Cisco Nexus 7000 Series NX-OS System Management Command Reference
N Commands
Downloads: This chapterpdf (PDF - 361.0KB) The complete bookPDF (PDF - 12.71MB) | Feedback

N Commands

Table Of Contents

N Commands

ntp abort

ntp access-group

ntp authenticate

ntp authentication-key

ntp broadcast

ntp broadcastdelay

ntp commit

ntp disable

ntp distribute

ntp enable

ntp logging

ntp master

ntp multicast

ntp multicast client

ntp passive

ntp peer

ntp server

ntp source

ntp source-interface

ntp sync-retry

ntp trusted-key


N Commands


This chapter describes the Cisco NX-OS system management commands that begin with the letter N.

ntp abort

To abort the Network Time Protocol (NTP) configuration, use the ntp abort command.

ntp abort

Syntax Description

This command has no arguments or keywords.

Defaults

None

Command Modes

Global configuration mode

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release
Modification

4.1(1)

This command was introduced.


Usage Guidelines

This command does not require a license.

Examples

This example shows how to abort the NTP configuration:

switch# ntp abort
No changes to abort
switch#

Related Commands

Command
Description

ntp commit

Commits the NTP configuration.

ntp distribute

Enables Cisco Fabric Services (CFS) distribution for NTP.


ntp access-group

To configure an access group to control Network Time Protocol (NTP) access, use the ntp access-group command. To remove the NTP peer access group, use the no form of this command.

ntp access-group {peer | serve | serve-only | query-only | match-all} access-list-name

no ntp access-group {peer | serve | serve-only | query-only | match-all} access-list-name

Syntax Description

peer

Allows the device to receive time requests and NTP control queries to synchronize itself to the servers specified in the access list.

serve

Allows the device to receive time requests and NTP control queries from the servers specified in the access list but not to synchronize itself to the specified servers.

serve-only

Allows the device to receive only time requests from servers specified in the access list.

query-only

Allows the device to receive only NTP control queries from the servers specified in the access list.

match-all

Enables the access group options to be scanned in the following order: peer, serve, serve-only, query-only.

access-list-name

Name of the NTP access group. The name can be any alphanumeric string up to 32 characters, including special characters.


Defaults

If you do not configure any access groups, NTP access is granted to all devices.

Command Modes

Global configuration mode

Supported User Roles

network-admin
vdc-admin

Command History

Release
Modification

6.2(2)

Added the match-all keyword.

5.2(1)

Added the serve, serve-only, and query-only keywords.

5.0(1)

This command was introduced.


Usage Guidelines

Make sure that you are in the correct virtual device context (VDC). To change the VDC, use the switchto vdc command.

The ntp access-group match-all command causes the access group options to be scanned in the following order, from least restrictive to most restrictive: peer, serve, serve-only, query-only. If the incoming packet does not match the peer access group, the packet goes to the serve access group to be processed. If the packet does not match the serve access group, it goes to the next access group and so on. This command also enables IPv6 access group processing.

The ntp access-group match-all command is available beginning with Cisco NX-OS Release 6.2(2). If you enter the no form of this command, do not enter this command or create an access group using an earlier version of Cisco NX-OS. ACL processing stops and does not continue to the next access group option if the incoming packet does not match the peer access group or if NTP matches a deny ACL rule in a configured peer.

This command does not require a license.

Examples

This example shows how to configure a peer access group for NTP:

switch# config t
switch(config)# ntp access-group peer Admin_Group_123
switch(config)# 

This example shows how to remove an NTP peer access group:

switch# config t
switch(config)# no ntp access-group peer Admin_Group_123
switch(config)#

Related Commands

Command
Description

feature ntp

Enables the NTP on a VDC.

show ntp access-groups

Displays the NTP access groups.


ntp authenticate

To enable Network Time Protocol (NTP) authentication, use the ntp authenticate command. To disable NTP authentication, use the no form of this command.

ntp authenticate

no ntp authenticate

Syntax Description

This command has no arguments or keywords.

Defaults

Disabled

Command Modes

Global configuration mode (config)

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release
Modification

5.0(1)

This command was introduced.


Usage Guidelines

Make sure that you are in the correct virtual device context (VDC). To change the VDC, use the switchto vdc command.

This command does not require a license.

Examples

This example shows how to enable NTP authentication:

switch(config)# ntp authenticate
switch(config)#
 
   

This example shows how to disable NTP authentication:

switch(config)# no ntp authenticate
switch(config)#

Related Commands

Command
Description

ntp authentication-key

Configures an NTP authentication key.

ntp trusted-key

Configures one or more keys that a time source must provide in its NTP packets in order for the device to synchronize to it.

show ntp
authentication-status

Displays the status of NTP authentication.


ntp authentication-key

To configure a Network Time Protocol (NTP) authentication key, use the ntp authentication-key command. To remove the NTP authentication key, use the no form of this command.

ntp authentication-key number md5 md5-string

no ntp authentication-key number md5 md5-string

Syntax Description

number

Authentication key number. The range is from 1 to 65535.

md5

Specifies the MD5 algorithm for authentication.

md5-string

MD5 string. Cisco NX-OS Release 5.2(3) and later 5.x releases support up to 15 alphanumeric characters for the MD5 string. Earlier 5.x releases and Cisco NX-OS Release 6.0(1) support up to 8 alphanumeric characters.


Defaults

Disabled

Command Modes

Global configuration mode (config)

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release
Modification

5.2(3)

Increases the length of NTP authentication keys from 8 to 15 alphanumeric characters.

5.0(1)

This command was introduced.


Usage Guidelines

Make sure that you are in the correct virtual device context (VDC). To change the VDC, use the switchto vdc command.

The device does not synchronize to a time source unless the source has one of these authentication keys and the key number is specified by the ntp trusted-key command.

This command does not require a license.

Examples

This example shows how to configure an NTP authentication key:

switch# config t

switch(config)# ntp authentication-key 42 md5 aNiceKey

switch(config)# 

This example shows how to remove the NTP authentication key:

switch# config t

switch(config)# no ntp authentication-key 42 md5 aNiceKey

switch(config)#

Related Commands

Command
Description

show ntp authentication-key

Configures one or more keys that a time source must provide in its NTP packets in order for the device to synchronize to it.


ntp broadcast

To enable a Network Time Protocol (NTP) IPv4 broadcast server on the specified interface, use the ntp broadcast command. To disable the NTP IPv4 broadcast server, use the no form of this command.

ntp broadcast [destination ip-address] [key key-id] [version number]

no ntp broadcast [destination ip-address] [key key-id] [version number]

Syntax Description

destination ip-address

(Optional) Configures the broadcast destination IPv4 address.

key key-id

(Optional) Configures the broadcast authentication key number. The range is from 1 to 65535.

version number

(Optional) Configures the NTP version. The range is from 2 to 4.


Defaults

None

Command Modes

Interface configuration mode (config-if)

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release
Modification

6.2(2)

This command was introduced.


Usage Guidelines

Use NTP broadcast or multicast associations when time accuracy and reliability requirements are modest, your network is localized, and the network has more than 20 clients. We recommend that you use NTP broadcast or multicast associations in networks that have limited bandwidth, system memory, or CPU resources.


Note Time accuracy is marginally reduced in NTP broadcast associations because information flows only one way.


This command does not require a license.

Examples

This example shows how to enable an NTP IPv4 broadcast server on the interface:

switch# configure terminal
switch(config)# interface ethernet 6/1
switch(config-if)# ntp broadcast destination 192.0.2.10

Related Commands

Command
Description

ntp enable

Enables NTP.


ntp broadcastdelay

To configure the estimated Network Time Protocol (NTP) broadcast round-trip delay, use the ntp broadcastdelay command. To disable the estimated broadcast round-trip delay, use the no form of this command.

ntp broadcastdelay [delay]

no ntp broadcastdelay [delay]

Syntax Description

delay

(Optional) Broadcast round-trip delay in microseconds. The range is from 1 to 999999.


Defaults

None

Command Modes

Global configuration mode

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release
Modification

6.2(2)

This command was introduced.


Usage Guidelines

Use NTP broadcast or multicast associations when time accuracy and reliability requirements are modest, your network is localized, and the network has more than 20 clients. We recommend that you use NTP broadcast or multicast associations in networks that have limited bandwidth, system memory, or CPU resources.


Note Time accuracy is marginally reduced in NTP broadcast associations because information flows only one way.


This command does not require a license.

Examples

This example shows how to configure the estimated broadcast round-trip delay:

switch# configure terminal
switch(config-if)# ntp broadcastdelay 100

Related Commands

Command
Description

ntp enable

Enables NTP.


ntp commit

To commit the Network Time Protocol (NTP) configuration, use the ntp commit command.

ntp commit

Syntax Description

This command has no arguments or keywords.

Defaults

None

Command Modes

Global configuration mode

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release
Modification

4.1(1)

This command was introduced.


Usage Guidelines

This command does not require a license.

Examples

This example shows how to commit the NTP configuration:

switch# ntp commit
switch#

Related Commands

Command
Description

ntp abort

Aborts the NTP configuration.

ntp distribute

Enables Cisco Fabric Services (CFS) distribution for NTP.


ntp disable

To disable Network Time Protocol (NTP), use the ntp disable command. To reenable NTP, use the no form of this command.

ntp disable {ip | ipv6}

no ntp disable {ip | ipv6}

Syntax Description

ip

Disables IPv4 on the interface.

ipv6

Disables IPv6 on the interface.


Defaults

Enabled

Command Modes

Interface configuration mode

Supported User Roles

network-admin
vdc-admin

Command History

Release
Modification

6.2(2)

This command was introduced.


Usage Guidelines

This command does not require a license.

Examples

This example shows how to disable NTP:

switch# ntp disable
 
   

Related Commands

Command
Description

ntp enable

Enables NTP.


ntp distribute

To enable Cisco Fabric Services (CFS) distribution for the Network Time Protocol (NTP), use the ntp distribute command. To disable this feature, use the no form of this command.

ntp distribute

no ntp distribute

Syntax Description

This command has no arguments or keywords.

Defaults

None

Command Modes

Global configuration mode

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release
Modification

4.1(1)

This command was introduced.


Usage Guidelines

This command does not require a license.

Examples

This example shows how to distribute the active NTP configuration to the fabric:

switch(config)# ntp distribute
switch(config)#
 
   
This example shows how to stop distribution of the active NTP configuration to the fabric:
 
   
switch(config)# no ntp distribute
switch(config)#

Related Commands

Command
Description

ntp abort

Aborts the NTP configuration.

ntp commit

Commits the NTP configuration.


ntp enable

To enable Network Time Protocol (NTP), use the ntp enable command. To disable NTP, use the no command form.

ntp enable

no ntp enable

Syntax Description

This command has no arguments or keywords.

Defaults

Enabled

Command Modes

Global configuration mode

Supported User Roles

network-admin
vdc-admin

Command History

Release
Modification

5.2(1)

This command was deprecated.

4.0(3)

This command was introduced.


Usage Guidelines

NTP must be configured in the default VDC. It cannot be configured in any other VDC.

This command does not require a license.

Examples

This example shows how to disable NTP:

switch# no ntp enable
 
   

Related Commands

Command
Description

ntp server

Configures a remote NTP server.


ntp logging

To enable Network Time Protocol (NTP) logging, use the ntp logging command. To disable NTP logging, use the no form of this command.

ntp logging

no ntp logging

Syntax Description

This command has arguments or keywords.

Defaults

Disabled

Command Modes

Global configuration mode (config)

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release
Modification

5.0(1)

This command was introduced.


Usage Guidelines

This command does not require a license.

Make sure that you are in the correct virtual device context (VDC). To change the VDC, use the switchto vdc command.

Examples

This example shows how to enable NTP logging:

switch# config t
switch(config)# ntp logging
switch(config)# 

This example shows how to disable NTP logging:

switch# config t
switch(config)# no ntp logging
switch(config)#

Related Commands

Command
Description

show ntp
logging-status

Displays the NTP logging status.

show ntp statistics

Displays the NTP statistics.


ntp master

To configure the device to act as an authoritative Network Time Protocol (NTP) server, use the ntp master command. To remove the device as an authoritative NTP server, use the no form of this command.

ntp master [stratum]

no ntp master [stratum]

Syntax Description

stratum

(Optional) Stratum level. The range is from 1 to 15.


Defaults

None

Command Modes

Global configuration mode

Supported User Roles

network-admin
vdc-admin

Command History

Release
Modification

5.2(1)

This command was introduced.


Usage Guidelines

This command enables the device to distribute time even when it is not synchronized to an existing time server.

Make sure that you are in the correct virtual device context (VDC). To change the VDC, use the switchto vdc command.

This command does not require a license.

Examples

This example shows how to configure the device to act as an authoritative NTP server:

switch# configure terminal
switch(config)# feature ntp
switch(config)# ntp master 5
 
   

This example shows how to remove a device as an authoritative NTP server:

switch# configure terminal

switch(config)# no ntp master 5

Related Commands

Command
Description

feature ntp

Enables NTP on a virtual device context (VDC).

show running-config ntp

Displays information about the NTP configuration that is currently running on the switch.


ntp multicast

To enable an Network Time Protocol (NTP) IPv4 or IPv6 multicast server on the interface, use the ntp multicast command. To disable an NTP multicast server on the interface, use the no form of this command.

ntp multicast [ipv4-address | ipv6 address] [key key-id] [ttl value] [version number]

no ntp multicast [ipv4-address | ipv6 address] [key key-id] [ttl value] [version number]

Syntax Description

ip4-address

(Optional) Multicast IPv4 address.

ipv6-address

(Optional) Multicast IPv6 address.

key key-id

(Optional) Configures the broadcast authentication key number. The range is from 1 to 65535.

ttl value

(Optional) Configures the time-to-live (TTL) value of the multicast packets. The range is from 1 to 255

version number

(Optional) Configures the NTP version. The range is from 2 to 4.


Defaults

None

Command Modes

Interface configuration mode

Supported User Roles

network-admin
vdc-admin

Command History

Release
Modification

6.2(2)

This command was introduced.


Usage Guidelines

You can use the ntp multicast command to configure an NTP IPv4 or IPv6 multicast server on an interface. The device then sends multicast packets through that interface periodically.

Use NTP broadcast or multicast associations when time accuracy and reliability requirements are modest, your network is localized, and the network has more than 20 clients. We recommend that you use NTP broadcast or multicast associations in networks that have limited bandwidth, system memory, or CPU resources.

This command does not require a license.

Examples

This example shows how to configure an NTP IPv6 multicast server on an interface:

switch(config)# interface ethernet 6/1
switch(config-if)# ntp multicast FF02:1::FF0E:8C6C
 
   

Related Commands

Command
Description

feature ntp

Enables NTP on a virtual device context (VDC).

ntp multicast client

Configures an NTP multicast client on an interface.

show running-config ntp

Displays information about the NTP configuration that is currently running on the switch.


ntp multicast client

To configure a Network Time Protocol (NTP) multicast client on an interface, use the ntp multicast client command. To disable an NTP multicast client on the interface, use the no form of this command.

ntp multicast client [ipv4-address | ipv6 address]

no ntp multicast client [ipv4-address | ipv6 address]

Syntax Description

ip4-address

(Optional) Multicast IPv4 address.

ipv6-address

(Optional) Multicast IPv6 address.


Defaults

None

Command Modes

Interface configuration mode

Supported User Roles

network-admin
vdc-admin

Command History

Release
Modification

6.2(2)

This command was introduced.


Usage Guidelines

You can use the ntp multicast client command to configure an NTP multicast client on an interface. The device then listens to NTP multicast messages and discards any messages that come from an interface for which multicast is not configured.

Use NTP broadcast or multicast associations when time accuracy and reliability requirements are modest, your network is localized, and the network has more than 20 clients. We recommend that you use NTP broadcast or multicast associations in networks that have limited bandwidth, system memory, or CPU resources.

This command does not require a license.

Examples

This example shows how to configure an NTP IPv6 multicast server on an interface:

switch(config)# interface ethernet 6/1
switch(config-if)# ntp multicast client FF02:1::FF0E:8C6C
 
   

Related Commands

Command
Description

ntp multicast

Configures an NTP multicast server on an interface.

feature ntp

Enables NTP on a virtual device context (VDC).

show running-config ntp

Displays information about the NTP configuration that is currently running on the switch.


ntp passive

To enable Network Time Protocol (NTP) to send synchronization responses and form associations, use the ntp passive command. To prevent NTP from forming associations, use the no form of this command.

ntp passive

no ntp passive

Syntax Description

This command has arguments or keywords.

Command Modes

Global configuration mode

Supported User Roles

network-admin
vdc-admin

Command History

Release
Modification

6.2(2)

This command was introduced.


Usage Guidelines

Make sure that you are in the correct virtual device context (VDC). To change the VDC, use the switchto vdc command.

This command is available beginning with Cisco NX-OS Release 6.2(2). In previous releases, associations are enabled automatically and cannot be disabled.

This command does not require a license.

Examples

This example shows how to enable NTP to form associations:

switch# configure terminal
switch(config)# feature ntp
switch(config)# ntp passive
 
   

Related Commands

Command
Description

feature ntp

Enables NTP on a VDC.

show running-config ntp

Displays information about the NTP configuration that is currently running on the switch.


ntp peer

To configure a device as a Network Time Protocol (NTP) peer, use the ntp peer command. To remove the device as an NTP peer, use the no form of this command.

ntp peer {ip-address | ipv6-address | dns-name} [key key-id] [prefer] [use-vrf vrf-name]

no ntp peer {ip-address | ipv6-address | dns-name} [key key-id] [prefer] [use-vrf vrf-name]

Syntax Description

ip-address

IPv4 address.

ipv6-address

IPv6 address.

dns-name

Domain Name Server (DNS) name.

key

(Optional) Specifies the key to be used for associating with a server.

key-id

Key ID. The range is from 1 to 65535.

prefer

(Optional) Specifies the given NTP server as the preferred one.

use-vrf

(Optional) Specifies the virtual routing and forwarding (VRF) name.

vrf-name

VRF name. The VRF name can be default, management, or any case-sensitive, alphanumeric string up to 32 characters.


Defaults

None

Command Modes

Global configuration mode (config)

Supported User Roles

network-admin
vdc-admin
network-operator
vdc-operator

Command History

Release
Modification

5.0(1)

This command was introduced.


Usage Guidelines

Make sure that you are in the correct virtual device context (VDC). To change the VDC, use the switchto vdc command.

You can configure multiple peer associations.

If you configure a key to be used while communicating with the NTP server, make sure that the key exists as a trusted key on the device.

This command does not require a license.

Examples

This example shows how to configure an NTP peer:

switch(config)# config t
switch(config)# ntp peer 190.0.2.1 key 123 prefer use-vrf RED
switch(config)#
 
   
This example shows how to remove an NTP peer:
 
   
switch# config t
switch(config)# no ntp peer 190.0.2.1
switch(config)#

Related Commands

Command
Description

ntp server

Configures an NTP server.

show ntp peers

Displays all the NTP peers.

show ntp peer-status

Displays the status for all the server/peers.


ntp server

To configure a Network Time Protocol (NTP) server, use the ntp server command. To remove the NTP server, use the no form of this command.

ntp server {ip-address | ipv6-address | dns-name} [key key-id] [prefer] [use-vrf vrf-name]

no ntp server {ip-address | ipv6-address | dns-name} [key key-id] [prefer] [use-vrf vrf-name]

Syntax Description

ip-address

IPv4 address.

ipv6-address

IPv6 address.

dns-name

Domain Name Server (DNS) name.

key

(Optional) Specifies the key to be used for associating with a server.

key-id

Key ID. The range is from 1 to 65535.

prefer

(Optional) Specifies the given NTP server as the preferred one.

use-vrf

(Optional) Specifies the virtual routing and forwarding (VRF) name.

vrf-name

VRF name. The VRF name can be default, management, or any case-sensitive, alphanumeric string up to 32 characters.


Defaults

None

Command Modes

Global configuration mode (config)

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release
Modification

5.0(1)

This command was introduced.


Usage Guidelines

Make sure that you are in the correct virtual device context (VDC). To change the VDC, use the switchto vdc command.

If you configure a key to be used while communicating with the NTP server, make sure that the key exists as a trusted key on the device.

This command does not require a license.

Examples

This example shows how to configure an NTP server:

switch(config) config t
switch(config)# ntp server 190.0.2.10 key 123 prefer use-vrf RED
switch(config)# 

This example shows how to remove an NTP server:

switch# config t
switch(config)# no ntp server 190.0.2.10 key 123 prefer use-vrf RED
switch(config)#

Related Commands

Command
Description

ntp peer

Configures a device as an NTP peer.

show ntp peer-status

Displays the status of all NTP servers and peers.

show ntp peers

Displays all the NTP peers.


ntp source

To configure the Network Time Protocol (NTP) source, use the ntp source command. To remove the NTP source, use the no form of this command.

ntp source addr

no ntp source addr

Syntax Description

addr

IPv4 or IPv6 address of the source. The IPv4 address format is dotted decimal, x.x.x.x. The IPv6 address format is hex A:B::C:D.


Defaults

None

Command Modes

Global configuration mode (config)

Supported User Roles

network-admin
vdc-admin

Command History

Release
Modification

4.0(1)

This command was introduced.


Usage Guidelines

This command does not require a license.

Examples

This example shows how to configure the NTP source:

switch(config)# ntp source 192.0.2.3
 
   

This example shows how to remove the NTP source:

switch(config)# no ntp source 192.0.2.3
 
   

Related Commands

Command
Description

show ntp source

Displays information about the NTP source.


ntp source-interface

To configure the Network Time Protocol (NTP) source interface, use the ntp source-interface command. To remove an NTP source interface, use the no form of this command.

ntp source-interface if_index

no ntp source-interface if_index

Syntax Description

if_index

Source interface.


Defaults

None

Command Modes

Global configuration mode (config)

Supported User Roles

network-admin
vdc-admin

Command History

Release
Modification

4.1(3)

This command was introduced.


Usage Guidelines

This command does not require a license.

Examples

This example shows how to configure an NTP source interface:

switch(config)# ntp source-interface loopback 1
switch(config)#
 
   

This example shows how to remove an NTP source configuration:

switch(config)# no ntp source-interface loopback 1
switch(config)#

Command
Description

show ntp source-interface

Displays information about the NTP source interface.


ntp sync-retry

To resynchronize the Network Time Protocol (NTP) with configured NTP servers, use the ntp sync-retry command.

ntp sync-retry

Syntax Description

This command has no arguments or keywords.

Defaults

None

Command Modes

Any command mode

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release
Modification

4.0(1)

This command was introduced.


Usage Guidelines

This command does not require a license.

Examples

This example shows how to resynchronize NTP:

switch# ntp sync-retry
 
   

Related Commands

Command
Description

ntp server

Configures a remote NTP server.


ntp trusted-key

To configure one or more keys that a time source must provide in its Network Time Protocol (NTP) packets in order for the device to synchronize to it, use the ntp trusted-key command. To remove the NTP trusted key, use the no form of this command.

ntp trusted-key number

no ntp trusted-key number

Syntax Description

number

Trusted key number. The range is from 1 to 65535.


Defaults

None

Command Modes

Global configuration mode (config)

Supported User Roles

network-admin
network-operator
vdc-admin
vdc-operator

Command History

Release
Modification

5.0(1)

This command was introduced.


Usage Guidelines

Make sure that you are in the correct virtual device context (VDC). To change the VDC, use the switchto vdc command.

This command provides protection against accidentally synchronizing the device to a time source that is not trusted.

This command does not require a license.

Examples

This example shows how to configure an NTP trusted key:

switch# config t
switch(config)# ntp trusted-key 42
switch(config)# 

This example shows how to remove the NTP trusted key:

switch# config t 
switch(config)# no ntp trusted-key 42
switch(config)#

Related Commands

Command
Description

show ntp trusted-keys

Displays the status of NTP authentication.