Académique Documents
Professionnel Documents
Culture Documents
Section 8
Lab Exercises
Module 12
NTP and CRON
Document History
E
d
i
t
All Rights Reserved iAlcatel-Lucent 2007
7750 SR Core I R5.0
o
n
0
1
General
NTP client server mode
NTP peer active mode
NTP broadcast
NTP multicast
Redundancy
Remarks
RFC 1305
It is expected that the primary clock source in a given environment is
sourced from equipment with a stratum 1 capable clock and
distributed by a dedicated NTP server.
The 7750/7450/7710 will act as an intermediate NTP time server for
downstream network elements and should not be used as the primary
clock source.
Needed for SAA and others as SNTP was not accurate enough
If both NTP and SNTP are enabled on the node , then SNTP transitions
to an operationally down state . If NTP is removed from the
configuration or shut down then SNTP resumes an operationally state
up.
Supports:
Client mode Accept time dont respond to requests
Server mode Accept time and transmit responses
Symmetric Active mode Peer to Peer for trusted nodes
Broadcast & Multicast support Separate client & server controls
(Multicast receive on management port only)
Support release 2,3 and 4* Accepts either. Transmits per configuration
Authentication DES & MD5, multiple keys supported
HA protected Sessions uninterrupted on CPU switchover
Server unreachable traps If all configured server are unreachable a
trap is generated.
Gradual Clock adjustment If the time is more then 128ms incorrect then a
programmed adjustment takes place.
Timestamp format
NTP timestamps are represented as a 64-bit unsigned fixed- point number,
in seconds relative to 0h on 1 January 1900. The integer part is in the first
32 bits and the fraction part in the last 32 bits.
1/2/1
1/2/2
1/1/3
1/2/3
7750 SR-12
PE-4
server
192.9.200.158 client 1/1/2 1/2/1
client
4.4.4.4
NTP Server
192.9.200.100
7750 SR-12
Sratum 3 PE-3
192.9.200.157
3.3.3.3
1. configure>system>time>ntp
2. configure>system>time>ntp#server 192.9.200.100
version 4 prefer
3. configure>system>time>ntp#no shutdown
1/2/1
1/2/2
1/1/3
1/2/3
7750 SR-12
PE-4 client
server client
192.9.200.164 1/1/2 1/1/1
4.4.4.4
NTP Server
192.9.200.100
7750 SR-12
Sratum 3 PE-3
192.9.200.163
3.3.3.3
1/1/1
1/2/2
1/2/3
1/1/3
7750 SIM
server SR4 client server
192.9.200.164 1/1/2 1/1/1 client server
4.4.4.4
NTP Server
192.9.200.100
7750 SR-12
Sratum 3 PE-3
192.9.200.163
3.3.3.3
configure system time ntp
1/2/1
1/2/2
1/2/3
1/2/3
7750 SR-12
server PE-4
client server client server
192.9.200.164 1/1/2 1/2/1
4.4.4.4
NTP Server
192.9.200.100
7750 SR-12
Sratum 3 PE-3
192.9.200.163
3.3.3.3
1/1/1
1/2/2
1/1/3
1/1/3
7750 SR-12
server PE-4 client
client server
192.9.200.164 server 1/1/2 1/2/1
4.4.4.4
NTP Server
192.9.200.100
peers
configure system time
7750 SR-12
Sratum 3 PE-3
ntp-server
no authentication-check 192.9.200.163
peer 4.4.4.4 3.3.3.3
server 192.9.200.100 version 4 prefer
no shutdown
Make PE-3 PE-4 peers
All Rights Reserved Alcatel-Lucent 2007
7750 SR Core I R5.0
1/2/1
A:PE3# show system ntp all detail 1/2/2
===========================================================================
1/2/3
1/2/3
NTP Status
===========================================================================
Enabled : Yes Stratum 7750
: 4 SR-12
Admin Status server : up Oper Status PE-4: up
client client server
NTP Server : No Auth Check 192.9.200.164
: Yes server 1/1/2 1/1/1
System Ref Id : 192.9.200.100
4.4.4.4
Auth Errors
NTP Server :0 Auth Errors Ignored : 0
Auth Key Id Errors : 0 Auth Key Type Errors : 0
192.9.200.100
============================================================================= 7750 SR-12
Sratum 3
NTP Servers/Peers
PE-3
=============================================================================
State Remote Reference ID St Type Auth Poll R Offset 192.9.200.163
----------------------------------------------------------------------------- 3.3.3.3
chosen 192.9.200.100 127.127.1.0 3 srvr none 1024 y 0.024
1/2/1
1/2/2
1/2/3
1/2/3
7750 SR-12
PE-4
server client server client
192.9.200.164 1/1/2 1/1/1 server
4.4.4.4
NTP Server
192.9.200.100
7750 SR-712
Sratum 3 PE-3
192.9.200.163
3.3.3.3
router - specifies the router name used to transmit NTP packets. Base is
the default. Select management to use the SR CPM management port
1/2/1
1/2/2
1/1/3
1/2/3
7750 SIM
A:PE2# show system ntp all detail
PE-4 server
server server
192.9.200.164 ... 1/1/2 1/2/1
4.4.4.4 ===============================================================================
NTP Server NTP Configured Broadcast/Multicast Interfaces
===============================================================================
192.9.200.100 vRouter Interface Address Type Auth Poll
------------------------------------------------------------------------------- 7750 SR-12
Sratum 3 management management Host-ones bclnt no n/a PE-3
=============================================================================== 192.9.200.163
=============================================================================== 3.3.3.3
NTP Active Associations
1/2/1
1/2/2
1/2/3
1/2/3
7750 SR-12
PE-4 server
server server
192.9.200.164 1/1/2 1/1/1
4.4.4.4
NTP Server
192.9.200.100
7750 SR-12
Sratum 3 PE-3
192.9.200.163
3.3.3.3
configure system time
1/2/1
1/2/2
1/1/3
1/2/3
7750 SR-12
PE-4 server server
server
192.9.200.164 A:PE3# show system ntp all 1/1/2 detail 1/2/1
4.4.4.4 ...
NTP Server ===============================================================================
NTP Configured Broadcast/Multicast Interfaces
192.9.200.100 ===============================================================================
vRouter Interface Address Type Auth Poll 7750 SR-12
Sratum 3 ------------------------------------------------------------------------------- PE-3
Base tope3 Host-ones bclnt no n/a
Base toppe4 Host-ones bclnt no n/a 192.9.200.163
=============================================================================== 3.3.3.3
PE-3 and PE-4 are broadcast servers towards PE-1 and PE-2
NTP Active Associations
===============================================================================
State Remote Reference ID St Type Auth Poll R Offset
-------------------------------------------------------------------------------
chosen 140.140.17.1 192.9.200.100 4 bclnt none 64 y -21.196
All Rights Reserved Alcatel-Lucent 2007 4 bclnt none 64 y -70.001
7750 SR Core I R5.0 candidate 140.140.21.2 192.9.200.100
===============================================================================
1/2/1
1/2/2
1/2/3
1/2/3
7750 SR-12
PE-4 server
server server
192.9.200.164 1/1/2 1/1/1
4.4.4.4
NTP Server
192.9.200.100
7750 SR-12
Sratum 3 PE-3
192.9.200.163
3.3.3.3
1/1/1
1/2/2
1/1/3
1/2/3
7750 SR-12
PE-4 server server
server
192.9.200.164 1/1/2 1/1/1
4.4.4.4
A:PE2# show system ntp all detail
NTP Server ...
===============================================================================
192.9.200.100 NTP Configured Broadcast/Multicast Interfaces
=============================================================================== 7750 SR-12
Sratum 3 vRouter Interface Address Type Auth Poll PE-3
-------------------------------------------------------------------------------
management management 224.0.1.1 mclnt no n/a
192.9.200.163
=============================================================================== 3.3.3.3
1/2/1
1/2/2
1/2/3
1/2/3
7750 SR-12
server PE-4 server client server
client
192.9.200.164 1/1/2 1/1/1
4.4.4.4
NTP Server
192.9.200.100
7750 SR-12
Sratum 3 PE-3
192.9.200.163
Peer 3.3.3.3
PE2> Redundancy
B:PE-2# show system ntp all configure system time ntp
server 4.4.4.4 prefer
=========================================================================== server 3.3.3.3
7750 SIM
NTP Status Outband management LAN no shutdown PE-2
=========================================================================== 192.9.200.162
Enabled : Yes Stratum :5 2.2.2.2
Admin Status : up Oper Status : up
Server enabled : No 7750 SIM: none
Server keyId
System Ref Id : 10.1.1.1 Auth Check : Yes 1/1/1
PE-1 1/1/2
192.9.200.161 client client
=============================================================================
NTP Active Associations 1.1.1.1
============================================================================= 1/1/3
State Remote Reference ID St Type Auth Poll R Offset
----------------------------------------------------------------------------- 1/1/2 1/1/3 1/1/1
chosen 4.4.4.4 192.9.200.10 4 srvr none 1024 y -0.039
candidate 3.3.3.3 8.8.8.8 5 srvr none 1024 y 5.252
1/2/1
1/2/2
1/2/3
1/2/3
Reject The peer is rejected and will not be used for synchronization.
Rejection reasons could be the peer is unreachable, the peer is
synchronized to this local server so synchronizing with it would
create a sync loop, or the synchronization distance is too large.
Invalid The peer is not maintaining an accurate clock. This peer will not be
used for synchronization.
Outlayer The peer is discarded as an outlayer. This peer will not be used for
synchronization.
TRAP tmnxNtpServersAvail
Generated when one of the configured servers, broadcast/multicast
servers, or peers is found.
The "server available"trap does not mean that "synchronization" has been
achieved, just that an NTP server's pkts have been received.
Remarks
www.ntp.org
ntp multicast is only supported on management interface.
Any Questions
What ?
Enables users to execute CLI scripts (groups of commands)
automatically at a specified time/date or interval.
Why ?
Timed reboot
Scheduled SAA tests
Peer turn up
Management tasks (e.g. config backups)
...
TO DO
O
- Pizza
- Fruit
-shopping (see TO DO) - Beer
-be back before 3pm
-put stuff in fridge !!! Post letter
Pick up laundry
2. Write a script using Notepad with the SAA test as a line in the script
a.Save the script with a easily recognisable name
b.FTP the script to a Compact Flash,preferably CF1:\ or CF2:\ or to a server
3.Configure a CRON Script with the location as the location of the script on the Compact Flash
4.Configure a CRON Action specifying the script configured in para 3 and also the location of where to send
results, this is most likely the same Compact Flash as the Script in para 2 is stored
5. Configure a CRON Schedule with the action specified in para 4 and a schedule type and periodicity
configure cron
File dir cf3:\saa*
schedule "saa
type periodic 04/02/2006 11:45a 3791 saa_20060402-094514.out saa_test_result_1
interval 900 04/02/2006 12:00p 3791 saa_20060402-100014.out
action "saa" 04/02/2006 12:15p 3791 saa_20060402-101514.out
no shutdown ...
exit saa_test_result_2
action "saa"
results "cf3:\saa"
script "saa" File type cf3:\myscript
no shutdown
exit show time
echo '=========='
script "saa" clear saa lsp25
location "cf3:\myscript" oam saa start lsp25
no shutdown sleep 10
exit show saa lsp25
CRON script:
The script can be stored local (CF) or remote (FTP) and points to a CLI script
file
CRON action:
A results location (local or remote) must be specified and points to the file
that will be used for output redirection. For each scheduled run, a timestamp is
added to the configured results filename: _YYYYMMDD-hhmmss.out
The max-completed and expire-time parameters define how long an
action execution record is kept in the script run history (see later)
The lifetime parameter specifies how long a script may run. It is a protection
against a mis-configured scripts which runs away.
CRON schedule:
The schedule type can be one of :
Periodic (default): the CRON job is scheduled at regular time intervals.
The interval must be specified. (in seconds; min. 30 seconds)
Calendar: the CRON job is scheduled at calendar intervals. For example:
every Tuesday at 05:00 am
Oneshot: the CRON job is scheduled once at a specific day and time. For
example: Tuesday, May 2nd 2006 at 21:00.
When the action is scheduled, the schedule goes in operational down
(finished) state.
For calendar and oneshot, the minimum config must include: Month, weekday, day-of-
month, hour and minute
For each of the parameters month, day-of-month, weekday, hour and minute, multiple
values can be configured. The action is scheduled for each corresponding value.
When both day-of-month and weekday resolve to the same day, the action is only
scheduled once.
show time
echo ==========
clear saa sdpping
oam saa sdpping start
sleep 20
show saa sdpping
Save the script as saa.txt and ftp it to cf3:\ on a router or cf2:\ on a Sim
These .out files are generated according to interval set in your cron schedule
===============================================================
SAA Test Information
================================================================
Test name : sdpping
Owner name : TiMOS CLI
Administrative status : Enabled
Test type : sdp-ping 166 resp-sdp 167
Test runs since last clear :1
Number of failed test runs :0
Last test result : Success
Press any key to continue (Q to quit)
Clear commands:
# A:PE-1# clear cron action completed ?
- completed [<action-name>] [owner <action-owner>]
For each scheduled action, an action execution record is kept in the script
run history:
As long as there are action execution records (run history entries) attached
to an action, the action cannot be shutdown. Use the clear command to
force deletion:
A:PE-1>config>cron>action# info
----------------------------------------------
results "cf2:/cron-results/myscript"
script "myscript" owner "admin"
no shutdown
----------------------------------------------
A:PE-1>config>cron>action# shutdown
MINOR: SYSTEM #2518 Cannot 'shutdown' because there are associated
run history entries
The default owner for CRON schedule, action and script is TiMOS-
CLI.
It is recommended that the user who configures CRON have the
same access rights as the "admin" user. In the current release a
user can workaround his profile restrictions with CRON scripts.
Configuration backup:
push each Friday night the running config to a centralised server sample script
sample output
This task could be implemented using a calendar CRON job:
script "config-backup"
location "ftp://user:pwd@192.168.1.1/./cron/conf_backup_221"
no shutdown
exit schedule "config-backup"
action "config-backup"
type calendar
action "config-backup" day-of-month all
results "ftp://user:pwd@192.168.1.1/./ hour 23
cron/results/conf_backup_221" minute 50
script "config-backup" month all
no shutdown weekday friday
exit no shutdown
exit
#--------------------------------------------------
echo "Cron Configuration"
#--------------------------------------------------
cron
action "scheduled reboot" owner "TiMOS CLI"
no results No result file specified in action
script "scheduled reboot" owner "TiMOS CLI"
max-completed 1
expire-time 3600
lifetime 3600
no shutdown
exit
exit
===============================================================================
CRON Action Information
===============================================================================
Action : scheduled reboot
Action Owner : TiMOS CLI
Administrative status : enabled
Operational status : enabled
Script : scheduled reboot
Script owner : TiMOS CLI
Script source location : ftp://*******:*******@138.203.18.50/./cron/reboot
Script results location : cf2:/cron-results/reboot
Max running allowed :1
Max completed run histories :1
Max lifetime allowed : 0d 01:00:00 (3600 seconds)
Completed run histories :1
===============================================================================
Script Run History Status Information
-------------------------------------------------------------------------------
Script Run #1
-------------------------------------------------------------------------------
Start time : 2006/03/24 23:50:01 End time : 2006/03/24 23:50:02
Elapsed time : 0d 00:00:01 Lifetime : 0d 00:00:00
State : terminated Run exit code : genericError
Result time : 2006/03/24 23:50:02 Keep history : 0d 00:57:21
Error time : 2006/03/24 23:50:02
Results file : ftp://*******:*******@192.168.1.1/./cron/results_20060324-235
000.out
Run exit : Failed NoCRON
result script
file specified
containsinerror
action
Error : CLI command error
===============================================================================
No action
configured
#--------------------------------------------------
echo "Cron Configuration" Wrong remote
#-------------------------------------------------- location
configured
cron
script "scheduled reboot"
location "ftp://user:pwd@192.168.1.1/cron/reboot"
no shutdown
exit
exit
===============================================================================
CRON Schedule Information
===============================================================================
configured
Minute : 45
Number of schedule runs : 0
Last schedule run : never
Number of schedule failures : 0
Last schedule failure : no error
Last failure time : never
===============================================================================
===============================================================================
CRON Schedule Information
===============================================================================
Schedule : myschedule
Schedule owner : TiMOS CLI
Description : none
Administrative status : enabled
Operational status : enabled
Action : myaction
Action owner : admin
Script : myscript
Script Owner : admin
Script source location : cf2:scripts/myscript
Script results location : cf2:/cron-results/myscript
Schedule type : calendar
Interval : n/a The CRON job will not run.
-> Check the config
Next scheduled run : Bad configuration
Weekday : none
===============================================================================
===============================================================================
CRON Schedule Information
===============================================================================
Schedule : oneshot
Schedule owner : TiMOS CLI
Description : none
Administrative status : enabled
Operational status : enabled
===============================================================================
===============================================================================
7031 2006/03/20 09:36:03.81 UTC MAJOR: SYSTEM #2101 - CRON schedule
CRON Schedule Information
"CRON schedule "sec" created by "readonly" failed with error: MINOR:
===============================================================================
Schedule : sec AGENT #18 Unknown name error"
Schedule owner : readonly
Description : none
Administrative status : enabled action "sec" owner "readonly"
Operational status : enabled results "cf2:/cron-results/myscript"
Action : sec script "myscript" owner "admin"
Action owner : TiMOS CLI
no shutdown
Script name : none
Script owner : none exit
Script source location : none schedule "sec" owner "readonly"
Script results location : none interval 90
Schedule type : periodic action "sec"
Interval : 0d 00:01:30 (90 seconds) no shutdown
Next scheduled run : 0d 00:01:29 exit
Weekday : none
Month : none
Day of month : none
===============================================================================
Any Questions
End of Module
NTP and CRON