices and does not
synchronize to a device whose time is significantly different than the others, even if its stratum is lower.
The communications between devices running NTP (known as associations) are usually statically
configured; each device is given the IP address of all devices with which it should form associations.
Accurate timekeeping is possible by exchanging NTP messages between ea ch pa ir o f devices w it h an
association. However, in a LAN environment, NTP can be configured to use IP broadcast messages
instead. This alternative reduces configuration complexity because each device can simply be configu red
to send or receive broadcast messages. However, in that case, information flow is one-way only.
The time kept on a device is a critical resource; you should use the security features of NTP to avoid the
accidental or malicious setting of an incorrect time. Two mec hani sms a re available: an access list-based
restriction scheme and an encrypted authentication mech anism .
Cisco’s implementation of NTP does not support stratum 1 service; it is not possible to connect to a radio
or atomic clock. We recommend that the time service for your network be derived from the public NTP
servers available on the IP Internet. Figure6-1 show a typical network example using NTP.
If the network is isolated from the Internet, Cisco’s implementation of NTP allows a device to act as
though it is synchronized through NTP, when in fact it has determined the time by using othe r mean s.
Other devices then synchronize to that device through NTP.
When multiple sources of time are available, NTP is always considered to be more authoritative. NTP
time overrides the time set by any other method.