Configuring Sntp Settings - Ubiquiti EdgeSwitch ES-24-250W Administration Manual

EdgeSwitch Administration Guide
™

Configuring SNTP Settings

The EdgeSwitch software supports the Simple Network Time Protocol (SNTP). SNTP assures accurate network
device clock time synchronization up to the millisecond. Time synchronization is performed by a network
SNTP server. The EdgeSwitch software operates only as an SNTP client and cannot provide time services to
other systems.
Time sources are established by Stratums. Stratums define the accuracy of the reference clock. The higher
the stratum (where zero is the highest), the more accurate the clock. The device receives time from stratum 1
and above since it is itself a stratum 2 device.
The following is an example of stratums:
• Stratum 0: A real-time clock is used as the time source, for example, a GPS system.
• Stratum 1: A server that is directly linked to a Stratum 0 time source is used. Stratum 1 time servers
provide primary network time standards.
• Stratum 2: The time source is distanced from the Stratum 1 server over a network path. For example, a
Stratum 2 server receives the time over a network link, via NTP, from a Stratum 1 server.
Information received from SNTP servers is evaluated based on the time level and server type.
SNTP time definitions are assessed and determined by the following time levels:
T1: Time at which the original request was sent by the client.
T2: Time at which the original request was received by the server.
T3: Time at which the server sent a reply.
T4: Time at which the client received the server's reply.
The device can poll Unicast and Broadcast server types for the server time.
Polling for Unicast information is used for polling a server for which the IP address is known. SNTP servers
that have been configured on the device are the only ones that are polled for synchronization information.
T1 through T4 are used to determine server time. This is the preferred method for synchronizing device time
because it is the most secure method. If this method is selected, SNTP information is accepted only from
SNTP servers defined on the device using the SNTP Server Configuration page.
Broadcast information is used when the server IP address is unknown. When a Broadcast message is
sent from an SNTP server, the SNTP client listens to the message. If Broadcast polling is enabled, any
synchronization information is accepted, even if it has not been requested by the device. This is the least
secure method.
The device retrieves synchronization information, either by actively requesting information or at every poll
interval. If Unicast and Broadcast polling are enabled, the information is retrieved in this order:
• Information from servers defined on the device is preferred. If Unicast polling is not enabled or if no
servers are defined on the device, the device accepts time information from any SNTP server that
responds.
• If more than one Unicast device responds, synchronization information is preferred from the device with
the lowest stratum.
• If the servers have the same stratum, synchronization information is accepted from the SNTP server that
responded first.
MD5 (Message Digest 5) Authentication safeguards device synchronization paths to SNTP servers. MD5 is an
algorithm that produces a 128-bit hash. MD5 is a variation of MD4, and increases MD4 security. MD5 verifies
the integrity of the communication, authenticates the origin of the communication.
Ubiquiti Networks, Inc.
Configuring System Information
116