Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Router NTP Configuration
- Thread starter BobW333
- Start date
Basically, nothing.
This should only come into play if you have multiple routers synching their time with one another. This has to do with the way the router updates the other routers, or hosts on the network.
You use the differnt commands depending on your design. For example, I use an NTP SERVER to synch with the internet, then you would specify internal routers to be your NTP PEERS. The PEER routers will update their time from the SERVER router. Then all hosts can be configured to get their time from the PEERs to keep the overhead down on the NTP SERVER itself.
This can be used in a multi-homed firewall scenario or DMZ, where the NTP server router could be external to the LAN, then the internal PEERs would be the only client to update "outside the inner firewall."
You can probably search NTP and find a lot of information on the Symmetric nature of server updates and the "client-mode" updates that come from the PEERs. If you only have one NTP server and you run a small LAN with say NAT behind an outer firewall from home, etc...... Simply give the router interface an IP on your subnet that is permitted by the NAT statements and it will overload the same as a client workstation when accessing the internet and you can use it to update all of your clients.
All you should need is NTP server in this scenario. For another example of the hierarchy structure, outside of cisco, look at the Microsoft Implementation of a Software Update Server (SUS).
It's logically the same concept with updating software only from a tested "internal" source rather than the Internet. It's a security thing
Syty
This should only come into play if you have multiple routers synching their time with one another. This has to do with the way the router updates the other routers, or hosts on the network.
You use the differnt commands depending on your design. For example, I use an NTP SERVER to synch with the internet, then you would specify internal routers to be your NTP PEERS. The PEER routers will update their time from the SERVER router. Then all hosts can be configured to get their time from the PEERs to keep the overhead down on the NTP SERVER itself.
This can be used in a multi-homed firewall scenario or DMZ, where the NTP server router could be external to the LAN, then the internal PEERs would be the only client to update "outside the inner firewall."
You can probably search NTP and find a lot of information on the Symmetric nature of server updates and the "client-mode" updates that come from the PEERs. If you only have one NTP server and you run a small LAN with say NAT behind an outer firewall from home, etc...... Simply give the router interface an IP on your subnet that is permitted by the NAT statements and it will overload the same as a client workstation when accessing the internet and you can use it to update all of your clients.
All you should need is NTP server in this scenario. For another example of the hierarchy structure, outside of cisco, look at the Microsoft Implementation of a Software Update Server (SUS).
It's logically the same concept with updating software only from a tested "internal" source rather than the Internet. It's a security thing
Syty
- Status