2.4.3 Set 'ntp source' to Loopback Interface - 'NTP/SNTP is bound to loopback'

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Use a particular source address in Network Time Protocol (NTP) packets.

Rationale:

Set the source address to be used when sending NTP traffic. This may be required if the NTP servers you peer with filter based on IP address.

Solution

Bind the NTP service to the loopback interface.


hostname(config)#ntp source loopback {loopback_interface_number}

Impact:

Organizations should plan and implement network time protocol (NTP) services to establish official time for all enterprise network devices. Setting 'ntp source loopback' enforces the proper IP address for NTP services.

Default Value:

Source address is determined by the outgoing interface.

References:

http://www.cisco.com/en/US/docs/ios-xml/ios/bsm/command/bsm-cr-n1.html#GUID-DF29FBFB-E1C0-4E5C-9013-D4CE59CA0B88

See Also

https://workbench.cisecurity.org/files/2585