Security Management

  • 1.  Junos NTP as primary source?

    Posted 12-16-2017 16:34

    Hello,

    Why can't Junos NTP be a primary source ?     In my lab, I have to setup a different vendor to be a "primary source".

     

    Thank you for your help.



  • 2.  RE: Junos NTP as primary source?
    Best Answer

    Posted 12-17-2017 00:58

    Hi

     

    Junos device can only work as NTP server when it is synchronized to the external NTP server. This is by design, to protect you from situations where local time drifts significantly from "real" time, over large time intervals, due to small difference in clock rate. It is assumed here that external server is connected, directly or via other server(s), to stratum-0 clock (atomic or satellite system).

     



  • 3.  RE: Junos NTP as primary source?

    Posted 12-17-2017 14:32

    I suppose that Juniper's thinking on this, is good for real-life setups.   But for labbing, it is not helpful at all.  

     

    I  have fixed it by putting a cisco device in my lab. 

     

    Thanks for the responses.



  • 4.  RE: Junos NTP as primary source?

     
    Posted 12-19-2017 20:24

    Hi Folks,

    Just to add my 2 cents on this….

     

    Configuring the NTP Time Server and Time Services

     

    When you use NTP, configure the router or switch to operate in one of the following modes:

     

    • Client mode
    • Symmetric active mode
    • Broadcast mode
    • Server mode

     

     

    https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/network-time-protocol-time-server-time-services-configuring.html

     

    The pool.ntp.org project is a big virtual cluster of timeservers providing reliable easy to use NTP service for millions of clients.

     

    You can get the router sync with the public NTP server or a imple ntp server application for windows will suffice the requirement…

     

    Configuring the Router or Switch to Operate in Server Mode

    In server mode, the router or switch acts as an NTP server for clients when the clients are configured appropriately. The only prerequisite for “server mode” is that the router or switch must be receiving time from another NTP peer or server. No other configuration is necessary on the router or switch.

     

    https://www.juniper.net/documentation/en_US/junos/topics/example/ntp-qfx-series.html

     



  • 5.  RE: Junos NTP as primary source?

    Posted 12-17-2017 04:24

    For a lab you can setup one Junos device in server mode syncing to a public NTP source like the 

    tick.usno.navy.mil - 192.5.41.40 / tock.usno.navy.mil - 192.5.41.41

     

    Then have all the other devices in client mode to this master Junos device.

     

    See chapter 9 on NTP

    https://www.juniper.net/documentation/en_US/junos/information-products/pathway-pages/ex4600/junos-basics.pdf