6-2
Catalyst 3560 Switch Software Configuration Guide
78-16156-01
Chapter 6      Administering the Switch
Managing the System Time and Date
Understanding the System Clock 
The heart of the time service is the system clock. This clock runs from the moment the system starts up 
and keeps track of the date and time. 
The system clock can then be set from these sources:
• Network Time Protocol
• Manual configuration
The system clock can provide time to these services:
• User show commands
• Logging and debugging messages
The system clock keeps track of time internally based on Universal Time Coordinated (UTC), also 
known as Greenwich Mean Time (GMT). You can configure information about the local time zone and 
summer time (daylight saving time) so that the time appears correctly for the local time zone.
The system clock keeps track of whether the time is authoritative or not (that is, whether it has been set 
by a time source considered to be authoritative). If it is not authoritative, the time is available only for 
display purposes and is not redistributed. For configuration information, see the “Configuring Time and 
Date Manually” section on page 6-11.
Understanding Network Time Protocol
The NTP is designed to time-synchronize a network of devices. NTP runs over User Datagram Protocol 
(UDP), which runs over IP. NTP is documented in RFC 1305. 
An NTP network usually gets its time from an authoritative time source, such as a radio clock or an 
atomic clock attached to a time server. NTP then distributes this time across the network. NTP is 
extremely efficient; no more than one packet per minute is necessary to synchronize two devices to 
within a millisecond of one another.
NTP uses the concept of a stratum to describe how many NTP hops away a device is from an 
authoritative time source. A stratum 1 time server has a radio or atomic clock directly attached, a 
stratum 2 time server receives its time through NTP from a stratum 1 time server, and so on. A device 
running NTP automatically chooses as its time source the device with the lowest stratum number with 
which it communicates through NTP. This strategy effectively builds a self-organizing tree of NTP 
speakers.
NTP avoids synchronizing to a device whose time might not be accurate by never synchronizing to a 
device that is not synchronized. NTP also compares the time reported by several devices and does not 
synchronize to a device whose time is significantly different than the others, even if its stratum is lower.
The communications between devices running NTP (known as associations) are usually statically 
configured; each device is given the IP address of all devices with which it should form associations. 
Accurate timekeeping is possible by exchanging NTP messages between each pair of devices with an 
association. However, in a LAN environment, NTP can be configured to use IP broadcast messages 
instead. This alternative reduces configuration complexity because each device can simply be configured 
to send or receive broadcast messages. However, in that case, information flow is one-way only.
The time kept on a device is a critical resource; you should use the security features of NTP to avoid the 
accidental or malicious setting of an incorrect time. Two mechanisms are available: an access list-based 
restriction scheme and an encrypted authentication mechanism.