CenterClick NTP200 Series Documentation - Admin Console
Main
Docs
o Features
o Hardware 200/250
o Hardware 220/270
o Getting Started
o Release Notes
o Front Panel Button
o Front Panel LEDs
o USB Console
o Admin CLI
o Using HTTPS
o SSH Authentication
o Client List
o Antennas
o Graphs
o PPS Output
o Reimage 200/250
o Reimage 220/270
Live Demos
Contact Us
Feedback and Bug Reports
Follow us on LinkedIn
Privacy Policy
Shipping and Tax
Returns and Warranty
The Admin Console
All configuration is performed using the Admin console. This can be accessed using the USB console or by SSH remotely.
The physical USB console does not require authentication, however SSH access does. If your device has a default password printed on the label SSH is enabled by default, otherwise SSH is disabled by default.
NTP270 documentation at https://centerclick.com/ntp Console Commands: help This Help show config Show entire configuration show info System Info show ntp NTP Status show ntp details NTP Details show ntp clients NTP Clients show ntp acls NTP Access Control show ntp bcast NTP Broadcast/Multicast show ntp backup NTP Servers/Pools show gnss GNSS Status show network Network Status show services Show Services show localization Show Timezone, Units and Hostname conf network Configure Network conf services Configure Services conf ntp acls Configure NTP Access Control conf ntp bcast Configure NTP Broadcast/Multicast conf ntp backup Configure NTP Servers/Pools conf localization Configure Timezone, Units, and Hostname conf gnss Configure GNSS stream nmea Show live GNSS NMEA data ping [-4|-6] host Ping a host with ICMPs traceroute [-4|-6] host Traceroute to a host ntppool validate {-4|-6} Complete a NTP Pool validation reboot [hard] Reboot shutdown Shutdown no conf Reset settings to defaults [reboots] upgrade [URL] Upgrade software exit Logout NTP270>
Basic Status
Use the 'show info' command to see system, power, and CPU status:
NTP270> show info Model: NTP270 HW Rev: 3 SN: 240200 Software Running: 2.16.0 [c8d2785], Latest: 2.16.0 Help: https://centerclick.com DC Power: 9.15 PoE Power: good Power: redundant CPU Temp: 101.77 F Temperature: good Memory: 60.18 / 128 MiB Flash: Micron SLC NAND - 512 MiB - good CPU: 5.03% Uptime: 18:08 NTP270>
Use the 'show ntp' command to see NTP status:
NTP270> show ntp Time: 2024-03-22 22:05:24 UTC NTP Status: good NTP Stratum: 1 PLL Freq: 4.97275 ppm Clock Jitter: 0.011 msec System Jitter: 0.006617 msec Pending Leap: none RX Packets: 0.83 per minute TX Packets: 0.83 per minute NTP270>
Use the 'show ntp details' command to see NTP details. This shows the output of 'ntpq -c peers -c sysinfo -c kerninfo -c iostats -c sysstats':
NTP270> show ntp details
NTP Details:
remote refid st t when poll reach delay offset jitter
==============================================================================
127.127.22.1 .PSIN. 1 l - 16 0 0.000 +0.000 0.000
o127.127.22.0 .PPS. 0 l 14 16 377 0.000 0.000 0.001
*127.127.28.0 .GPS. 7 l 61 64 377 0.000 -2.308 1.563
pool.centerclick.com
.POOL. 16 p - 1024 0 0.000 +0.000 0.002
-xx.xx.xxx.xx .PPS. 1 u 6 64 377 57.795 -6.642 0.251
-xxx.x.xxx.xxx xxx.xxx.xxx.x 3 u 8 64 377 76.940 -0.741 0.098
-xxx.xxx.xx.xxx xx.xxx.x.xxx 2 u 13 64 377 78.299 -0.361 1.030
-xxx.xxx.xxx.xxx xxx.xxx.xxx.xx 2 u 75 64 176 105.222 -1.770 4.348
associd=0 status=0118 leap_none, sync_pps, 1 event, no_sys_peer,
system peer: 127.127.22.0:123
system peer mode: client
leap indicator: 00
stratum: 1
log2 precision: -19
root delay: 0.000
root dispersion: 1.240
reference ID: PPS
reference time: e9a87f3c.7b35c217 Fri, Mar 22 2024 22:05:48.481
system jitter: 0.008703
clock jitter: 0.012
clock wander: 0.002
broadcast delay: -50.000
symm. auth. delay: 0.000
associd=0 status=0118 leap_none, sync_pps, 1 event, no_sys_peer,
pll offset: -0.006534
pll frequency: 4.97343
maximum error: 3.5
estimated error: 0.012
kernel status: pll nano
pll time constant: 4
precision: 1e-06
frequency tolerance: 500
pps frequency: 0
pps stability: 0
pps jitter: 0
calibration interval 0
calibration cycles: 0
jitter exceeded: 0
stability exceeded: 0
calibration errors: 0
time since reset: 4565
receive buffers: 64
free receive buffers: 63
used receive buffers: 0
low water refills: 1
dropped packets: 0
ignored packets: 0
received packets: 15555
packets sent: 26434
packet send failures: 0
input wakeups: 20138
useful input wakeups: 15580
uptime: 4565
sysstats reset: 4565
packets received: 15556
current version: 111
older version: 0
bad length or format: 0
authentication failed: 0
declined: 0
restricted: 1
rate limited: 0
KoD responses: 0
processed for time: 86
NTP270>
Note that the 127.127 IP addresses are NTP's way of using a reference clock such as the GPS source.
Use the 'show ntp clients' command to see the NTP client list sorted by IP address:
NTP270> show ntp clients
NTP Clients:
Client Count: 39
ip last rx count tx count alert
--------------------------------------- ------------ -------- -------- ------
10.10.23.30 16 hr ago 5 5
10.10.23.40 13 hr ago 5 5
10.10.23.42 33 sec ago 6909 6909
10.10.23.51 32 sec ago 6909 6909
10.10.23.62 22 hr ago 5 5
10.10.23.64 14 hr ago 5 5
10.10.23.65 43 min ago 492 246
10.10.23.66 42 min ago 2831 2339
10.10.23.81 15 sec ago 6909 6909
10.10.23.82 3 sec ago 6909 6909
10.10.23.83 7 sec ago 6909 6909
10.10.24.31 1118 sec ago 305 305
10.10.24.34 3 hr ago 10 10
10.10.24.40 23 hr ago 5 5
10.10.24.80 28 min ago 259 259
10.10.24.81 28 min ago 247 247
10.10.24.82 28 min ago 231 231
10.10.24.131 57 min ago 122 122
10.10.24.132 403 sec ago 261 261
10.10.24.134 523 sec ago 262 262
192.133.6.161 251 sec ago 432 432
192.133.6.241 24 hr ago 33 22 sleep
192.133.6.242 72 min ago 223 150 sleep
192.133.6.243 551 sec ago 249 166
192.133.6.244 2 days ago 63 42 sleep
192.133.6.246 2 days ago 402 268 sleep
2620:9a:e000:12::1 260 sec ago 419 419
2620:9a:e000:13::1 737 sec ago 418 418
2620:9a:e000:14::1 496 sec ago 419 419
2620:9a:e000:80::4 14 hr ago 5 5
2620:9a:e000:100::2 896 sec ago 474 474
2620:9a:e000:1011::1 73 sec ago 607 607
2620:9a:e000:1022::85 123 sec ago 499 499
2620:9a:e000:1022::86 701 sec ago 615 615
2620:9a:e000:1025:d92e:f5c7:2da8:1a64 3 days ago 1 1 sleep
2620:9a:e000:1060::10 27 sec ago 4104 4104
2620:9a:e000:1061::1 251 sec ago 432 432
2620:9a:e000:1063::2 172 sec ago 559 559
2620:9a:e000:1063:250:b6ff:fecd:5aed 30 hr ago 147 147 sleep
NTP270>
Use the 'show gnss' command to see the GNSS status
NTP270> show gnss
GNSS Systems: GPS Galileo GLONASS
GNSS Mode: 3d-fix
Leap Seconds: 18
Latitude: xx.xxxxxxx +/-24ft
Longitude: xx.xxxxxxx +/-20ft
Altitude: xxxft +/-30ft
Satellites: 34 seen, 18 used
List: GNSSID SVID PRN EL AZ SS USED
GPS 1 1 XXX XXX 22 1
GPS 10 10 XXX XXX 32 1
GPS 12 12 XXX XXX 21 1
GPS 21 21 XXX XXX 17 1
GPS 22 22 XXX XXX 26 1
GPS 23 23 XXX XXX 24 1
GPS 24 24 XXX XXX 10 0
GPS 25 25 XXX XXX 35 1
GPS 26 26 XXX XXX 0 0
GPS 31 31 XXX XXX 29 1
GPS 32 32 XXX XXX 29 1
SBAS 133 46 XXX XXX 0 0
SBAS 135 48 XXX XXX 0 0
SBAS 138 51 XXX XXX 0 0
Galileo 2 302 XXX XXX 27 1
Galileo 3 303 XXX XXX 24 1
Galileo 7 307 XXX XXX 10 1
Galileo 8 308 XXX XXX 13 1
Galileo 13 313 XXX XXX 10 0
Galileo 25 325 XXX XXX 17 1
Galileo 26 326 XXX XXX 0 0
Galileo 30 330 XXX XXX 22 1
Galileo 33 333 XXX XXX 0 0
GLONASS 5 69 XXX XXX 8 1
GLONASS 6 70 XXX XXX 0 0
GLONASS 7 71 XXX XXX 8 0
GLONASS 8 72 XXX XXX 0 0
GLONASS 9 73 XXX XXX 26 1
GLONASS 10 74 XXX XXX 0 0
GLONASS 15 79 XXX XXX 0 0
GLONASS 16 80 XXX XXX 21 1
GLONASS 22 86 XXX XXX 0 0
GLONASS 23 87 XXX XXX 0 0
GLONASS 24 88 XXX XXX 0 0
NTP270>
Use the 'show network' command to see current network configuration. In the example below, DHCPv4 and DHCPv6 are used to obtain pool addresses and both DNSv4 and DNSv6 settings.
NTP270> show network
Status: good
Link: link-up
MAC Addr: 8c:1f:64:f4:91:00
Addressing: IPv4: auto, IPv6: auto
IP Addrs: 192.133.6.163/27
2620:9a:e000:1061::8:7/128
2620:9a:e000:1061:8e1f:64ff:fef4:9100/64
fe80::8e1f:64ff:fef4:9100/64
IP Routes: 0.0.0.0/0 via 192.133.6.161
::/0 via fe80::1061
IP DNS: 192.133.6.1
2620:9a:e000::1
LLDP Neighbor: mac e0:d1:73:f4:27:0a, core-sw1, ifname gi2/1/17
NTP270>
Configuring GNSS
Use the 'conf gnss' command to configure which GNSS systems to use.
NTP270> conf gnss NTP270[gnss]> help GNSS Systems: GPS Galileo GLONASS GNSS Commands: help This help exit Exit GNSS Menu no sat gps Disable GPS (United States) satellites no sat galileo Disable Galileo (European Union) satellites no sat glonass Disable GLONASS (Russian Federation) satellites sat beidou Enable BeiDou (China) satellites NTP270[gnss]>
Each GNSS module type has some restrictions as to which combinations can be enabled, and not all systems can be enable at once. By default, GPS Galileo and GLONASS are enabled and BeiDou is disabled.
NOTE: It is highly recommended to leave GPS enabled as all GNSS module manufacturers state this.
Configuring the Network
Both IPv4 and IPv6 are supported and, by default, DHCPv4 and DHCPv6/SLAAC are used to obtain network addresses automatically.
NTP270> conf network
NTP270[net]> help
Network Commands:
help This help
exit Exit Network Menu
ip4 off IPv4 Disabled
ip4 auto IPv4 DHCP
ip4 static IP/MASK GW { DNS1,DNS2 } IPv4 Static (DNS optional)
ip4 route IP/MASK NH Add IPv4 Static Route
no ip4 route IP/MASK Remove IPv4 Static Route
ip6 off IPv6 Disabled
ip6 auto IPv6 SLAAC/DHCP
ip6 token IFID IPv6 SLAAC/DHCP with host token
ip6 static IP/MASK GW { DNS1,DNS2 } IPv6 Static (DNS optional)
ip6 route IP/MASK NH Add IPv6 Static Route
no ip6 route IP/MASK Remove IPv6 Static Route
Examples:
ip4 static 203.0.113.53/24 203.0.113.1 198.51.100.49,192.0.2.220
ip6 static 2001:db8:74::10/64 2001:db8:74::1 2001:db8::59,2001:db8::32
ip6 token ::1234
ip4 route 192.0.2.0/24 203.0.113.1
ip6 route 2001:db8:114::/48 2001:db8:74::222
NTP270[net]>
IPv4 and IPv6 are configured independently, each can be dynamic or static. When configured for DHCP, IP address and DNS settings are learned automatically. For IPv6 router advertisements are used to determine stateful/stateless mode and DHCPv6 used if needed to obtain pool or static binding IP addresses, and DNSv6 information. Token mode is identical to auto for IPv6 except the token is used for the lower 64 bits of a SLAAC address providing a hybrid between static and auto modes.
Any number of static routes can also be added when in either auto or static mode for both IPv4 and IPv6. Care should be taken to make sure next-hop addresses reside within the connected network.
The device will function correctly in legacy IPv4-only, dual IPv4/IPv6, or IPv6-only environments.
Configuring Services
By default, HTTP is enabled; SSH, HTTPS, SNMP, and location privacy are disabled; and automatic upgrades are set to install. You can use the Services menu to configure each. The exact list of commands vary depending on your current configuration.
NTP270> conf services NTP270[srv]> help Service Commands: help This help exit Exit Service Menu no http Disable HTTP interface https Enable HTTPS interface location privacy Enable Location Privacy on HTTP no client dns Disable Client DNS Lookups [reboots] snmp <ro-community> Enable SNMP interface pps output Enable PPS Output Pins pps input Enable PPS Input Pins auto upgrade check-only Check for upgrades, don't install no auto upgrade Don't check for upgrades admin password Update SSH password no admin password Disable admin password admin authkeys Add SSH authorized keys NTP270[srv]>
For details on configuring HTTPS, see the detailed HTTPS guide.
For details on configuring SSH authentication, see the detailed SSH guide.
For details on PPS input and output pins, see the detailed PPS guide.
Client DNS lookups can be disabled or enabled. Results will be displayed on the clients webpage, CSV, and JSON, but not on the console.
SNMP is supported for a limited set of MIBs (currently SNMPv2-MIB, IF-MIB, HOST-RESOURCES-V2-MIB), ntpSnmpMIB (RFC5907) is not supported. V1/V2 is supported, V3 is not. No traps are sent.
Note that HTTP location privacy is disabled by default, that meaning anyone who can access the HTTP interface can determine the device location. When HTTP location privacy is enabled the location data is unavailable on the HTTP interface however it is still shown on the admin console.
Automatic upgrades can be set to one of 3 states: 'no auto upgrade', 'auto upgrade check-only', or 'auto upgrade install' which respectivly don't check for upgrades at all, checks for but does not install, or both checks for and automatically installs firmware. The default is to check and install.
If enabled, the check will occur within about an hour after boot and then daily between 1AM and 2AM in the configured timezone. The results of the check will be displayed on the main webpage.
Configuring NTP Access Control
Access Controls allow you to further open or restrict NTP operations based on a source IP/MASK.
There are 3 operations that can be allowed or denied:
- sync: the ability to synchronize (i.e. the normal NTP operation)
- query: the ability to query the appliance over NTP packets with 'ntpq' or 'ntpdc'
- ratelimit: rate limits for misbehaving clients and DoS attacks.
By default, all IPs can synchronize and are subject to rate limits as shown in the menu below:
NTP270> conf ntp acls NTP270[acl]> help Current Access Controls: 0.0.0.0/0 sync ratelimit ::/0 sync ratelimit Access Control Commands: help This help exit Exit Access Control Menu D IP/MASK delete entry S IP/MASK clients can: sync with ratelimit (default) R IP/MASK clients can: sync with nolimit Q IP/MASK clients can: sync and query with ratelimit U IP/MASK clients can: sync and query with nolimit B IP/MASK clients are blocked Examples: R 203.0.113.0/24 # These hosts are not subject to rate limiting Q 2001:db8:522:74::/64 # These hosts can query with ntpq and ntpdc B 192.0.2.166/32 # This host is banned NTP270[acl]>
Using the various commands above you can add, modify, or remove entries to allow specific hosts or networks.
Note that IP/MASK entries are hierarchical, for example, you can create an entry for 2001:db8:22::/48 that allows query, another entry for 2001:db8:22:7::/64 that has both query and no rate limit, and another entry for 2001:db8:22:7::99/128 that is blocked entirely.
The default entries (0.0.0.0/0 and ::/0) cannot be removed, however you can modify them.
Configuring NTP Broadcast/Multicast
Sending NTP to Broadcast and/or Multicast addresses is disabled by default but can be configured as described below.
NTP270> conf ntp bcast NTP270[bcast]> help Current NTP Broadcast/Multicast: (none) Broadcast/Multicast Commands: help This help exit Exit Broadcast/Multicast Menu send IP add broadcast/multicast server entry no send IP delete broadcast/multicast server entry Examples: send 255.255.255.255 # RFC919: limited broadcast send 192.0.2.255 # RFC919: all hosts on the local IP net send 224.0.1.1 # RFC5905 Section 8 send ff02::101 # RFC5905 Section 8 NTP270[bcast]>
For IPv4, you can send to the limited broadcast (255.255.255.255), your local network broadcast, or to the IPv4 NTP multicast address 224.0.1.1.
For IPv6, you can send to one of the IPv6 NTP multicast addresses such as ff02::101 for link-local scope.
You can configure any number of broadcast/multicast addresses and packets will be sent to all of them at the default 64-second interval.
For further information on NTP multicast address assignments see IANA IPv4 multicast assignments and IANA IPv6 multicast assignments. You are not restricted to sending to the standard IP addresses and can enter any IP you would like if needed.
Configuring NTP Servers/Pools
You can configure the device to also sync to other NTP servers or pools of servers to act as a backup in case the GPS signal is weak or lost. Under normal operation the GPS source has priority and the backup servers and pools will only be used if the GPS signal is weak or lost.
NTP270> conf ntp backup NTP270[backup]> help Current NTP Backup Servers/Pools: pool us.pool.ntp.org Backup Servers/Pools Commands: help This help exit Exit Backup Servers Menu server IP/DNS add backup server entry no server IP/DNS delete backup server entry pool DNS add backup pool entry no pool DNS delete backup pool entry Examples: server 192.0.2.4 # a local server on your network server ntp1.example.com # a local server on your network pool us.pool.ntp.org # a public pool of servers pool europe.pool.ntp.org # a public pool of servers NTP270[backup]>
By default the pool 'pool.centerclick.com' which is simply an alias for 'us.pool.ntp.org' is configured, you can remove, replace, or add additional servers or pools if you'd like
The difference between a server and a pool is that servers are static where as pools are more flexible allowing multiple and changing IP lookups to a DNS name.
For pools, the resolved IPs are added and removed dynamically on the fly as needed. See ntppool.org for a list of pools in your region.
Note that servers by DNS names are only resovled on startup of the appliance.
Setting the Timezone, Units, and Hostname
By default the timezone is set to UTC and units are in feet and fahrenheit, you can change this on the admin console.
If configured, the hostname will show in the admin cli prompt and on the web interface.
NTP270> conf localization NTP270[local]> help Timezone: Etc/UTC Length units: ft Temperature units: f Hostname: [not set] Localization Commands: help This help exit Exit Localization Menu (and Reboot if needed) timezone [zone] Configure timezone [reboot on exit] units meters Set units of length [reboot on exit] units celsius Set units of temperature [reboot on exit] hostname HOSTNAME Set hostname NTP270[local]>
When choosing a timezone, you will be asked to pick from a wide variety of zones, for example below the zone is changed to 'America/New_York'. Note that the timezone is for display only, the GPS and NTP protocols do not make use of a timezone.
Streaming NMEA data
The stream nmea command will display live NMEA formatted GNSS data. Press ENTER to stop.
NTP270> stream nmea Press <ENTER> to stop NMEA output $GPZDA,141845.00,25,12,2022,00,00*6D $GPGGA,141845.00,xxxx.xxxx,N,xxxx.xxxx,W,1,19,0.62,xxx.xx,M,-30.738,M,,*58 $GPRMC,141845.00,A,xxxx.xxxx,N,xxxx.xxxx,W,0.0952,47.733,251222,-14.4,W*4C $GPGSA,A,3,10,21,22,23,24,25,31,32,,,,,1.4,0.6,1.2*33 $GPGBS,141845.00,5.941,7.071,6.783,,,,*4E $GPGSV,8,1,32,01,xx,xx,17,10,xx,xx,36,12,xx,xx,15,21,xx,xx,13*79 $GPGSV,8,2,32,22,xx,xx,23,23,xx,xx,31,24,xx,xx,10,25,xx,xx,31*72 $GPGSV,8,3,32,31,xx,xx,23,32,xx,xx,18,46,xx,xx,00,48,xx,xx,00*77 $GPGSV,8,4,32,51,xx,xx,00,302,xx,xx,10,307,xx,xx,23,310,xx,xx,00*4C $GPGSV,8,5,32,312,xx,xx,18,319,xx,xx,20,321,xx,xx,00,326,xx,xx,12*70 $GPGSV,8,6,32,327,xx,xx,30,330,xx,xx,22,333,xx,xx,21,65,xx,xx,22*40 $GPGSV,8,7,32,71,xx,xx,28,72,xx,xx,24,73,xx,xx,23,74,xx,xx,17*74 $GPGSV,8,8,32,75,xx,xx,19,81,xx,xx,27,87,xx,xx,00,88,xx,xx,00*76 NTP270>
