Network Time Protocol

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
what does an NTP client say when it bumps into an NTP server on the street the answer is hey buddy got the time in this nugget you and I are going to lab up capture and analyze network time protocol using gns3 and Wireshark let's begin I'd like you to imagine that Bob sitting at his computer is connected out to the Internet and is trying to access a server for banking and a big part of that communication is very likely going to involve some cryptography we're very likely using TLS or SSL to encrypt the session and as part of that there's digital certificates that are involved and if Bob's computer thinks that the time is 2013 and the bank's digital certificate is valid from 2014 through 2016 Bob's computer is going to believe that that certificate that the bank is presenting is not yet valid and as a result could prevent him from having his secure session with the bank other network devices including routers and switches also have time-sensitive issues including digital certificates along with things such as logging with correct time stamps and time based access control lists that enable or disable certain protocols reports during certain times of the day it's important that the time is accurate on these systems so a great way of synchronizing time is using the network time protocol it uses UDP at the transport layer and specifically it uses port 123 of UDP on a Cisco router the default time zone is UTC which is universal time coordinated and NTP messages sent between an NTP server and an NTP client are sent in UTC so if we want the local time on our devices to reflect our time zone we need to tell our local devices what the time zone is for example is it Pacific Standard Time and what is the offset from UTC so what you and I are going to do we're going to lab up an environment in genus 3 with a couple of routers we'll make one an NTP master the other an NTP client will capture the traffic and then we'll analyze it using Wireshark so in gns3 let's go ahead and change our view a little bit we would edit preferences and let's go ahead and choose the default charcoal gray as part of gns 1.2 just to mix it up a little bit so let's start by bringing out a couple of routers will drag out a couple of 7200 series routers and we'll connect them together using the link tool right here and let's just go from Ethernet 1 0 on our one over to ethernet 1 0 and r2 we'll turn off the link tool and we'll turn on the label tool fantastic let's power them up and then we'll right-click on each one of them and from the drop-down select console to bring up consoles for each of those devices so our topology is pretty simple we're using Ethernet 1 0 on each of the routers so here on our one let's go into configuration mode will go into interface Ethernet 1 / 0 and we'll bring it up with a no shutdown command let's also manually configure a MAC address in that way when we see it inside of the packet captures will easily recognize it as the MAC address associated with r1 will also give it the IP address of 10001 with a 24-bit mask I'm also going to set the time zone on this router and I happen to be in the Pacific Standard Time which is 8 hours off of UTC so I'll communicate that with the command clock time zone PST and then how many hours off of UTC we are and we have a message that indicates that it has changed the time to adjust for that 8 hours so the details of this message it used to be 13 21 and now it's set to 5 21 again to reflect that eight hours off of UTC that we told the router it's currently in also just for grins I'm going to set manually the clock on this router now this is a command that is normally done in privilege mode and to avoid having to get out of configuration mode go to privilege mode then come back here to configuration mode I'm simply going to add the command due in front of the command clock set and I'm gonna set it for 11 17 March 26 2015 and depending on when you and I are going through this nugget together that date may either be in the future or in the past and then what I'd like to do is I'm going to tell this router that I want it to act as an NTP master meaning it's an authoritative time server that other devices can get their time from so the fact that this router believes that it's March 26 2015 that's okay as long as we don't mind other devices who are acting as ntp clients getting the time synchronized from this server to be synchronized to this master ntp server and then we'll get out of configuration mode by typing in end next let's make a road trip over to r2 it also has an Ethernet 1/0 interface so let's go into that interface in configuration mode and do a no shutdown to bring that interface up let's also configure a MAC address here on r2 one that will very easily recognize inside of our packet capture and we'll give it an IP address of 1000 two with a 24-bit mask I'm also going to set the timezone here on our to indicate that we are eight hours off of UTC and let speak what the time is on this router now this is normally a privileged mode command so I'm going to put due in front of it and let's you the command do show clock and this command is indicating that this router believes it's 526 on November 21st 2014 so let's do this let's set up the capture of traffic between r1 and r2 so in Gina's 3 we'll right click that link will click on start capture from the drop down and click on ok then we'll go back to our console on r2 and we are going to tell r2 that we want it to use the ntp server at 1000 dot 1 which is r1 to go ahead and synchronize our two's time the syntax is ntp space server and then the IP address of our ntp server and it's done now in the background there is some ntp traffic that's happening and the great news is you and i are capturing that on the link between r1 and r2 so you might ask well how do we verify whether or not the ntp is working or not well one simple thing that we could do is a show clock and see whether or not the time has changed now right now is still showing as november 21st 2014 at 528 however once the ntp synchronization is done we are going to be synced up with the time that's on the NTP server so one thing we might want to do is do a quick verification that we can ping the NTP server to make sure that we have communication with them so let's do a ping of 1000 won okay that's great and let's hit the up arrow key a couple times into a show clock again and the NTP has not yet synchronized but we're not going to give up because it often takes several minutes for NTP to synchronize so while we're waiting for that to happen let's take a look at a couple other commands for example show NTP associations is a fantastic ntp show command so that's showing us that we do have an NTP server configured at 1000 won and we could use that same command again and add on the keyword detail at the end of it show NTP associations detail and now it gives the ability to dig into the nitty-gritty detail regarding NTP and the synchronization of ntp between us and our configured server another great command that we could do is show ntp status and the show ntp status indicates that our clock is synchronized so that means that by doing those three commands I bought ourselves a little more time to allow NTP to do its job so if use the up arrow key a few times and we do a show clock now check out the time we are now synchronized between the clock on this router and the clock on the NTP server next let's go into genus 3 we'll stop that capture by right-clicking on the link and selecting stop capture and now with that stopped we can take a look at the packet capture together inside of Wireshark this file is saved as part of the nugget that files it's called NTP so in this capture if we wanted to do a display filter and just type in NTP and press Enter that would show us just the NTP traffic and pretty much any one of these will work so packet number 40 in the Ethernet header has a source MAC address of r2 who's making the request with the destination MAC address of r1 and that's because they are both on the same subnet in the ethernet header it says the next protocol is ipv4 that's the hexadecimal 800 so we'll collapse the Ethernet header we'll open up the IP header this ntp request coming from the client has a TTL and the IP header of 255 it's also identifying the next protocol in the stack is protocol 17 in decimal that is the protocol number for UDP user Datagram protocol if we collapse layer-3 header information and look at the UDP information here we have the well-known port of UDP one two three that's used with Network Time Protocol is being used as both the source and destination UDP port and then if we collapse that and we expand the actual payload for the network time protocol and expand the flags we can identify this as a client request that's going to the ntp server and based on the request we make in response as we get back the client is then going to adjust its clock appropriately to synchronize with the NTP server in this nugget we've lapped up a simple topology with two routers one acting as an NTP server the other as a client we captured the traffic and then we looked at it through the eyes of Wireshark I have had a great time in this nugget I'm glad you joined me for it I strongly encourage you to lab this up on your own and practice your iOS skills your gns3 skills and your Wireshark skills because the more you practice the better you're going to get so again thanks for joining me I hope this has been informative for you and I'd like to thank you for viewing
Info
Channel: Keith Barker
Views: 43,017
Rating: 4.8699999 out of 5
Keywords: Network Time Protocol (Protocol), Network Time Protocol tutorial, NTP training, Hands on CCNA training, UPD port 123 training, Free cbt nuggets training, Free IT training, Free cisco training, Free ccna training, wireshark training, GNS3 1.x tutorial, Keith Barker, CCNA Hands-on Labs Using Wireshark training, NTP master training, 24 bit mask, packet capture inside wireshark training, Time Protocol (Internet Protocol)
Id: _Jua0IMpIFk
Channel Id: undefined
Length: 9min 59sec (599 seconds)
Published: Wed Dec 24 2014
Related Videos
NTP Explained | Network Time Protocol | Cisco CCNA 200-301
CertBros
21K
RHEL7 - How NTP Works
networknutsdotnet
25K
My Cisco CCNA 200-301 online exam | Tips & Strategies
Keith Barker
45K
Master Spanning Tree (STP) Topologies in 3 Steps
Viatto
23K
One of the Greatest Speeches Ever | Steve Jobs
Motivation Ark
10M
TCP/IP and Subnet Masking
Eli the Computer Guy
3.5M
NTP vs. PTP: How Do You Get Accuracy?
Alliance for Telecommunications Industry Solutions
3.7K
SIP Devices In A SIP Network
sipsense.com
123K
Linux Network Time Protocol (NTP)
The Linux Man
50K
Networking basics (2020) | What is a switch, router, gateway, subnet, gateway, firewall & DMZ
IT k Funde
1.7M
DHCP Explained - Dynamic Host Configuration Protocol | DHCP DORA process | TechTerms
TechTerms
96K
Network Time Protocol - Video By Sikandar Shaik || Dual CCIE (RS/SP) # 35012
Sikandar Shaik
39K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.