Do you like this site? Remember to share it to all your friends on Facebook and Twitter!

Monday, December 28, 2009

IOS "show clock" results' heading symbols

Related Posts: 
 R0>show clock
 *00:20:29.467 UTC Fri Mar 1 2002 
 R0>
We all know by "show clock" command we can know the system time on an IOS host. Do you notice there are some symbols ahead of the result output? Here is my research:
Reference of show clock on Cisco.com


Table 15 show clock Display Leading Symbol Descriptions

Symbol

Description

*

Time is not authoritative.

(blank)

Time is authoritative.

.

Time is authoritative, but NTP is not synchronized.


* NOTE: the above table also applies to log messages!


I remember them this way: no news is good news: symbol "blank" > dot "." > star "*". I will explain from the worst one.

Symbol Star "*"

When an IOS platform boots without a "hardware clock" (IOS call it a "calendar"), IOS pick some time value by itself. The system time is something like this:

 R0>show clock
 *00:20:29.467 UTC Fri Mar 1 2002 
 R0>

This star symbol is reminding us that the time value should not be trusted at all.

Symbol Dot "."


If somehow we enabled NTP, and the NTP is not yet synchronized, then IOS uses a dot "." symbol.

 R0>show clock
 .01:57:20.026 UTC Mon May 4 2009

We should not trust the time value, either. But the good news is: NTP is already configured, although not yet working.

This is also an indication of NTP synchronization problem.

Blank

This is the best result, so the time value can be trusted.

 R0>show clock
 01:07:21.356 UTC Mon May 4 2009

However, if we did not enable NTP function at all and used "clock set" command to manually set the time, the result is also blank. We cannot tell the difference in such case!

These symbols also apply to log messages!


This is very important to us. We will know whether or not we should trust the time values associated with each log messages.

*Mar  1 00:12:02.267: %SYS-5-CONFIG_I: Configured from console by console
*Mar  1 00:12:11.143: %SYS-5-CONFIG_I: Configured from console by console
*Mar  1 00:12:13.915: %SYS-5-CONFIG_I: Configured from console by console
*Mar  1 00:12:52.695: %SYS-5-CONFIG_I: Configured from console by console
*Mar  1 00:13:55.923: %SYS-5-CONFIG_I: Configured from console by console
.May  4 01:29:10.951: %SYS-5-CONFIG_I: Configured from console by console
.May  4 01:29:41.195: %SYS-5-CONFIG_I: Configured from console by console
.May  4 01:29:50.083: %SYS-5-CONFIG_I: Configured from console by console
May  4 01:31:12.262: %SYS-5-CONFIG_I: Configured from console by console
May  4 01:31:20.272: %SYS-5-CONFIG_I: Configured from console by console

Conclusion: enable NTP as early as you can!

From above analysis, if we enable NTP, then we will get only 2 possible outcomes: blank or dot. In other words: "trust" or "don't trust". We can thus make log messages much more trustworthy!
Do you like this post? You really should consider Subscribing by Email!


Related Posts with Thumbnails
Related Posts:
Posted by at 5:39 PM
Location: Wanhua District, Taipei City, Taiwan

No comments:

Post a Comment

Tip: you can also anonymously comment here.

Subscribe to: Post Comments (Atom)

Popular Posts