cisco的时钟设定(clock ntp timezone)
(2009-09-20 18:44:14)
system clock与system calendar分别
system clock
|
system calendar
|
system clock是基于软件的
|
system calendar是基于硬件的calendar不受开关机和重起的影响 通常他只被设一次 |
Manually Setting the Software Clock
clock set hh:mm:ss date month year 时 :分: 秒 日 月 年
|
Month 必须是字母,不能是数字
Set the Calendar from the Clock or NTP
clock update-calendar
|
Set the Calendar from the Clock
|
ntp update-calendar
|
Set the Calendar from NTP 用NTP周期性更新system calendar
|
Set the system clock from the system calendar
clock read-calendar
|
这语句使clock重读system calendar 通常是系统重起的时候,system clock读system calendar 进行clock inital. |
Setting the Router as a Network Time Source
clock calendar-valid
|
make the system calendar be authoritative Enables the router to act as a valid time source to which network peers can synchronize
|
ntp master
|
clock calendar-valid通常和ntp master一起使用
|
当用ROUTER做NTP master,而他又不与其他外部TIME SOURCE同步时,就表示他采用的时钟是ROUTER自己的 system calendar,这就要求他必须要authoritative
clock timezone
clock timezone zone hours-offset [...(minutes-offset)]
|
时区描述符, 时偏移, 分偏移 |
中国时区:beijing时间是GMT+8区 GMT时区设置:GMT为格林尼治标准时间,用户可以根据自己所在时区设置GMT时区
clock timezone GMT 8
|
北京时间
|
NTP同步,可以采用三种方法:
- ntp server 10.1.1.1 [version ...] [key ...] [source ...(interface)] [prefer]
- ntp peer 10.1.1.1 [normal-sync][version ...] [key ...] [source ...(interface)] [prefer]
- ntp broadcast/ntp broadcast client
ntp server是单向同步 ntp server时,router是client mode 对端必须是ntp master
ntp server 10.1.1.1
|
ntp master
|
ntp broadcast
int eth 0 ntp broadcast (send) ! ntp server 10.9.0.1 prefer
|
int eth 0 ntp broadcast client (receive)
|
ntp broadcast 的server端,必须还有正常的NTP配置(NTP SERVER/NTP PEER)
ntp source
ntp master ntp source loopback 0
|
ntp source loopback 0 It can be syncronize only if there is path between routers.
NTP同步经验
就有这种经验,等了15分钟(故意的),一直不同步,结果把ntp server语句no掉,又加上,就同步了
- ntp同步不要怀疑ntp server地址,能ping通即可
试验通过,ntp server ...不管是对端lo0还是接口地址,都会同步
- ntp source interface ...,配不配都与同步无关
试验通过,ntp server ... 与对端的ntp source interface没有任何关系
ntp authentication 三步(别忘了trust-key)
ntp client |
ntp master |
ntp server 7.7.3.3 source lo0 key 1
ntp authenticate ntp authentication-key 1 md5 cisco ntp trust-key 1
|
ntp master 2 ntp source lo0 ntp authenticate ntp authentication-key 1 md5 cisco ntp trust-key 1
|
ntp认证三大配置缺一不可,不能因为ntp server ... key 1 就不配ntp trust-key 1
prefer (config)#ntp server 3.3.3.3 ? prefer Prefer this peer when possible 配多个ntp server时,取最优先的
|