System Clock and Time Protocols

The switch uses the system clock for displaying the time and for time-stamping messages. The system clock is set to Coordinated Universal Time (UTC); the switch calculates local time based on the time zone setting. Time-stamps and time displays are in local time. The system clock can be set either manually or via Network Time Protocol (NTP); any NTP servers properly configured on the switch override time that is manually entered.

The following sections deal with the configuration of the system clock and the use of NTP and PTP.

Configuring the Time Zone

The time zone setting is used by the switch to convert the system time (UTC) to local time. To specify the time zone, use the clock timezone command.

Examples

  • These commands configure the switch for the United States Central Time Zone.
    switch(config)#clock timezone US/Central
    switch(config)#show clock
    Mon Jan 14 18:42:49 2013
    timezone is US/Central
    switch(config)#
    
  • To view the predefined time zone labels, enter clock timezone with a question mark.
    switch(config)#clock timezone ?
    Africa/AbidjanAfrica/Accra
    
    WET WET timezone
    ZuluZulu timezone
    
    switch(config)#clock timezone
    
  • This command displays all time zone labels that start with America.
    switch(config)#clock timezone AMERICA?
    America/AdakAmerica/Anchorage
    
    America/Yellowknife
    
    switch(config)#clock timezone AMERICA
    

Setting the System Clock Manually

The clock set command manually configures the system clock time and date, in local time. Any NTP servers properly configured on the switch override time that is manually entered.

Example

This command manually sets the switch time.
switch#clock set 08:15:24 14 Jan 2013
Mon Jan 14 08:15:25 2013
timezone is US/Central

Displaying the Time

To display the local time and configured time zone, enter the show clock command.

Example

  • This command displays the switch time.
    switch(config)#show clock
    Mon Jan 14 16:32:46 2013
    timezone is America/Los_Angeles
    

Network Time Protocol (NTP)

Network Time Protocol (NTP) is enabled on the switch by default, and time settings from any properly configured NTP server will override manual setting of the system clock.

NTP servers synchronize time settings of systems running an NTP client. The switch supports NTP versions 1 through 4. The default is version 4. After configuring the switch to synchronize with an NTP server, it may take up to ten minutes for the switch to set its clock. The running-config lists NTP servers that the switch is configured to use.

The following NTP sections deal with NTP on the switch:

Configuring the NTP Server

The ntp server command adds a server to the list or modifies the parameters of a previously listed address. When the system contains multiple NTP servers, the prefer keyword can be used to specify a preferred NTP server, which will be used as the NTP server if not discarded by NTP.

Note that all NTP servers must be in the same VRF, and that they are added in the default VRF if no VRF is specified.

The system clock will be set via NTP if NTP is enabled and there is at least one NTP server properly configured on the switch, and NTP overrides manual setting of the system clock. NTP is enabled by default. To disable NTP, use the no ntp command.

Example

  • These commands add three NTP servers, designating the second server as preferred.

    switch(config)#ntp server local-NTP
    switch(config)#ntp server 172.16.0.23 Prefer
    switch(config)#ntp server 172.16.0.25
    
    

Configuring the NTP Source

The ntp local-interface command configures an interface as the source of NTP packets. That interfaces IP address is then used as the source address for all NTP packets unless a server-specific source is configured using the source option of the ntp server command. For an ntp local-interface command to take effect, the specified interface and the NTP server must both belong to the same VRF.

Example

  • This command configures VLAN interface 25 as the source of NTP update packets.
    switch(config)#ntp local-interface vlan 25
    switch(config)#

Configuring the Switch as an NTP Server

To configure the switch to accept NTP requests on all interfaces, use the ntp serve all command to enable NTP server mode globally on the switch. To configure an individual interface to accept or deny NTP requests, use the ntp serve command. Interface level settings override the global settings, and changing the settings at either the global or interface level also causes the switch to re-synchronize with its upstream NTP server. NTP server mode is disabled by default.

Example

  • This command configures the switch to act as an NTP server, accepting NTP requests.
    switch(config)#ntp serve all
    switch(config)# 
  • These commands configure Ethernet interface 5 to accept NTP requests regardless of global settings.
    switch(config)#interface ethernet 5
    switch(config-if-Et5)#ntp serve
    switch(config-if-Et5)#

Configuring NTP Authentication

The switch can be configured to accept NTP packets only from an authenticated server or client. NTP authentication is disabled by default.

To configure the switch to authenticate NTP packets, create one or more authentication keys using the ntp authentication-key command, specify which keys are trusted by using the ntp trusted-key command, use the ntp authenticate command to enable NTP authentication, and specify to use the trusted-key for a specific server. The NTP server must be configured to use the same authentication key and key ID number.

Note: When NTP authentication is enabled on a switch, all NTP servers upstream of the switch, as well as all NTP clients of the switch, should have matching keys configured, and clients must have NTP authentication enabled.
Example:

These commands configure the switch to authenticate NTP packets using key 328 with the plaintext password timeSync.

switch(config)#ntp authentication-key 328 md5 timeSync
switch(config)#ntp trusted key 328
switch(config)#ntp authenticate
switch(config)# 

Viewing NTP Settings and Status

To display the status of Network Time Protocol (NTP) on the switch, use the show ntp status command. To display the status of connections to NTP servers, use the show ntp associations command.

Note: In the output for show ntp associations, the reference ID (which identifies the time source of the NTP server) is either the IPv4 address of the time source or, if that source has an IPv6 address, the first four octets of the MD5 hash of that IPv6 address. In EOS releases prior to 4.23.2, show ntp status identified the system peer by its reference ID as described above, but in later releases it shows the IP address (whether IPv4 or IPv6).

Example

  • This command displays the status of the switch’s NTP connection.
    switch#show ntp status
    synchronised to NTP server (192.168.78.62) at stratum 3
       time correct to within 66 ms
       polling server every 1024 s
    switch #
  • This command displays data about the NTP servers in the configuration.
    switch#show ntp associations
         remote          refid      st t when  poll reach   delay   offset  jitter 
    ==============================================================================
    +l.ntp.arista.co 125.157.10.11 2 u  539  1024  377  121.748   -0.345   0.893
    -3.ntp.arista.co 127.31.152.34 2 u  868  1024  377  101.671    2.434   1.529
    +2.ntp.arista.co 176.131.12.185  2 u  676  1024  377  116.505     0.03   0.768
    *4.ntp.arista.co 120.181.192.192 2 u  696  1024  377   48.431   -0.416    0.15
    switch#