Back to Dashboard
Module 11
DNS and Network Time Protocol (NTP)
β Previous Module
Next Module β
# π CCNA 200-301 - Video 11: DNS and Network Time Protocol (NTP) ## Deep Study Notes --- ## π Learning Objectives By the end of this video, you should understand: - What DNS is and how it works - DNS hierarchy and record types - DNS resolution process (recursive vs. iterative) - DNS configuration on routers and switches - What NTP is and why time synchronization matters - NTP hierarchy and stratum levels - NTP configuration and verification --- ## π§ Core Concepts - DNS ### 1. What is DNS? **Definition:** The Domain Name System (DNS) is a hierarchical distributed naming system that translates human-readable domain names (like www.example.com) into machine-readable IP addresses (like 93.184.216.34). **Analogy:** Think of DNS like a phonebook or contact list on your phone. You want to call "Mom" (domain name), but your phone needs to know the actual phone number (IP address). DNS provides that translation. ``` βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β DNS TRANSLATION β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β β β User Types: What DNS Does: β β βββββββββββββββββββββββββββ βββββββββββββββββββββββββββ β β β www.example.com β β www.example.com β β β β β β β β β β β β "Human-friendly name" β β 93.184.216.34 β β β βββββββββββββββββββββββββββ βββββββββββββββββββββββββββ β β β β Why DNS is Essential: β β β’ Humans remember names, not numbers β β β’ IP addresses change; domain names remain consistent β β β’ Load balancing (multiple IPs for one name) β β β’ Email routing (MX records) β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ ``` --- ### 2. DNS Hierarchy ``` βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β DNS HIERARCHY (Inverted Tree) β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β β β βββββββββββββββ β β β Root β β β β "." β β β ββββββββ¬βββββββ β β β β β βββββββββββββββββββββββββββββΌββββββββββββββββββββββββββββ β β β β β β β ββββββΌβββββ ββββββΌβββββ ββββββΌβββββ β β β .com β β .org β β .net β β β ββββββ¬βββββ ββββββ¬βββββ βββββββββββ β β β β β β ββββββΌβββββ ββββββΌβββββ β β β example β β wikipediaβ β β β .com β β .org β β β ββββββ¬βββββ ββββββββββββ β β β β β ββββββΌβββββ β β β www β β β βexample. β β β β com β β β βββββββββββ β β β β Root Domain: "." (top of hierarchy) - 13 root servers worldwide β β TLD: Top-Level Domains (.com, .org, .net, .edu, .gov, ccTLD)β β Second-Level: example, google, cisco β β Subdomain: www, mail, ftp β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ ``` **DNS Hierarchy Levels:** | Level | Example | Description | |-------|---------|-------------| | **Root Domain** | . | 13 root server clusters (a-m.root-servers.net) | | **Top-Level Domain (TLD)** | .com, .org, .net, .edu, .gov | Generic TLDs (gTLD) and country code TLDs (ccTLD) | | **Second-Level Domain** | example, cisco, google | Registered domain name | | **Subdomain** | www, mail, ftp, api | Optional subdivision | --- ### 3. DNS Record Types | Record Type | Purpose | Example | |-------------|---------|---------| | **A** | IPv4 address record | `www.example.com β 93.184.216.34` | | **AAAA** | IPv6 address record | `www.example.com β 2606:2800:220:1:248:1893:25c8:1946` | | **CNAME** | Canonical Name (alias) | `ftp.example.com β server1.example.com` | | **MX** | Mail Exchange (email routing) | `example.com β mail.example.com (priority 10)` | | **NS** | Name Server (authoritative DNS) | `example.com β ns1.example.com` | | **PTR** | Pointer (reverse DNS) | `34.216.184.93.in-addr.arpa β www.example.com` | | **SOA** | Start of Authority | Zone information (primary NS, email, timers) | | **TXT** | Text record (SPF, DKIM, verification) | `v=spf1 include:_spf.google.com ~all` | | **SRV** | Service record | Service location (SIP, LDAP, etc.) | --- ### 4. DNS Resolution Process ``` βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β DNS RESOLUTION PROCESS β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β β β Client (PC) β β β β β β 1. "What is the IP for www.example.com?" β β β (Checks local DNS cache first) β β βΌ β β βββββββββββββββββββ β β β Local DNS β 2. "I don't know. Let me ask the root servers." β β β Resolver β β β β (ISP or local) ββββββββββββββββββββββββββββββββββββββββββββββββββββ β β βββββββββββββββββββ β β β β β β β β 3. "Where is .com?" β β β βΌ β β β βββββββββββββββββββ β β β β Root Server β 4. "Ask the .com TLD servers at..." β β β β (Root .) β β β β βββββββββββββββββββ β β β β β β β β 5. "Where is example.com?" β β β βΌ β β β βββββββββββββββββββ β β β β .com TLD β 6. "Ask example.com's NS at ns1.example.com" β β β β Server β β β β βββββββββββββββββββ β β β β β β β β 7. "What is the IP for www.example.com?" β β β βΌ β β β βββββββββββββββββββ β β β β Authoritative β 8. "www.example.com is 93.184.216.34" β β β β DNS for β β β β β example.com ββββββββββββββββββββββββββββββββββββββββββββββββββββ β β βββββββββββββββββββ β β β β β β 9. "Here's the IP: 93.184.216.34" β β βΌ β β βββββββββββββββββββ β β β Local DNS β 10. Caches result and returns to client β β β Resolver β β β βββββββββββββββββββ β β β β β β 11. "93.184.216.34" β β βΌ β β Client connects to www.example.com β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ ``` **Recursive vs. Iterative Queries:** | Query Type | Description | |------------|-------------| | **Recursive** | Client asks DNS server to resolve fully; server does all the work | | **Iterative** | DNS server returns best answer it knows (may be referral to another server) | --- ### 5. DNS Caching **Purpose:** Reduce DNS query time and load on authoritative servers. **Caching Locations:** - **Browser Cache:** Chrome, Firefox, Edge store recent lookups - **OS Cache:** Windows `ipconfig /displaydns`, Linux `systemd-resolve` - **Local DNS Resolver:** ISP or corporate DNS servers - **Router/Switch:** Can cache DNS entries **Time to Live (TTL):** - Duration DNS record is cached - Set by authoritative DNS server (in seconds) - Typical values: 300 (5 min) to 86400 (24 hours) - Lower TTL = more queries, faster changes - Higher TTL = less load, slower updates --- ### 6. DNS Configuration on Cisco Devices **Configure DNS Server (Router/Switch as DNS Client):** ```cisco ! Configure DNS servers (up to 6) Router(config)# ip name-server 8.8.8.8 Router(config)# ip name-server 8.8.4.4 ! Enable DNS lookup (default is enabled) Router(config)# ip domain-lookup ! Disable DNS lookup (optional, prevents "unknown command" delays) Router(config)# no ip domain-lookup ! Configure domain name Router(config)# ip domain-name example.com ! Test DNS resolution Router# ping www.example.com Router# show hosts ``` **Configure Local DNS Entries (Static Hostnames):** ```cisco ! Map hostname to IP address Router(config)# ip host R1 10.1.1.1 Router(config)# ip host R2 10.1.1.2 Router(config)# ip host CoreSwitch 192.168.1.100 ! Map multiple IPs (load balancing) Router(config)# ip host WebServer 192.168.1.10 192.168.1.11 192.168.1.12 ! Verify static entries Router# show hosts ``` --- ### 7. DNS Troubleshooting Commands | Command | Purpose | |---------|---------| | `show hosts` | Display DNS cache and static entries | | `ping [hostname]` | Test DNS resolution + connectivity | | `nslookup [hostname]` | Query DNS server directly | | `debug ip dns view` | Debug DNS resolution process | **Example Outputs:** ```cisco Router# show hosts Default domain is example.com Name/address lookup uses domain service Name servers are 8.8.8.8, 8.8.4.4 Host Flags Age Type Address(es) R1 (perm, OK) 0 IP 10.1.1.1 R2 (perm, OK) 0 IP 10.1.1.2 www.example.com (temp, OK) 120 IP 93.184.216.34 ``` --- ## π§ Core Concepts - NTP ### 8. What is NTP? **Definition:** Network Time Protocol (NTP) is a protocol that synchronizes clocks on network devices to a common time source, ensuring consistent timestamps across all devices. **Analogy:** Think of NTP like a master clock in a building. All employees set their watches to that clock (stratum 1). Employees who can't see the master clock ask someone who can (stratum 2), and so on. ``` βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β WHY NTP MATTERS β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β β β WITHOUT NTP (Unsynchronized Clocks): β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β Router A: 10:00:05 - Log: "Interface down at 10:00:05" β β β β Router B: 10:02:30 - Log: "Interface up at 10:02:30" β β β β β β β β Problem: Can't correlate events (which happened first?) β β β β Security: Certificates may appear expired β β β β Debugging: Logs from different devices don't line up β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β WITH NTP (Synchronized Clocks): β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β Router A: 10:00:05 - Log: "Interface down at 10:00:05" β β β β Router B: 10:00:07 - Log: "Interface up at 10:00:07" β β β β β β β β Result: Clear timeline (down for 2 seconds) β β β β Security: Certificates validated correctly β β β β Debugging: Correlated logs across devices β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ ``` --- ### 9. NTP Hierarchy (Stratum) **Stratum Levels:** | Stratum | Description | |---------|-------------| | **Stratum 0** | Reference clocks (atomic clocks, GPS) - not connected directly to network | | **Stratum 1** | Primary time servers - directly connected to Stratum 0 | | **Stratum 2** | Secondary servers - synchronize from Stratum 1 | | **Stratum 3** | Tertiary servers - synchronize from Stratum 2 | | **Stratum 4+** | Client devices - synchronize from higher stratum servers | ``` βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β NTP HIERARCHY (STRATUM) β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β β β βββββββββββββββββββ β β β Atomic Clock β β β β GPS Satellite β β β β Stratum 0 β β β ββββββββββ¬βββββββββ β β β β β ββββββββββΌβββββββββ β β β Stratum 1 β β β β Primary NTP β β β β (time.nist.gov)β β β ββββββββββ¬βββββββββ β β β β β βββββββββββββββββββββββββΌββββββββββββββββββββββββ β β β β β β β ββββββΌβββββ ββββββΌβββββ ββββββΌβββββ β β βStratum 2β βStratum 2β βStratum 2β β β βServer A β βServer B β βServer C β β β ββββββ¬βββββ ββββββ¬βββββ ββββββ¬βββββ β β β β β β β ββββββΌβββββ ββββββΌβββββ β β β βStratum 3β βStratum 3β β β β βSwitch β βRouter β β β β βββββββββββ βββββββββββ β β β β β β ββββββΌβββββ β β βStratum 3β β β βFirewall β β β βββββββββββ β β β β Lower stratum = closer to authoritative time source = more accurate β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ ``` --- ### 10. NTP Modes | Mode | Description | Direction | |------|-------------|-----------| | **Server** | Provides time to clients | Sends time | | **Client** | Requests time from servers | Receives time | | **Symmetric Active** | Peers exchange time (both can synchronize) | Bidirectional | | **Symmetric Passive** | Responds to symmetric active | Bidirectional | | **Broadcast** | Broadcasts time to all on subnet | One-to-many | | **Multicast** | Multicasts time to group | One-to-many | --- ### 11. NTP Configuration **Basic NTP Client Configuration:** ```cisco ! Configure NTP server Router(config)# ntp server 192.168.1.100 Router(config)# ntp server 192.168.1.101 prefer ! Preferred server ! Configure NTP server (public) Router(config)# ntp server 0.pool.ntp.org Router(config)# ntp server 1.pool.ntp.org ! Configure timezone Router(config)# clock timezone EST -5 Router(config)# clock summer-time EDT recurring ! Daylight savings ! Verify NTP Router# show ntp status Router# show ntp associations ``` **NTP Server Configuration (Device as NTP Server):** ```cisco ! Configure device as NTP server Router(config)# ntp master 2 ! Stratum 2 (if no external source) Router(config)# ntp master 5 ! Stratum 5 ! Allow NTP access Router(config)# ntp access-group serve-only 10 ! ACL for NTP ! Authenticate NTP (optional) Router(config)# ntp authenticate Router(config)# ntp authentication-key 1 md5 Cisco123 Router(config)# ntp trusted-key 1 Router(config)# ntp server 192.168.1.100 key 1 ``` **NTP on Switch (Management Interface):** ```cisco ! Configure management VLAN Switch(config)# interface vlan 1 Switch(config-if)# ip address 192.168.1.10 255.255.255.0 Switch(config-if)# no shutdown Switch(config-if)# exit ! Configure NTP Switch(config)# ntp server 192.168.1.100 Switch(config)# ntp server 192.168.1.101 ! Configure timezone Switch(config)# clock timezone PST -8 ``` --- ### 12. NTP Verification Commands | Command | Purpose | |---------|---------| | `show ntp status` | Display NTP synchronization status | | `show ntp associations` | Display NTP server associations | | `show ntp associations detail` | Detailed server information | | `show clock` | Display current device time | | `debug ntp all` | Debug NTP (use cautiously) | **Example Outputs:** ```cisco Router# show ntp status Clock is synchronized, stratum 3, reference is 192.168.1.100 nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**10 reference time is E6C3D9A5.8C9E8C34 (10:30:45.123 UTC Thu Mar 21 2024) clock offset is 0.1234 msec, root delay is 0.05 msec root dispersion is 0.02 msec, peer dispersion is 0.01 msec loopfilter state is 'CTRL' (Normal), drift is 0.000000000 s/s Router# show ntp associations address ref clock st when poll reach delay offset disp *~192.168.1.100 127.127.1.1 2 34 64 377 0.456 -0.123 0.125 +~192.168.1.101 192.168.1.100 3 45 64 377 0.789 0.456 0.234 * master (synced), # master (unsynced), + selected, - candidate, ~ configured Router# show clock 10:30:45.123 UTC Thu Mar 21 2024 ``` --- ### 13. NTP Troubleshooting | Problem | Symptom | Solution | |---------|---------|----------| | **Not Synchronized** | `show ntp status` shows unsynchronized | Verify NTP server reachability, firewall rules | | **Stratum Too High** | Large offset | Configure server with lower stratum | | **Authentication Failure** | NTP not syncing | Verify keys match on both sides | | **No Response** | Peer unreachable | Check ACLs, routing, firewall (UDP 123) | | **Wrong Timezone** | Time correct but off by hours | Configure `clock timezone` | **NTP Port:** UDP 123 --- ## π§ Complete Configuration Examples ### Lab 1: DNS and NTP Configuration on Router **Topology:** ``` βββββββββββββββββββ βββββββββββββββββββ βββββββββββββββββββ β Router βββββββ Switch βββββββ PC β β (DNS Client) β β β β (User) β β (NTP Client) β β β β β βββββββββββββββββββ βββββββββββββββββββ βββββββββββββββββββ β β (Internet) βΌ βββββββββββββββββββ β Public DNS β β 8.8.8.8 β β Public NTP β β pool.ntp.org β βββββββββββββββββββ ``` **Router Configuration:** ```cisco hostname Router ! ! DNS Configuration ip domain-lookup ip name-server 8.8.8.8 ip name-server 8.8.4.4 ip domain-name example.com ! ! NTP Configuration ntp server 0.pool.ntp.org ntp server 1.pool.ntp.org prefer ! ! Timezone Configuration clock timezone UTC 0 clock calendar-valid ! ! Interface interface GigabitEthernet0/0 ip address 192.168.1.1 255.255.255.0 no shutdown ! ! Static DNS entry for local devices ip host Switch1 192.168.1.2 ip host Switch2 192.168.1.3 ! end ``` --- ### Lab 2: NTP Server on Router (Stratum 2) **Topology:** ``` βββββββββββββββββββ β Public NTP β β pool.ntp.org β β Stratum 1-2 β ββββββββββ¬βββββββββ β βΌ βββββββββββββββββββ β Router A β β NTP Client to β β Public β β NTP Server β β Stratum 3 β β NTP Server to β β Internal β ββββββββββ¬βββββββββ β βΌ βββββββββββββββββββ β Router B β β NTP Client β β Stratum 4 β βββββββββββββββββββ ``` **Router A Configuration (NTP Server for Internal):** ```cisco hostname RouterA ! ! Synchronize with public NTP ntp server 0.pool.ntp.org ntp server 1.pool.ntp.org prefer ! ! Serve time to internal network (act as NTP server) ! No additional command needed - router automatically serves if clients configured ! ! Allow NTP access from internal subnet access-list 10 permit 192.168.0.0 0.0.255.255 ntp access-group serve 10 ! ! Interface to internal network interface GigabitEthernet0/1 ip address 192.168.1.1 255.255.255.0 no shutdown ! end ``` **Router B Configuration (NTP Client):** ```cisco hostname RouterB ! ! Synchronize with Router A ntp server 192.168.1.1 ! ! Interface to internal network interface GigabitEthernet0/1 ip address 192.168.1.2 255.255.255.0 no shutdown ! end ``` --- ### Lab 3: NTP Authentication ```cisco ! ========== NTP SERVER ========== hostname NTPServer ! ! Enable NTP authentication ntp authenticate ! ! Create authentication key (must match on client) ntp authentication-key 1 md5 SecureKey123 ! ! Mark key as trusted ntp trusted-key 1 ! ! Configure as NTP master (if no external source) ntp master 3 ! ! ========== NTP CLIENT ========== hostname NTPClient ! ! Enable NTP authentication ntp authenticate ! ! Create same authentication key ntp authentication-key 1 md5 SecureKey123 ! ! Mark key as trusted ntp trusted-key 1 ! ! Configure NTP server with authentication key ntp server 192.168.1.100 key 1 ! end ``` --- ## π Text-Based Diagrams ### DNS Resolution Flow ``` βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β DNS QUERY FLOW DETAIL β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β β β Step 1: Client asks "What is www.cisco.com?" β β β β β Step 2: Local DNS resolver checks cache β Not found β β β β β Step 3: Resolver queries root server: "Where is .com?" β β β β β Step 4: Root server responds: "Ask the .com TLD servers at..." β β β β β Step 5: Resolver queries .com TLD: "Where is cisco.com?" β β β β β Step 6: .com TLD responds: "Ask ns1.cisco.com (192.0.2.1)" β β β β β Step 7: Resolver queries ns1.cisco.com: "What is www.cisco.com?" β β β β β Step 8: ns1.cisco.com responds: "www.cisco.com is 192.0.2.100" β β β β β Step 9: Resolver caches result and returns to client β β β β β Step 10: Client connects to 192.0.2.100 β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ ``` --- ## β Exam Tips (For CCNA 200-301) | Topic | What Cisco Tests | |-------|------------------| | **DNS Purpose** | Name-to-IP resolution | | **DNS Hierarchy** | Root β TLD β Authoritative | | **DNS Records** | A, AAAA, CNAME, MX, NS, PTR, SOA, TXT | | **NTP Purpose** | Time synchronization across devices | | **Stratum** | Lower = more accurate (0 is reference) | | **NTP Port** | UDP 123 | | **Commands** | `ntp server`, `clock timezone`, `show ntp status` | ### Common Exam Scenarios: **Scenario 1:** "A user types www.example.com but cannot access the website. They can ping 93.184.216.34. What is the problem?" - **Answer:** DNS resolution failed (name not resolving to IP) **Scenario 2:** "Logs from multiple routers show the same incident at different times. What should be configured?" - **Answer:** NTP to synchronize clocks across all devices **Scenario 3:** "A device is configured with `ntp server 192.168.1.100` but `show ntp status` shows unsynchronized. What could be the issue?" - **Answer:** NTP server unreachable, firewall blocking UDP 123, or authentication failure ### Mnemonics: **DNS Record Types:** **"A CNAME MX PTR" - All Common Names Make Perfect Translations** **NTP Stratum:** **"Lower is Better"** - Stratum 0 = Most accurate (atomic clock) - Stratum 1 = Directly connected to Stratum 0 - Higher stratum = Further from reference --- ## π Summary (1-Minute Revision) ``` DNS (Domain Name System): PURPOSE: Name β IP address resolution HIERARCHY: βββ Root (.) βββ TLD (.com, .org, .net, .edu) βββ Second-Level (example, cisco) βββ Subdomain (www, mail) RECORD TYPES: βββ A: IPv4 address βββ AAAA: IPv6 address βββ CNAME: Alias βββ MX: Mail Exchange βββ NS: Name Server CONFIGURATION: βββ ip name-server [ip] βββ ip domain-lookup βββ ip host [name] [ip] βββ show hosts NTP (Network Time Protocol): PURPOSE: Synchronize device clocks STRATUM: βββ 0: Reference clock (atomic, GPS) βββ 1: Primary servers βββ 2-15: Secondary servers βββ Higher = less accurate CONFIGURATION: βββ ntp server [ip/hostname] βββ ntp master [stratum] βββ clock timezone [zone] [offset] βββ show ntp status PORT: UDP 123 ``` --- ## π§ͺ Practice Questions **1. What is the primary purpose of DNS?** - A) Assign IP addresses dynamically - B) Translate domain names to IP addresses - C) Route packets between networks - D) Encrypt network traffic <details> <summary>Answer</summary> <b>B) Translate domain names to IP addresses</b> - DNS resolves human-readable names to machine-readable IP addresses. </details> **2. Which DNS record type maps a domain name to an IPv6 address?** - A) A - B) AAAA - C) CNAME - D) MX <details> <summary>Answer</summary> <b>B) AAAA</b> - Quad-A record is used for IPv6 address mapping. </details> **3. What is the root domain represented as?** - A) .com - B) . - C) root - D) 0 <details> <summary>Answer</summary> <b>B) .</b> - The root domain is represented by a single dot. </details> **4. Which command configures a DNS server on a Cisco router?** - A) `dns server 8.8.8.8` - B) `ip name-server 8.8.8.8` - C) `ip dns server 8.8.8.8` - D) `name-server 8.8.8.8` <details> <summary>Answer</summary> <b>B) `ip name-server 8.8.8.8`</b> - This configures the router to use the specified DNS server. </details> **5. What is the purpose of NTP?** - A) Assign IP addresses - B) Synchronize device clocks - C) Resolve domain names - D) Encrypt network traffic <details> <summary>Answer</summary> <b>B) Synchronize device clocks</b> - NTP ensures accurate time across network devices. </details> **6. Which stratum level is a primary time server directly connected to an atomic clock?** - A) Stratum 0 - B) Stratum 1 - C) Stratum 2 - D) Stratum 3 <details> <summary>Answer</summary> <b>B) Stratum 1</b> - Stratum 0 is the reference clock (not directly on network); Stratum 1 is directly connected to Stratum 0. </details> **7. Which UDP port does NTP use?** - A) UDP 53 - B) UDP 67 - C) UDP 123 - D) UDP 161 <details> <summary>Answer</summary> <b>C) UDP 123</b> - NTP uses UDP port 123 for time synchronization. </details> **8. What command displays NTP synchronization status on a Cisco device?** - A) `show ntp status` - B) `show ntp info` - C) `show clock ntp` - D) `show ntp sync` <details> <summary>Answer</summary> <b>A) `show ntp status`</b> - This command displays whether the device is synchronized and stratum level. </details> **9. Which DNS record is used for email routing?** - A) A - B) CNAME - C) MX - D) PTR <details> <summary>Answer</summary> <b>C) MX (Mail Exchange)</b> - MX records specify mail servers for a domain. </details> **10. A device shows `show ntp status` with "Clock is unsynchronized". What is the most likely issue?** - A) NTP server unreachable - B) Wrong timezone configured - C) DNS not working - D) Device clock is correct <details> <summary>Answer</summary> <b>A) NTP server unreachable</b> - Unsynchronized typically means NTP server is not reachable or responding. </details> **11. What is the function of a CNAME record?** - A) Maps domain to IPv4 address - B) Creates an alias for another domain name - C) Specifies email server - D) Reverse DNS lookup <details> <summary>Answer</summary> <b>B) Creates an alias for another domain name</b> - CNAME (Canonical Name) records create aliases like www to server1. </details> **12. Which command configures a router to act as an NTP master?** - A) `ntp server` - B) `ntp master [stratum]` - C) `ntp peer` - D) `ntp authenticate` <details> <summary>Answer</summary> <b>B) `ntp master [stratum]`</b> - This configures the device as an NTP server at the specified stratum. </details> --- ## π Next Steps After completing Video 11, you should be ready for: - **Video 12:** First Hop Redundancy Protocols (HSRP, VRRP, GLBP) - **Video 13:** Access Control Lists (ACLs) **Lab Practice:** 1. Configure DNS on router with 8.8.8.8 2. Add static DNS entries for local devices 3. Test DNS resolution with `ping hostname` 4. Configure NTP client on router 5. Verify synchronization with `show ntp status` 6. Configure NTP authentication 7. Configure device as NTP server for other devices --- **Ready for Video 12?** Share the link or say "next" and I'll continue with First Hop Redundancy Protocols (HSRP, VRRP, GLBP). I'll create comprehensive deep notes for **Video 12: First Hop Redundancy Protocols (HSRP, VRRP, GLBP)** based on the standard CCNA 200-301 curriculum. ---