NTP Source Addressing
WLAN admin to be able to specify source IP for originating NTP traffic from the Controller.
Starting AOS version 8.1, WLAN admin can now specify source IP address for the NTP traffic to be originated from the Controller. NTP source address can be a VLAN interface or loopback address. Specifying source IP for NTP will help in managing the packets by applying appropriate filters.
Advantages of Specifying Source IP:
- NTP Servers can be configured to allow packets only from specific source address. This will ensure the integrity and the security of the Servers.
- Easy to process and to review the logs in Servers, as it can be tracked using the source address.
- NTP peers can be tracked in better way.
- Loopback as source ensures IP address is always reachable, provided atleast 1 interface is up and have route to the IP address block assigned to loopback interface.
NTP soruce can be a VLAN interface or Loopback interface as shown below.
(7010) (config) #ntp source ? loopback Set loopack interface as source for NTP client traffic. <vlanid> Set source VLAN for NTP client traffic.
Configuration of NTP server and source address as follows,
(7010)(config)# ntp server 172.16.172.1 iburst (7010)(config)# ntp source 173
Following command can be executed to verify NTP configuration. As highlighted below, VLAN interface 173 has been configured as source address.
(7010) (config) #show ntp servers remote local st poll reach delay offset disp ==================================================================================== *172.16.172.1 172.16.173.2 2 64 1 0.00038 0.000309 0.96825 :-WARNING-: NTP Source Enabled. NTP source interface: 173 Ensure Upstream NTP Server(s) are reachable by source interface.