CenterClick NTP200 and NTP250 Documentation - Admin Console
Main
Docs
o Features
o Hardware
o Software
o Getting Started
o Release Notes
o Front Panel Button
o Front Panel LEDs
o USB Console
o Admin CLI
o Using HTTPS
o SSH Authentication
o Client List
o Antenna Issues
o Graphs
o PPS Output
o Reimage
Live Demos
Contact Us
Feedback and Bug Reports
Follow us on LinkedIn
Privacy Policy
Shipping and Tax
Returns and Warranty
The Admin Console
All configuration of the NTP200/NTP250 is performed using the Admin console. This can be accessed using the USB console or by SSH remotely.
The physical USB console does not require authentication, however SSH access does. By default SSH is disabled.
NTP250 documentation at https://centerclick.com/ntp Console Commands: help This Help show info System Info show ntp NTP Status show ntp details NTP Details show ntp clients NTP Clients show ntp acls NTP Access Control show ntp bcast NTP Broadcast/Multicast show ntp backup NTP Servers/Pools show gnss GNSS Status show network Network Status show services Show Services show localization Show Timezone, Units and Hostname conf network Configure Network conf services Configure Services conf ntp acls Configure NTP Access Control conf ntp bcast Configure NTP Broadcast/Multicast conf ntp backup Configure NTP Servers/Pools conf localization Configure Timezone, Units, and Hostname conf gnss Configure GNSS stream nmea Show live GNSS NMEA data ping [-4|-6] host Ping a host with ICMPs traceroute [-4|-6] host Traceroute to a host ntppool validate {-4|-6} Complete a NTP Pool validation reboot [hard] Reboot shutdown Shutdown no conf Reset settings to defaults [reboots] upgrade [URL] Upgrade software exit Logout NTP250>
Basic Status
Use the 'show info' command to see system, power, and CPU status:
NTP250> show info Model: NTP250 HW Rev: 16 SN: 230240 Software Running: 2.14.0 [20f9fc4], Latest: 2.14.0 Help: https://centerclick.com DC Power: 9.19 PoE Power: good Power: redundant CPU Temp: 100.73 F Temperature: good Memory: 97.87 / 512 MiB Flash: Patriot LX 16GB #1 - 14910 MiB - good CPU: 2.68% Uptime: 18:08 NTP250>
Use the 'show ntp' command to see NTP status:
NTP250> show ntp Time: 2021-11-10 13:47:11 EST NTP Status: good NTP Stratum: 1 PLL Freq: -29.4984 ppm Clock Jitter: 0.001 msec System Jitter: 0.001347 msec Pending Leap: none RX Packets: 6.47 per minute NTP250>
Use the 'show ntp details' command to see NTP details. This shows the output of 'ntpq -c peers -c sysinfo -c kerninfo -c iostats -c sysstats':
NTP250> show ntp details
NTP Details:
remote refid st t when poll reach delay offset jitter
==============================================================================
o127.127.22.0 .PPS. 0 l 14 16 377 0.000 0.000 0.001
*127.127.28.0 .GPS. 7 l 61 64 377 0.000 -2.308 1.563
us.pool.ntp.org .POOL. 16 p - 64 0 0.000 0.000 0.000
-xx.xx.xxx.xx .PPS. 1 u 6 64 377 57.795 -6.642 0.251
-xxx.x.xxx.xxx xxx.xxx.xxx.x 3 u 8 64 377 76.940 -0.741 0.098
-xxx.xxx.xx.xxx xx.xxx.x.xxx 2 u 13 64 377 78.299 -0.361 1.030
-xxx.xxx.xxx.xxx xxx.xxx.xxx.xx 2 u 75 64 176 105.222 -1.770 4.348
associd=0 status=0115 leap_none, sync_pps, 1 event, clock_sync,
system peer: 127.127.22.0:123
system peer mode: client
leap indicator: 00
stratum: 1
log2 precision: -21
root delay: 0.000
root dispersion: 1.780
reference ID: PPS
reference time: e5369237.b7a92b3a Wed, Nov 10 2021 13:47:19.717
system jitter: 0.001490
clock jitter: 0.001
clock wander: 0.000
broadcast delay: -50.000
symm. auth. delay: 0.000
associd=0 status=0115 leap_none, sync_pps, 1 event, clock_sync,
pll offset: -0.000296
pll frequency: -29.4985
maximum error: 0.008
estimated error: 1e-06
kernel status: pll nano
pll time constant: 4
precision: 1e-06
frequency tolerance: 500
pps frequency: 0
pps stability: 0
pps jitter: 0
calibration interval 0
calibration cycles: 0
jitter exceeded: 0
stability exceeded: 0
calibration errors: 0
time since reset: 424254
receive buffers: 10
free receive buffers: 9
used receive buffers: 0
low water refills: 1
dropped packets: 0
ignored packets: 0
received packets: 641511
packets sent: 810171
packet send failures: 0
input wakeups: 1069260
useful input wakeups: 645306
uptime: 424254
sysstats reset: 424254
packets received: 641512
current version: 29460
older version: 14630
bad length or format: 0
authentication failed: 0
declined: 0
restricted: 0
rate limited: 1572
KoD responses: 551
processed for time: 0
NTP250>
Note that the 127.127 IP addresses are NTP's way of using a reference clock such as the GPS source.
Use the 'show ntp clients' command to see the NTP client list sorted by IP address:
NTP250> show ntp clients
NTP Clients:
Client Count: 39
ip last rx count tx count alert
--------------------------------------- ------------ -------- -------- ------
10.10.23.30 16 hr ago 5 5
10.10.23.40 13 hr ago 5 5
10.10.23.42 33 sec ago 6909 6909
10.10.23.51 32 sec ago 6909 6909
10.10.23.62 22 hr ago 5 5
10.10.23.64 14 hr ago 5 5
10.10.23.65 43 min ago 492 246
10.10.23.66 42 min ago 2831 2339
10.10.23.81 15 sec ago 6909 6909
10.10.23.82 3 sec ago 6909 6909
10.10.23.83 7 sec ago 6909 6909
10.10.24.31 1118 sec ago 305 305
10.10.24.34 3 hr ago 10 10
10.10.24.40 23 hr ago 5 5
10.10.24.80 28 min ago 259 259
10.10.24.81 28 min ago 247 247
10.10.24.82 28 min ago 231 231
10.10.24.131 57 min ago 122 122
10.10.24.132 403 sec ago 261 261
10.10.24.134 523 sec ago 262 262
192.133.6.161 251 sec ago 432 432
192.133.6.241 24 hr ago 33 22 sleep
192.133.6.242 72 min ago 223 150 sleep
192.133.6.243 551 sec ago 249 166
192.133.6.244 2 days ago 63 42 sleep
192.133.6.246 2 days ago 402 268 sleep
2620:9a:e000:12::1 260 sec ago 419 419
2620:9a:e000:13::1 737 sec ago 418 418
2620:9a:e000:14::1 496 sec ago 419 419
2620:9a:e000:80::4 14 hr ago 5 5
2620:9a:e000:100::2 896 sec ago 474 474
2620:9a:e000:1011::1 73 sec ago 607 607
2620:9a:e000:1022::85 123 sec ago 499 499
2620:9a:e000:1022::86 701 sec ago 615 615
2620:9a:e000:1025:d92e:f5c7:2da8:1a64 3 days ago 1 1 sleep
2620:9a:e000:1060::10 27 sec ago 4104 4104
2620:9a:e000:1061::1 251 sec ago 432 432
2620:9a:e000:1063::2 172 sec ago 559 559
2620:9a:e000:1063:250:b6ff:fecd:5aed 30 hr ago 147 147 sleep
NTP250>
Use the 'show gnss' command to see the GNSS status
NTP250> show gnss
GNSS Systems: GPS Galileo GLONASS
GNSS Mode: 3d-fix
Leap Seconds: 18
Latitude: xx.xxxxxxx +/-24ft
Longitude: xx.xxxxxxx +/-20ft
Altitude: xxxft +/-30ft
Satellites: 34 seen, 18 used
List: GNSSID SVID PRN EL AZ SS USED
GPS 1 1 XXX XXX 22 1
GPS 10 10 XXX XXX 32 1
GPS 12 12 XXX XXX 21 1
GPS 21 21 XXX XXX 17 1
GPS 22 22 XXX XXX 26 1
GPS 23 23 XXX XXX 24 1
GPS 24 24 XXX XXX 10 0
GPS 25 25 XXX XXX 35 1
GPS 26 26 XXX XXX 0 0
GPS 31 31 XXX XXX 29 1
GPS 32 32 XXX XXX 29 1
SBAS 133 46 XXX XXX 0 0
SBAS 135 48 XXX XXX 0 0
SBAS 138 51 XXX XXX 0 0
Galileo 2 302 XXX XXX 27 1
Galileo 3 303 XXX XXX 24 1
Galileo 7 307 XXX XXX 10 1
Galileo 8 308 XXX XXX 13 1
Galileo 13 313 XXX XXX 10 0
Galileo 25 325 XXX XXX 17 1
Galileo 26 326 XXX XXX 0 0
Galileo 30 330 XXX XXX 22 1
Galileo 33 333 XXX XXX 0 0
GLONASS 5 69 XXX XXX 8 1
GLONASS 6 70 XXX XXX 0 0
GLONASS 7 71 XXX XXX 8 0
GLONASS 8 72 XXX XXX 0 0
GLONASS 9 73 XXX XXX 26 1
GLONASS 10 74 XXX XXX 0 0
GLONASS 15 79 XXX XXX 0 0
GLONASS 16 80 XXX XXX 21 1
GLONASS 22 86 XXX XXX 0 0
GLONASS 23 87 XXX XXX 0 0
GLONASS 24 88 XXX XXX 0 0
NTP250>
Use the 'show network' command to see current network configuration. In the example below, DHCPv4 and DHCPv6 are used to obtain pool addresses and both DNSv4 and DNSv6 settings.
NTP250> show network
Status: good
Link: link-up
MAC Addr: 5e:c2:dd:a4:94:7b
Addressing: IPv4: auto, IPv6: auto
IP Addrs: 192.133.6.163/27
2620:9a:e000:1061::3/128
2620:9a:e000:1061:5cc2:ddff:fea4:947b/64
fe80::5cc2:ddff:fea4:947b/64
IP Routes: 0.0.0.0/0 via 192.133.6.161
::/0 via fe80::1061
IP DNS: 192.133.6.1
192.133.6.146
2620:9a:e000::1
2620:9a:e000:1060::10
LLDP Neighbor: mac e0:d1:73:f4:27:0a, core-sw1, ifname gi2/1/17
NTP250>
Configuring GNSS
Use the 'conf gnss' command to configure which GNSS systems to use.
NTP250> conf gnss Configuring GNSS... GNSS Systems: GPS Galileo GLONASS GNSS Commands: exit Exit GNSS Menu (and Reboot if needed) no sat gps Disable GPS (United States) satellites [reboot on exit] no sat galileo Disable Galileo (European Union) satellites [reboot on exit] no sat glonass Disable GLONASS (Russian Federation) satellites [reboot on exit] sat beidou Enable BeiDou (China) satellites [reboot on exit] NTP250[gnss]>
Each GNSS module type has some restrictions as to which combinations can be enabled, and not all systems can be enable at once. By default, GPS Galileo and GLONASS are enabled and BeiDou is disabled.
NOTE: It is highly recommended to leave GPS enabled as all GNSS module manufacturers state this.
Configuring the Network
Both IPv4 and IPv6 are supported and, by default, DHCPv4 and DHCPv6/SLAAC are used to obtain network addresses automatically.
NTP250> conf network
Configuring Network...
Network Commands:
exit Exit Network Menu
ip4 auto IPv4 DHCP
ip4 static IP/MASK GW { DNS1,DNS2 } IPv4 Static (DNS optional)
ip4 route IP/MASK NH Add IPv4 Static Route
no ip4 route IP/MASK Remove IPv4 Static Route
ip6 auto IPv6 SLAAC/DHCP
ip6 token IFID IPv6 SLAAC/DHCP with host token
ip6 static IP/MASK GW { DNS1,DNS2 } IPv6 Static (DNS optional)
ip6 route IP/MASK NH Add IPv6 Static Route
no ip6 route IP/MASK Remove IPv6 Static Route
Examples:
ip4 static 203.0.113.53/24 203.0.113.1 198.51.100.49,192.0.2.220
ip6 static 2001:db8:74::10/64 2001:db8:74::1 2001:db8::59,2001:db8::32
ip6 token ::1234
ip4 route 192.0.2.0/24 203.0.113.1
ip6 route 2001:db8:114::/48 2001:db8:74::222
NTP250[net]>
IPv4 and IPv6 are configured independently, each can be dynamic or static. When configured for DHCP, IP address and DNS settings are learned automatically. For IPv6 router advertisements are used to determine stateful/stateless mode and DHCPv6 used if needed to obtain pool or static binding IP addresses, and DNSv6 information. Token mode is identical to auto for IPv6 except the token is used for the lower 64 bits of a SLAAC address providing a hybrid between static and auto modes.
Any number of static routes can also be added when in either auto or static mode for both IPv4 and IPv6. Care should be taken to make sure next-hop addresses reside within the connected network.
The device will function correctly in legacy IPv4-only, dual IPv4/IPv6, or IPv6-only environments.
Configuring Services
By default, HTTP is enabled; SSH, HTTPS, SNMP, and location privacy are disabled; and automatic upgrades are set to install. You can use the Services menu to configure each. The exact list of commands vary depending on your current configuration.
NTP250> conf services Configuring Services... Service Commands: exit Exit Service Menu no http Disable HTTP interface https Enable HTTPS interface no client dns Disable Client DNS Lookups [reboots] location privacy Enable Location Privacy on HTTP snmp Enable SNMP interface pps output Enable PPS Output Pins auto upgrade check-only Check for upgrades, don't install no auto upgrade Don't check for upgrades ssh Enable SSH NTP250[srv]>
For details on configuring HTTPS, see the detailed HTTPS guide.
For details on configuring SSH authentication, see the detailed SSH guide.
For details on PPS output pins, see the detailed PPS output guide.
Client DNS lookups can be disabled or enabled. Results will be displayed on the clients webpage, CSV, and JSON, but not on the console.
SNMP is supported for a limited set of MIBs (currently SNMPv2-MIB, IF-MIB, HOST-RESOURCES-V2-MIB), ntpSnmpMIB (RFC5907) is not supported. V1/V2 is supported, V3 is not. No traps are sent.
Note that HTTP location privacy is disabled by default, that meaning anyone who can access the HTTP interface can determine the device location. When HTTP location privacy is enabled the location data is unavailable on the HTTP interface however it is still shown on the admin console.
Automatic upgrades can be set to one of 3 states: 'no auto upgrade', 'auto upgrade check-only', or 'auto upgrade install' which respectivly don't check for upgrades at all, checks for but does not install, or both checks for and automatically installs firmware. The default is to check and install.
If enabled, the check will occur within about an hour after boot and then daily between 1AM and 2AM in the configured timezone. The results of the check will be displayed on the main webpage.
Configuring NTP Access Control
Access Controls allow you to further open or restrict NTP operations based on a source IP/MASK.
There are 3 operations that can be allowed or denied:
- sync: the ability to synchronize (i.e. the normal NTP operation)
- query: the ability to query the appliance over NTP packets with 'ntpq' or 'ntpdc'
- ratelimit: rate limits for misbehaving clients and DoS attacks.
By default, all IPs can synchronize and are subject to rate limits as shown in the menu below:
NTP250> conf ntp acls Configuring Access Control... Current Access Controls: 0.0.0.0/0 sync ratelimit ::/0 sync ratelimit Access Control Commands: exit Exit Access Control Menu D IP/MASK delete entry S IP/MASK clients can: sync with ratelimit (default) R IP/MASK clients can: sync with nolimit Q IP/MASK clients can: sync and query with ratelimit U IP/MASK clients can: sync and query with nolimit B IP/MASK clients are blocked Examples: R 203.0.113.0/24 # These hosts are not subject to rate limiting Q 2001:db8:522:74::/64 # These hosts can query with ntpq and ntpdc B 192.0.2.166/32 # This host is banned NTP250[acl]>
Using the various commands above you can add, modify, or remove entries to allow specific hosts or networks.
Note that IP/MASK entries are hierarchical, for example, you can create an entry for 2001:db8:22::/48 that allows query, another entry for 2001:db8:22:7::/64 that has both query and no rate limit, and another entry for 2001:db8:22:7::99/128 that is blocked entirely.
The default entries (0.0.0.0/0 and ::/0) cannot be removed, however you can modify them.
Configuring NTP Broadcast/Multicast
Sending NTP to Broadcast and/or Multicast addresses is disabled by default but can be configured as described below.
NTP250> conf ntp bcast Configuring NTP Broadcast/Multicast... Current NTP Broadcast/Multicast: (none) Broadcast/Multicast Commands: exit Exit Broadcast/Multicast Menu send IP add broadcast/multicast server entry no send IP delete broadcast/multicast server entry Examples: send 255.255.255.255 # RFC919: limited broadcast send 192.0.2.255 # RFC919: all hosts on the local IP net send 224.0.1.1 # RFC5905 Section 8 send ff02::101 # RFC5905 Section 8 NTP250[bcast]>
For IPv4, you can send to the limited broadcast (255.255.255.255), your local network broadcast, or to the IPv4 NTP multicast address 224.0.1.1.
For IPv6, you can send to one of the IPv6 NTP multicast addresses such as ff02::101 for link-local scope.
You can configure any number of broadcast/multicast addresses and packets will be sent to all of them at the default 64-second interval.
For further information on NTP multicast address assignments see IANA IPv4 multicast assignments and IANA IPv6 multicast assignments. You are not restricted to sending to the standard IP addresses and can enter any IP you would like if needed.
Configuring NTP Servers/Pools
You can configure the device to also sync to other NTP servers or pools of servers to act as a backup in case the GPS signal is weak or lost. Under normal operation the GPS source has priority and the backup servers and pools will only be used if the GPS signal is weak or lost.
NTP250> conf ntp backup Configuring NTP Backup Servers/Pools... Current NTP Backup Servers/Pools: pool us.pool.ntp.org Backup Servers/Pools Commands: exit Exit Backup Servers Menu server IP/DNS add backup server entry no server IP/DNS delete backup server entry pool DNS add backup pool entry no pool DNS delete backup pool entry Examples: server 192.0.2.4 # a local server on your network server ntp1.example.com # a local server on your network pool us.pool.ntp.org # a public pool of servers pool europe.pool.ntp.org # a public pool of servers NTP250[backup]>
By default the pool 'pool.centerclick.com' which is simply an alias for 'us.pool.ntp.org' is configured, you can remove, replace, or add additional servers or pools if you'd like
The difference between a server and a pool is that servers are static where as pools are more flexible allowing multiple and changing IP lookups to a DNS name.
For pools, the resolved IPs are added and removed dynamically on the fly as needed. See ntppool.org for a list of pools in your region.
Note that servers by DNS names are only resovled on startup of the appliance.
Setting the Timezone, Units, and Hostname
By default the timezone is set to UTC and units are in feet and fahrenheit, you can change this on the admin console.
If configured, the hostname will show in the admin cli prompt and on the web interface.
NTP250> conf localization Configuring Localization... Timezone: Etc/UTC Length units: ft Temperature units: f Hostname: [not set] Localization Commands: exit Exit Localization Menu (and Reboot if needed) timezone Configure timezone [reboot on exit] units meters Set units of length [reboot on exit] units celsius Set units of temperature [reboot on exit] hostname HOSTNAME Set hostname NTP250[local]>
When choosing a timezone, you will be asked to pick from a wide variety of zones, for example below the zone is changed to 'America/New_York'. Note that the timezone is for display only, the GPS and NTP protocols do not make use of a timezone.
Streaming NMEA data
The stream nmea command will display live NMEA formatted GNSS data. Press ENTER to stop.
NTP250> stream nmea Press <ENTER> to stop NMEA output $GPZDA,141845.00,25,12,2022,00,00*6D $GPGGA,141845.00,xxxx.xxxx,N,xxxx.xxxx,W,1,19,0.62,xxx.xx,M,-30.738,M,,*58 $GPRMC,141845.00,A,xxxx.xxxx,N,xxxx.xxxx,W,0.0952,47.733,251222,-14.4,W*4C $GPGSA,A,3,10,21,22,23,24,25,31,32,,,,,1.4,0.6,1.2*33 $GPGBS,141845.00,5.941,7.071,6.783,,,,*4E $GPGSV,8,1,32,01,xx,xx,17,10,xx,xx,36,12,xx,xx,15,21,xx,xx,13*79 $GPGSV,8,2,32,22,xx,xx,23,23,xx,xx,31,24,xx,xx,10,25,xx,xx,31*72 $GPGSV,8,3,32,31,xx,xx,23,32,xx,xx,18,46,xx,xx,00,48,xx,xx,00*77 $GPGSV,8,4,32,51,xx,xx,00,302,xx,xx,10,307,xx,xx,23,310,xx,xx,00*4C $GPGSV,8,5,32,312,xx,xx,18,319,xx,xx,20,321,xx,xx,00,326,xx,xx,12*70 $GPGSV,8,6,32,327,xx,xx,30,330,xx,xx,22,333,xx,xx,21,65,xx,xx,22*40 $GPGSV,8,7,32,71,xx,xx,28,72,xx,xx,24,73,xx,xx,23,74,xx,xx,17*74 $GPGSV,8,8,32,75,xx,xx,19,81,xx,xx,27,87,xx,xx,00,88,xx,xx,00*76 NTP250>
