Table Of Contents

NTP Commands on Cisco IOS XR Software

access-group (NTP)

authenticate (NTP)

authentication-key (NTP)

broadcast

broadcast client

broadcastdelay

interface (NTP)

master

max-associations

ntp

ntp clear

peer (NTP)

server (NTP)

show calendar

show ntp associations

show ntp status

source

trusted-key

update-calendar

NTP Commands on Cisco IOS XR Software

---

This chapter describes the Cisco IOS XR Network Time Protocol (NTP) commands used to perform basic network time management tasks, including synchronizing time settings and coordinating time distribution over the network.

When an NTP server or client is configured, NTP features are available on all router interfaces. NTP features can be disabled for any specified interface, local or remote, to the route processor (RP).

For detailed information about NTP concepts, configuration tasks, and examples, see the Implementing NTP on Cisco IOS XR Software module.

access-group (NTP)

To control access to Network Time Protocol (NTP) services for a networking device, use the access-group command in NTP configuration mode. To remove the access-group command from the configuration file and restore the system to its default condition with respect to this command, use the no form of this command.

access-group {peer | query-only | serve | serve-only} access-list-name

no access-group {peer | query-only | serve | serve-only}

Syntax Description

peer	Allows time requests and NTP control queries and allows a networking device to synchronize to the remote system.
query-only	Allows only NTP control queries. The Cisco IOS XR software uses NTP Version 4, but the RFC for Version 3 (RFC 1305: Network Time Protocol (Version 3) — Specification, Implementation and Analysis) still applies.
serve	Allows time requests and NTP control queries, but does not allow the networking device to synchronize to the remote system.
serve-only	Allows only time requests.
access-list-name	Name of an IPv4 access list.

Defaults

No NTP access control is configured.

Command Modes

NTP configuration

Command History

Release	Modification
Release 2.0	This command was introduced on the Cisco CRS-1.
Release 3.0	No modification.
Release 3.2	This command was first supported on the Cisco XR 12000 Series Router.
Release 3.3.0	No modification.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

The access group options are scanned in the following order from least restrictive to most restrictive:

1. peer

2. serve

3. serve-only

4. query-only

Access is granted for the first match that is found. If no access groups are specified, all access is granted to all sources. If any access groups are specified, only the specified access is granted. This facility provides minimal security for the time services of the system. However, it can be circumvented by a determined programmer. If tighter security is desired, use the NTP authentication facility.

Task ID

Task ID	Operations
ip-services	read, write

Examples

The following example shows how to configure the system to allow itself to be synchronized by a peer from an access list named access1 and to restrict access to allow only time requests from an access list named access2:

RP/0/RP0/CPU0:router(config-ntp)# access-group peer access1

RP/0/RP0/CPU0:router(config-ntp)# access-group serve-only access2

Related Commands

Command	Description
ipv4 access-list	Defines an IPv4 access list name.

authenticate (NTP)

To enable Network Time Protocol (NTP) authentication, use the authenticate command in NTP configuration mode. To restore the system to its default condition, use the no form of this command.

authenticate

no authenticate

Syntax Description

This command has no arguments or keywords.

Defaults

No NTP authentication is configured.

Command Modes

NTP configuration

Command History

Release	Modification
Release 2.0	This command was introduced on the Cisco CRS-1.
Release 3.0	No modification.
Release 3.2	This command was first supported on the Cisco XR 12000 Series Router.
Release 3.3.0	No modification.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Use the authenticate command to enable NTP authentication. When NTP authentication is enabled, the system will not synchronize to a time source unless it carries one of the authentication keys specified by the trusted-key command. Packets failing the authentication check will be dropped.

Task ID

Task ID	Operations
ip-services	read, write

Examples

The following example shows how to configure the system to synchronize only to a system that provides an authentication key 42 in its NTP packets:

RP/0/RP0/CPU0:router(config)# ntp

RP/0/RP0/CPU0:router(config-ntp)# authenticate

RP/0/RP0/CPU0:router(config-ntp)# authentication-key 42 md5 clear key1 

RP/0/RP0/CPU0:router(config-ntp)# trusted-key 42

Related Commands

Command	Description
authentication-key (NTP)	Defines an authentication key for NTP.
trusted-key	Designates the key or keys to be trusted.

authentication-key (NTP)

To define an authentication key for a trusted Network Time Protocol (NTP) time source, use the authentication-key command in NTP configuration mode. To restore the system to its default condition, use the no form of this command.

authentication-key key-number md5 [clear | encrypted] key-name

no authentication-key key-number

Syntax Description

key-number	Authentication key. A number in the range from 1 to 65535.
md5	Provides message authentication support using the Message Digest 5 (MD5) algorithm.
clear	(Optional) Specifies that the key value entered after this keyword is unencrypted.
encrypted	(Optional) Specifies that the key value entered after this keyword is encrypted.
key-name	Key value. The maximum length is 32 characters.

Defaults

No authentication key is defined for NTP.

Command Modes

NTP configuration

Command History

Release	Modification
Release 2.0	This command was introduced on the Cisco CRS-1.
Release 3.0	No modification.
Release 3.2	This command was first supported on the Cisco XR 12000 Series Router.
Release 3.3.0	No modification.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Use the authentication-key command to define authentication keys for use with trusted NTP time sources.

---

Note When this command is written to NVRAM, the key is encrypted so that it is not displayed when the configuration is displayed.

---

Task ID

Task ID	Operations
ip-services	read, write

Examples

The following example shows how to configure the system to synchronize only to systems providing authentication key 42 in their NTP packets:

RP/0/RP0/CPU0:router(config)# ntp

RP/0/RP0/CPU0:router(config-ntp)# authenticate

RP/0/RP0/CPU0:router(config-ntp)# authentication-key 42 md5 clear key1

RP/0/RP0/CPU0:router(config-ntp)# trusted-key 42

Related Commands

Command	Description
authenticate (NTP)	Enables NTP authentication.
peer (NTP)	Configures the system clock to synchronize a peer or to be synchronized by a peer.
server (NTP)	Allows the system clock to be synchronized by a time server.
trusted-key	Designates the key or keys to be trusted.

broadcast

To create a Network Time Protocol (NTP) broadcast server on a specified NTP interface, use the broadcast command in NTP interface configuration mode. To remove the broadcast command from the configuration file and restore the system to its default condition, use the no form of this command.

broadcast [destination ip-address] [key key-id] [version number]

no broadcast [destination ip-address] [key key-id] [version number]

Syntax Description

destination ip-address	(Optional) Specifies the host IPv4 address.
key key-id	(Optional) Defines the authentication key, where key-id is the authentication key to use when sending packets to this peer. The key identified by the key-id value is also used for packets received from the peer.
version number	(Optional) Number from 1 to 4 indicating the NTP version.

Defaults

No NTP broadcast servers are configured.

Command Modes

NTP interface configuration

Command History

Release	Modification
Release 2.0	This command was introduced on the Cisco CRS-1.
Release 3.0	No modification.
Release 3.2	This command was first supported on the Cisco XR 12000 Series Router.
Release 3.3.0	No modification.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Use broadcast command to create an NTP broadcast server on an NTP interface in order to send NTP broadcast packets.

Use the broadcast client command to set a specific interface to receive NTP broadcast packets.

Task ID

Task ID	Operations
ip-services	read, write

Examples

The following example shows how to configure Packet-over-SONET (POS) interface 0/0/0/1 to send NTP packets to destination host IP address 10.0.0.0:

RP/0/RP0/CPU0:router(config)# ntp 

RP/0/RP0/CPU0:router(config-ntp)# interface POS 0/0/0/1

RP/0/RP0/CPU0:router(config-ntp-int)# broadcast destination 10.0.0.0

Related Commands

Command	Description
interface (NTP)	Allows a networking device to receive NTP broadcast packets on an interface.
interface (NTP)	Sets the estimated round-trip delay between the software and an NTP broadcast server.

broadcast client

To allow a networking device to receive Network Time Protocol (NTP) broadcast packets on an interface, use the broadcast client command in NTP interface configuration mode. To remove the configuration and restore the system to its default condition, use the no form of this command.

broadcast client

no broadcast client

Syntax Description

This command has no arguments or keywords.

Defaults

No NTP broadcast clients are configured.

Command Modes

NTP interface configuration

Command History

Release	Modification
Release 2.0	This command was introduced on the Cisco CRS-1.
Release 3.0	No modification.
Release 3.2	This command was first supported on the Cisco XR 12000 Series Router.
Release 3.3.0	No modification.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Use the broadcast client command to configure and create an NTP broadcast client and associates the client with an interface to receive and handle NTP broadcast packets. If no NTP client has been created for an interface, the received NTP broadcast packets are dropped. Use this command to allow the system to listen to broadcast packets on an interface-by-interface basis.

Task ID

Task ID	Operations
ip-services	read, write

Examples

The following example shows how to configure Packet-over-SONET (POS) interface 0/0/0/1 to send NTP packets:

RP/0/RP0/CPU0:router(config)# ntp interface POS 0/0/0/1

RP/0/RP0/CPU0:router(config-ntp-int)# broadcast client

Related Commands

Command	Description
interface (NTP)	Sets the estimated round-trip delay between the software and an NTP broadcast server.
broadcast	Creates an NTP broadcast server on a specified NTP interface.

broadcastdelay

To set the estimated round-trip delay between a Network Time Protocol (NTP) client and an NTP broadcast server, use the broadcastdelay command in global configuration mode. To restore the system to its default condition, use the no form of this command.

broadcastdelay microseconds

no broadcast microseconds

Syntax Description

microseconds

Estimated round-trip time (in microseconds) for NTP broadcasts. The range is from 1 to 999999. The default is 3000 microseconds.

Defaults

microseconds: 3000 microseconds

Command Modes

NTP configuration

Command History

Release	Modification
Release 2.0	This command was introduced on the Cisco CRS-1.
Release 3.0	No modification.
Release 3.2	This command was first supported on the Cisco XR 12000 Series Router.
Release 3.3.0	No modification.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Use the broadcastdelay command to change the default round-trip delay time on a networking device that is configured as a broadcast client.

Task ID

Task ID	Operations
ip-services	read, write

Examples

The following example shows how to set the estimated round-trip delay between a networking device and the broadcast client to 5000 microseconds:

RP/0/RP0/CPU0:router(config-ntp)# broadcastdelay 5000

interface (NTP)

To configure a Network Time Protocol (NTP) interface, use the interface command in NTP configuration mode. To disable an NTP interface, use the no form of this command.

interface type instance [disable]

Syntax Description.

type	Interface type. For more information, use the question mark (?) online help function.
instance	Either a physical interface instance or a virtual interface instance as follows: •Physical interface instance. Naming notation is rack/slot/module/port and a slash between values is required as part of the notation. –rack: Chassis number of the rack. –slot: Physical slot number of the modular services card or line card. –module: Module number. A physical layer interface module (PLIM) is always 0. –port: Physical port number of the interface. Note In references to a Management Ethernet interface located on a route processor card, the physical slot number is alphanumeric (RP0 or RP1) and the module is CPU0. Example: interface MgmtEth0/RP1/CPU0/0. •Virtual interface instance. Number range varies depending on interface type. For more information about the syntax for the router, use the question mark (?) online help function.
disable	(Optional) Disables the NTP interface.

Defaults

No NTP interfaces are configured.

Command Modes

NTP interface configuration

Command History

Release	Modification
Release 2.0	This command was introduced on the Cisco CRS-1.
Release 3.0	No modification.
Release 3.2	This command was first supported on the Cisco XR 12000 Series Router.
Release 3.3.0	No modification.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Use the interface (NTP) command to place the router in NTP interface configuration mode, from which NTP broadcast servers and broadcast clients can be configured. By default, after the NTP process is started, NTP features become available for all interfaces. To exit NTP interface configuration mode, use the exit command.

Task ID

Task ID	Operations
ip-services	read, write

Examples

The following example shows how to enter NTP configuration mode, specify an NTP interface to be configured, and enter NTP interface configuration mode:

RP/0/RP0/CPU0:router(config)# ntp

RP/0/RP0/CPU0:router(config-ntp)# interface POS 0/1/0/0

RP/0/RP0/CPU0:router(config-ntp-int)

master

To configure the router to use its own Network Time Protocol (NTP) master clock to synchronize with peers when an external NTP source becomes unavailable, use the master command in NTP configuration mode. To restore the system to its default condition, use the no form of this command.

master stratum

no master stratum

Syntax Description

stratum

NTP stratum number that the system claims. Range is from 1 to 15. The default is 8.

Defaults

By default, the master clock function is disabled. When the function is enabled, the default stratum is 8.

Command Modes

NTP configuration

Command History

Release	Modification
Release 2.0	This command was introduced on the Cisco CRS-1.
Release 3.0	No modification.
Release 3.2	This command was first supported on the Cisco XR 12000 Series Router.
Release 3.3.0	No modification.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

NTP uses the concept of a "stratum" to describe how many NTP "hops" away a machine is from an authoritative time source. A stratum 1 time server has a radio or atomic clock attached directly. A stratum  2 time server receives its time through NTP from a stratum 1 time server, a stratum 3 from a stratum 2, and so on.

---

Caution Use the master command with extreme caution. It is easy to override other valid time sources using this command, especially if a low stratum number is configured. Configuring multiple machines in the same network with the master command can lead to instability in time keeping if the machines do not agree on the time.

---

The networking device is normally synchronized, directly or indirectly, with an external system that has a clock. The Cisco IOS XR software does not support directly attached radio or atomic clocks. The master command should be used only when there is a temporary disruption in a reliable time service. It should not be employed as an alternative source by itself in the absence of a real time service.

If the system has the master command configured and it cannot reach any clock that has a lower stratum number, the system claims to be synchronized at the configured stratum number. Other systems synchronize with it through NTP.

---

Note The system clock must have been manually set from some source before the master command has an effect. This precaution protects against the distribution of erroneous time after the system is restarted.

---

Task ID

Task ID	Operations
ip-services	read, write

Examples

The following example shows how to configure a networking device as an NTP master clock to which peers may synchronize:

RP/0/RP0/CPU0:router(config)# ntp

RP/0/RP0/CPU0:router(config-ntp)# master 9

max-associations

To set the maximum number of Network Time Protocol (NTP) associations, use the max-associations command in NTP configuration mode. To restore the default setting, use the no form of this command.

max-associations number

no max-associations number

Syntax Description

number

Maximum number of NTP associations. Range is from 0 to 4294967295. The default is 100.

Defaults

The default setting for the maximum number of NTP associations is 100.

Command Modes

NTP configuration

Command History

Release	Modification
Release 2.0	This command was introduced on the Cisco CRS-1.
Release 3.0	No modification.
Release 3.2	This command was first supported on the Cisco XR 12000 Series Router.
Release 3.3.0	No modification.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Use the max-associations command to specify the maximum number of associations for an NTP server.

Task ID

Task ID	Operations
ip-services	read, write

Examples

The following example shows how to set the maximum number of associations to 200:

RP/0/RP0/CPU0:router(config)# ntp

RP/0/RP0/CPU0:router(config-ntp)# max-associations 200

Related Commands

Command	Description
show ntp associations	Displays the status of NTP associations.

ntp

To enter Network Time Protocol (NTP) configuration mode and run NTP configuration commands, use the ntp command in global configuration mode

ntp

Syntax Description

This command has no arguments or keywords.

Defaults

No defaults behavior or values

Command Modes

Global configuration

Command History

Release	Modification
Release 2.0	This command was introduced on the Cisco CRS-1.
Release 3.0	No modification.
Release 3.2	This command was first supported on the Cisco XR 12000 Series Router.
Release 3.3.0	No modification.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

NTP configuration commands can also be run from global configuration mode by preceding the command string with the ntp keyword. From NTP configuration mode, the following NTP configuration commands are available:

RP/0/RP0/CPU0:router(config-ntp)# ?

  access-group        Control NTP access

  authenticate        Authenticate time sources

  authentication-key  Authentication key for trusted time sources

  broadcastdelay      Estimated round-trip delay

  commit              Commit the configuration changes to running

  default             Set a command to its defaults

  describe            Describe a command without taking real actions

  do                  Run an exec command

  exit                Exit from this submode

  interface           Configure NTP on an interface

  master              Act as NTP master clock

  max-associations    Set maximum number of associations

  no                  Negate a command or set its defaults

  peer                Configure NTP peer

  port                Enable NTP port

  server              Configure NTP server

  show                Show contents of configuration

  source              Configure interface for source address

  trusted-key         Key numbers for trusted time sources

update-calendar Periodically update calendar with NTP time

Task ID

Task ID	Operations
ip-services	read, write

Examples

The following example shows how to enter NTP configuration mode:

RP/0/RP0/CPU0:router(config)# ntp

RP/0/RP0/CPU0:router(config-ntp)# 

ntp clear

To clear all Network Time Protocol (NTP) peers or a specific NTP peer, use the ntp clear command in EXEC mode.

ntp clear {peer | *}

Syntax Description

peer	IPv4 address or hostname of the NTP peer to be cleared.
*	Clears all NTP peers.

Defaults

No defaults behavior or values

Command Modes

EXEC

Command History

Release	Modification
Release 2.0	This command was introduced on the Cisco CRS-1.
Release 3.0	No modification.
Release 3.2	This command was first supported on the Cisco XR 12000 Series Router.
Release 3.3.0	No modification.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Task ID

Task ID	Operations
ip-services	read, write

Examples

The following example shows how to clear all NTP peers:

RP/0/RP0/CPU0:router# ntp clear *

peer (NTP)

To configure the system clock to synchronize a peer or to be synchronized by a peer, use the peer command in NTP configuration mode. To remove the peer command from the configuration file and restore the system to its default condition with respect to the command, use the no form of this command.

peer ip-address [version number] [key key-id] [minpoll interval] [maxpoll interval] [source interface-type interface-instance] [prefer]

no peer ip-address

Syntax Description

ip-address	IPv4 address of the peer providing or being provided with the clock synchronization.
version number	(Optional) Defines the Network Time Protocol (NTP) version number, where the number argument is a value from 1 to 4. The default is 4.
key key-id	(Optional) Defines the authentication key, where the key-id argument is the authentication key to use when packets are sent to this peer. The authentication key is also used for packets received from the peer.
minpoll interval	(Optional) Defines the shortest polling interval, where the interval argument is specified in seconds as a power of two. The number is used in a power-of-two (for example, 2 meaning 26 = 64), and can be in the range from 4 to 14. The default value is 6.
maxpoll interval	(Optional) Defines the longest polling interval, where the interval argument is specified in seconds as a power-of-two. The default value is 10.
source	(Optional) IP source address. The default is the outgoing interface.
interface-type	(Optional) Interface type. For more information, use the question mark (?) online help function.
interface-instance	(Optional) Either a physical interface instance or a virtual interface instance as follows: •Physical interface instance. Naming notation is rack/slot/module/port and a slash between values is required as part of the notation. –rack: Chassis number of the rack. –slot: Physical slot number of the modular services card or line card. –module: Module number. A physical layer interface module (PLIM) is always 0. –port: Physical port number of the interface. Note In references to a Management Ethernet interface located on a route processor card, the physical slot number is alphanumeric (RP0 or RP1) and the module is CPU0. Example: interface MgmtEth0/RP1/CPU0/0. •Virtual interface instance. Number range varies depending on interface type. For more information about the syntax for the router, use the question mark (?) online help function.
prefer	(Optional) Makes this peer the preferred peer that provides synchronization.

Defaults

No peers are configured by default. If a peer is configured, the default NTP version number is 4, no authentication key is used, and the source IP address is taken from the outgoing interface.
minpoll interval: 6 seconds
maxpoll interval: 10 seconds

Command Modes

NTP configuration

Command History

Release	Modification
Release 2.0	This command was introduced on the Cisco CRS-1.
Release 3.0	No modification.
Release 3.2	This command was first supported on the Cisco XR 12000 Series Router.
Release 3.3.0	No modification.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Use the peer (NTP) command to allow this machine to synchronize with the peer, or conversely.

---

Caution Although using the prefer keyword can help reduce the switching among peers, you should avoid using the keyword because it interferes with the source selection mechanism of NTP and can result in a degradation in performance.

---

The value for the minpoll keyword must be less than or equal to the value for the maxpoll keyword. If this is not the case, the system issues an error message.

To provide peer-level service (as opposed to client/server-level service), it may be necessary to explicitly specify the NTP version for the peer if it is not version 4.

Task ID

Task ID	Operations
ip-services	read, write

Examples

The following example shows how to configure a networking device to allow its system clock to be synchronized with the clock of the peer (or conversely) at IP address 10.0.0.0 using NTP. The source IP address is the address of Packet-over-SONET (POS) interface 0/0/0/1.

RP/0/RP0/CPU0:router(config)# ntp

RP/0/RP0/CPU0:router(config-ntp)# peer 10.0.0.0 minpoll 8 maxpoll 12 source POS 0/0/0/1

Related Commands

Command	Description
authentication-key (NTP)	Defines an authentication key for NTP.
server (NTP)	Allows the system clock to be synchronized by a time server.
source	Uses a particular source address in NTP packets.

server (NTP)

To allow the system clock to be synchronized by a time server, use the server command in NTP configuration mode. To remove the server command from the configuration file and restore the system to its default condition with respect to this command, use the no form of this command.

server ip-address [version number] [key key-id] [minpoll interval] [maxpoll interval] [source interface-type interface-instance] [prefer]

no server ip-address

Syntax Description

ip-address	IPv4 address of the time server providing the clock synchronization.
version number	(Optional) Defines the Network Time Protocol (NTP) version number, where the number argument is a value from 1 to 4. The default is 4.
key key-id	(Optional) Defines the authentication key, where the key-id argument is the authentication key to use when packets are sent to this peer.
minpoll interval	(Optional) Defines the shortest polling interval, where the interval argument is specified in seconds as a power of 2. The number is used in a power-of-2 expression (meaning 26 = 64), and can be in the range from 4 to 14. The default value is 6.
maxpoll interval	(Optional) Defines the longest polling interval, where the interval argument is specified in seconds as a power of two. The default value is 10.
source	(Optional) IP source address. The default is the outgoing interface.
interface-type	(Optional) Interface type. For more information, use the question mark (?) online help function.
interface-instance	(Optional) Either a physical interface instance or a virtual interface instance as follows: •Physical interface instance. Naming notation is rack/slot/module/port and a slash between values is required as part of the notation. –rack: Chassis number of the rack. –slot: Physical slot number of the modular services card or line card. –module: Module number. A physical layer interface module (PLIM) is always 0. –port: Physical port number of the interface. Note In references to a Management Ethernet interface located on a route processor card, the physical slot number is alphanumeric (RP0 or RP1) and the module is CPU0. Example: interface MgmtEth0/RP1/CPU0/0. •Virtual interface instance. Number range varies depending on interface type. For more information about the syntax for the router, use the question mark (?) online help function.
prefer	(Optional) Makes this peer the preferred server that provides synchronization.

Defaults

No servers are configured by default. If a server is configured, the default NTP version number is 4, no authentication key is used, and the source IP address is taken from the outgoing interface.
minpoll interval: 6 seconds
maxpoll interval: 10 seconds

Command Modes

NTP configuration

Command History

Release	Modification
Release 2.0	This command was introduced on the Cisco CRS-1.
Release 3.0	No modification.
Release 3.2	This command was first supported on the Cisco XR 12000 Series Router.
Release 3.3.0	No modification.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

The value for the minpoll keyword must be less than or equal to the value for the maxpoll keyword. If this is not the case, the system issues an error message.

Using the prefer keyword reduces switching back and forth among servers.

Task ID

Task ID	Operations
ip-services	read, write

Examples

The following example shows how to configure a router to allow its system clock to be synchronized with the clock of the peer at IP address 209.165.201.1 using NTP:

RP/0/RP0/CPU0:router(config)# ntp

RP/0/RP0/CPU0:router(config-ntp)# server 209.165.201.1 minpoll 8 maxpoll 12

Related Commands

Command	Description
authentication-key (NTP)	Defines an authentication key for NTP.
peer (NTP)	Configures the system clock to synchronize a peer or to be synchronized by a peer.
source	Uses a particular source address in NTP packets.

show calendar

To display the system time and date, use the show calendar command in EXEC mode.

show calendar

Syntax Description

This command has no keywords or arguments.

Defaults

No defaults behavior or values

Command Modes

EXEC

Command History

Release	Modification
Release 2.0	This command was introduced on the Cisco CRS-1.
Release 3.0	No modification.
Release 3.2	This command was first supported on the Cisco XR 12000 Series Router.
Release 3.3.0	No modification.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Use the show calendar command to display the time and date in Coordinated Universal Time (UTC) format.

Task ID

Task ID	Operations
basic-services	read

Examples

The following is sample output from the show calendar command:

RP/0/RP0/CPU0:router# show calendar

01:29:28 UTC Thu Apr 01 2004

Related Commands

Command	Description
show clock	Displays the system clock.

show ntp associations

To display the status of Network Time Protocol (NTP) associations, use the show ntp associations command in privileged EXEC mode.

show ntp associations [detail] [location node-id]

Syntax Description

detail	(Optional) Displays detailed information about each NTP association.
location node-id	(Optional) Displays the status of NTP associations from the designated node. The node-id argument is entered in the rack/slot/module notation.

Defaults

No defaults behavior or values

Command Modes

EXEC

Command History

Release	Modification
Release 2.0	This command was introduced on the Cisco CRS-1.
Release 3.0	No modification.
Release 3.2	This command was first supported on the Cisco XR 12000 Series Router.
Release 3.3.0	No modification.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Task ID

Task ID	Operations
ip-services	read

Examples

The following is sample output from the show ntp associations command:

RP/0/RP0/CPU0:router# show ntp associations

      address         ref clock     st  when  poll reach  delay  offset    disp

*~172.19.69.1      171.68.10.150     2     4    64    3     2.0   -3.79     0.0

 * master (synced), # master (unsynced), + selected, - candidate, ~configured

Table 1 describes the significant fields shown in the display.

Table 1 show ntp associations Field Descriptions 

Field	Description
*	Peer is synchronized to this peer.
#	Peer is the best synchronization source, but the peer is currently not synchronized. This is normally a short-lived and intermediate stage.
+	Peer is elected for possible synchronization.
-	Peer is a candidate for selection.
~	Indicates peer is statically configured.
address	Address of the peer.
ref clock	Reference clock type or address for the peer.
st	Stratum setting for the peer.
when	Time, in milliseconds, since last NTP packet was received from peer.
poll	Polling interval (seconds).
reach	Peer reachability (bit string, in octal).
delay	Round-trip delay to peer, in milliseconds.
offset	Relative time difference between a peer clock and a local clock, in milliseconds.
disp	Dispersion.

The following is sample output from the show ntp associations detail command:

RP/0/RP0/CPU0:router# show ntp associations detail

172.19.69.1 configured, our_master, sane, valid, stratum 2

ref ID 171.68.10.150, time C4143AAE.00FCF396 (18:27:58.003 UTC Tue Mar 30 2004)

our mode client, peer mode server, our poll intvl 64, peer poll intvl 64

root delay 5.23 msec, root disp 4.07, reach 3, sync dist 0.0077

delay 1.9829 msec, offset -3.7899 msec, dispersion 0.0358

precision 2**18, version 4

org time C4143B8D.7EBD5FEF (18:31:41.495 UTC Tue Mar 30 2004)

rcv time C4143B8D.801DFA44 (18:31:41.500 UTC Tue Mar 30 2004)

xmt time C4143B8D.7F595E44 (18:31:41.497 UTC Tue Mar 30 2004)

filtdelay =     2.99    1.98    1.98    1.99    1.99    1.99    2.98    1.98

filtoffset =   -3.89   -3.74   -3.78   -3.81   -3.76   -3.73   -4.08   -3.64

filterror =     0.00    0.02    0.03    0.05    0.06    0.08    0.09    0.32

Table 2 describes the significant fields shown in the display.

Table 2 show ntp associations detail Field Descriptions 

Field	Descriptions
configured	Statically configured peer.
dynamic	Dynamically discovered peer.
our_master	Synchronization of the local machine to this peer.
sane	Passing of basic sanity checks by this peer.
ref ID	Address of machine to which the peer is synchronized.
time	Last time stamp that the peer received from its master.
our mode	Mode relative to peer (active/passive/client/server/bdcast/bdcast client).
peer mode	Mode of peer relative.
our poll intvl	Poll interval to peer.
peer poll intvl	Poll interval of interval.
root delay	Delay along path to root (ultimate stratum 1 time source).
root disp	Dispersion of path to root.
reach	Peer reachability (bit string in octal).
sync dist	Peer synchronization distance.
delay	Round-trip delay to peer.
offset	Offset of peer clock relative to this clock.
dispersion	Dispersion of peer clock.
precision	Precision of peer clock in (Hertz) Hz.
version	NTP version number that peer is using.
org time	Originate time stamp.
rcv time	Receive time stamp.
xmt time	Transmit time stamp.
filtdelay	Round-trip delay in milliseconds of each sample.
filtoffset	Clock offset in milliseconds of each sample.
filterror	Approximate error of each sample.

Related Commands

Command	Description
show ntp status	Displays the status of NTP.

show ntp status

To display the status of Network Time Protocol (NTP), use the show ntp status command in EXEC mode.

show ntp status [location node-id]

Syntax Description

location node-id

(Optional) Displays the status of NTP from the designated node. The node-id argument is entered in the rack/slot/module notation.

Defaults

No defaults behavior or values

Command Modes

EXEC

Command History

Release	Modification
Release 2.0	This command was introduced on the Cisco CRS-1.
Release 3.0	No modification.
Release 3.2	This command was first supported on the Cisco XR 12000 Series Router.
Release 3.3.0	No modification.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Task ID

Task ID	Operations
ip-services	read

Examples

The following is sample output from the show ntp status command:

RP/0/0/CPU0:router# show ntp status location 0/2/cpu0

Clock is synchronized, stratum 4, reference is DLRSC node

nominal freq is 1000.0000 Hz, actual freq is 999.9801 Hz, precision is 2**26

reference time is C4143841.3403218C (18:17:37.203 UTC Tue Mar 30 2004)

clock offset is -11.9957 msec, root delay is 11.41 msec

root dispersion is 65.94 msec, peer dispersion is 0.00 msec

Table 3 describes the significant fields shown in the display.

Table 3 show ntp status Field Descriptions 

Field	Description
synchronized	Synchronized system to an NTP peer.
stratum	NTP stratum of this system.
reference	Address of the peer to which clock is synchronized.
nominal freq	Nominal frequency in Hertz (Hz) of the system hardware clock.
actual freq	Measured frequency in Hz of the system hardware clock.
precision	Precision of the clock of this system in Hz.
reference time	Reference time stamp.
clock offset	Offset of clock (in milliseconds) to synchronized peer.
root delay	Total delay (in milliseconds) along path to root clock.
root dispersion	Dispersion of root path.
peer dispersion	Dispersion of synchronized peer.

Related Commands

Command	Description
show ntp associations	Displays the status of NTP associations.

source

To use a particular source address in Network Time Protocol (NTP) packets, use the source command in NTP configuration mode. To remove the source command from the configuration file and restore the system to its default condition, use the no form of this command.

source interface-type interface-instance

no source

Syntax Description

interface-type

Interface type. For more information, use the question mark (?) online help function.

interface-instance

Either a physical interface instance or a virtual interface instance as follows: •Physical interface instance. Naming notation is rack/slot/module/port and a slash between values is required as part of the notation. –rack: Chassis number of the rack. –slot: Physical slot number of the modular services card or line card. –module: Module number. A physical layer interface module (PLIM) is always 0. –port: Physical port number of the interface. Note In references to a Management Ethernet interface located on a route processor card, the physical slot number is alphanumeric (RP0 or RP1) and the module is CPU0. Example: interface MgmtEth0/RP1/CPU0/0. •Virtual interface instance. Number range varies depending on interface type. For more information about the syntax for the router, use the question mark (?) online help function.

Defaults

The source address is determined by the outgoing interface.

Command Modes

NTP configuration

Command History

Release	Modification
Release 2.0	This command was introduced on the Cisco CRS-1.
Release 3.0	No modification.
Release 3.2	This command was first supported on the Cisco XR 12000 Series Router.
Release 3.3.0	No modification.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Use the source command to use a particular source IP address for all NTP packets. The address is taken from the named interface. This command is useful if the address on an interface cannot be used as the destination for reply packets. If the source keyword has been configured with the server (NTP) or peer (NTP) command, that value overrides the global value.

Task ID

Task ID	Operations
ip-services	read, write

Examples

The following example shows how to configure the router to use the IP address of Packet-over-SONET (POS) interface 0/0/0/1 as the source address of all outgoing NTP packets:

RP/0/RP0/CPU0:router(config)# ntp

RP/0/RP0/CPU0:router(config-ntp)# source POS 0/0/0/1

Related Commands

Command	Description
peer (NTP)	Configures the system clock to synchronize a peer or to be synchronized by a peer.
server (NTP)	Allows the system clock to be synchronized by a time server.

trusted-key

To designate a Network Time Protocol (NTP) trusted key, use the trusted-key command in NTP configuration mode. To remove the trusted-key command from the configuration file and restore the system to its default condition with respect to this command, use the no form of this command.

trusted-key key-number

no trusted-key key-number

Syntax Description

key-number

Authentication key number to be trusted. Range is from 1 to 65535.

Defaults

No NTP trusted key is designated.

Command Modes

NTP configuration

Command History

Release	Modification
Release 2.0	This command was introduced on the Cisco CRS-1.
Release 3.0	No modification.
Release 3.2	This command was first supported on the Cisco XR 12000 Series Router.
Release 3.3.0	No modification.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

If authentication is enabled, use the trusted-key command to define one or more key numbers (corresponding to the keys defined with the authentication-key [NTP] command) that a NTP system must provide in its NTP packets for this system to synchronize to it. Because the other system must know the correct authentication key, this precaution provides protection against accidentally synchronizing the system to a system that is not trusted.

Task ID

Task ID	Operations
ip-services	read, write

Examples

The following example shows how to configure the system to synchronize only to systems providing authentication key 42 in its NTP packets:

RP/0/RP0/CPU0:router(config)# ntp

RP/0/RP0/CPU0:router(config-ntp)# authenticate

RP/0/RP0/CPU0:router(config-ntp)# authentication-key 42 md5 clear key1

RP/0/RP0/CPU0:router(config-ntp)# trusted-key 42

Related Commands

Command	Description
authenticate (NTP)	Enables NTP authentication.
authentication-key (NTP)	Defines an authentication key for NTP.

update-calendar

To update the calendar periodically from Network Time Protocol (NTP), use the update-calendar command in NTP configuration mode. To remove the update-calendar command from the configuration file and restore the system to its default condition with respect to the command, use the no form of this command.

update-calendar

no update-calendar

Syntax Description

This command has no arguments or keywords.

Defaults

This command is disabled.

Command Modes

NTP configuration

Command History

Release	Modification
Release 2.0	This command was introduced on the Cisco CRS-1.
Release 3.0	No modification.
Release 3.2	This command was first supported on the Cisco XR 12000 Series Router.
Release 3.3.0	No modification.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Some networking devices have a calendar that is separate from the system clock. This calendar runs continuously, even if the device is powered off or rebooted.

If a networking device is synchronized to an outside time source through NTP, it is a good idea to update the calendar with the time learned from NTP. Otherwise, the calendar may gradually lose or gain time.

After you configure the ntp update calendar command, NTP will update the calendar with system clock every hour.

Task ID

Task ID	Operations
ip-services	read, write

Examples

The following example shows how to configure the system to update the calendar periodically from the system clock:

RP/0/RP0/CPU0:router(config)# ntp

RP/0/RP0/CPU0:router(config-ntp)# update-calendar

Related Commands

Command	Description
clock read-calendar	Causes the calendar to be read into the system clock.
clock update-calendar	Sets the calendar from the system clock.