NTPv4

NTPv4 is an extension of NTPv3 that supports IPv4 and IPv6. It is backward compatible with NTPv3, offers some new features, and time synchronization is faster and more precise.

Security has improved, NTPv4 supports public key cryptography and standard X509 certificates.

When using NTP for IPv4, broadcast is a popular option as it allows you to send NTP packets in the broadcast domain to everyone. We can’t do this with IPv6, but NTPv4 does support site-local multicast.

DNS support is also improved. With NTPv3, if you configure a hostname to sync with, your device does a lookup for the hostname and stores the IP address in the configuration, the hostname is then lost. With NTPv4, the hostname is stored in the configuration.

In this lesson, I’ll show you how to configure NTPv4 with a unicast and multicast client.

Configuration

This is the topology we’ll use:

Ntpv4 Lab Topology

Configuration-wise, NTPv4 is pretty much the same thing.

To help speed things up, let’s set the same time and date on all routers before we configure NTP:

R1, R2 & R3
#clock set 10:37:00 2 July 2018

I will configure R1 as an NTP master so that I don’t need an external server:

R1(config)#ntp master 1

Clients

Let’s configure our clients. R2 will be an NTP unicast client and for R3 we will use multicast.

Unicast

We can configure the IPv6 address of R1 but instead, we’ll use a hostname to test if R2 stores the hostname in its configuration. I’ll create a manual host record for this:

R2(config)#ipv6 host R1 2001:DB8:0:12::1

Now we configure R1 as the NTP server. The version 4 parameter sets the correct version:

R2(config)#ntp server R1 version 4

Multicast

To make multicast work, we need to configure R1 to send NTP multicast packet and R3 to receive them.

This is the multicast address we will use:

FF05::101

  • FF05 is the multicast address for the site-local scope.
  • ::101 is the address that IANA has assigned to NTP for IPv6.

Let’s configure R1 to send NTP multicast packets with this address:

We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now!

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You’ve Ever Spent on Your Cisco Career!
  • Full Access to our 803 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)
469 Sign Ups in the last 30 days
satisfaction-guaranteed

  • 100% Satisfaction Guaranteed!
  • You may cancel your monthly membership at any time.
  • No Questions Asked!

Tags:


Forum Replies

  1. Great job Rene…thanks for add this topic in our lesson we will enjoy with this…

    Thanks & Regards,
    Arindom

  2. Cant wait to dive into this lesson once I put my daughter to bed tonight!

  3. Hi Scott,
    Sorry didn’t reply you last day i went to bed at same time :smile: Hope you are doing good…

    Thanks & Regards,
    Arindom

  4. Hello,

    I am a bit confused using NTP over IPv6. This lesson and the Cisco documentation, states that NTPv4 adds this capability. However, in my lab i was able to use it with NTPv3.

    R2#sh run | s ntp
    ntp server 2A12::1 version 3
    
    R2#sh ntp associations 
    
      address         ref clock       st   when   poll reach  delay  offset   disp
    *~2A12::1         127.127.1.1      3      9    128   377  3.950 -10.232  2.610
     * sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured
    
    R2#sh ntp associations detail 
    2A12::1 configured, ipv6, our_master, sane, va
    ... Continue reading in our forum

  5. Hello Ilias

    When we say that NTPv4 has some improvements that also support the IPv6 address family, we are not stating that only NTPv4 can be encapsulated within an IPv6 packet. In your packet capture, an NTPv3 packet is encapsulated within a UDP datagram, which in turn is encapsulated within an IPv6 packet.

    The phrase “supports the IPv6 address family” simply means that some mechanisms and fields in the NTP header have been modified to take into account the use of IPv6 addresses, but this only refers to background processes such as MD5 hash generation, and th

    ... Continue reading in our forum

4 more replies! Ask a question or join the discussion by visiting our Community Forum