Precision Time Protocol

This section covers the following topics:

• PTP node types

• PTP message types

• Packet flow in end-to-end mode

• Packet flow in peer-to-peer mode

• PTP profiles

• PTP settings

• PTP policies

• Topology examples

• Configuring PTP

• Troubleshooting PTP

• Configuration example

• PTP operation details and limitations

The Precision Time Protocol (PTP) defines packet-based time synchronization, which is described in IEEE 1588v2. You can use PTP to synchronize clocks across networks for high clock accuracy within the submicrosecond to nanosecond range. PTP is required in time-sensitive applications such as telecommunications, audiovisual, and electric power generation, transmission, and distribution.

FortiSwitchOS supports only PTP version 2.

There are two PTP modes:

• End-to-end mode

  The link delay is measured from end to end between the primary node and secondary node. The sum of the switch residence time along the path is reported to the secondary node. The Correction Field (CF) of the PTP Sync messages is then updated with the residence time.

• Peer-to-peer mode

  All link delays are measured on a peer-to-peer basis. The sum of the switch residence time and link delay along the path is reported to the secondary node. The CF of the PTP Sync messages is then updated with the link delay added to the residence time

The following table describes FortiSwitchOS support for PTP.

Supported platforms	Supported software releases	Supported PTP modes
FS-424E-Fiber, FS-448E, FS-448E-POE, and FS-448E-FPOE	FortiSwitchOS 7.2.7 or later	End-to-end and peer-to-peer modes
200 series, FS-4xxE, 500 series, FS-1024E, FS-1048E, FS-T1024E, FS-3032E	FortiSwitchOS 6.4.0 or later	End-to-end mode

PTP node types

FortiSwitchOS supports the transparent clock PTP node.

PTP node	Description
Transparent clock (TC)	This PTP node has more than one port. It does not participate in the Best Master Clock Algorithm (BMCA) and does not pass the VLAN boundary. PTP messages (except peer-to-peer PDelay messages) are forwarded through the FortiSwitch unit. The TC updates the CF in the Sync messages based on the PTP mode.

PTP message types

The following table describes the types of PTP messages.

PTP message	Description	PTP mode
Announce	The Announce message establishes the synchronization hierarchy and announces who is the grandmaster clock (GM).	Both
Sync	The Sync message provides the value of the GM’s time to the secondary clock.	Both
Follow_Up	The Follow_Up message provides the value of the synchronized time, which is used in the two-step mode.	Both
Delay_Req	The Delay_Req message provides the secondary clock time to the GM.	End-to-end mode
Delay_Resp	The Delay_Resp message provides the GM time to the secondary clock.	End-to-end mode
PDelay_Req	The PDelay_Req message measures the PTP link delay between two PTP ports.	Peer-to-peer mode
PDelay_Resp	The PDelay_Resp message measures the PTP link delay between two PTP ports.	Peer-to-peer mode
PDelay_Resp_Follow_Up (peer to peer)	The PDelay_Resp_Follow_Up message measures the PTP link delay between two PTP ports, which is used in the two-step mode.	Peer-to-peer mode

Packet flow in end-to-end mode

The following figure shows the end-to-end Sync message (two-step mode):

The following figure shows the end-to-end Delay_Req and Delay_Resp messages (two-step mode):

Packet flow in peer-to-peer mode

The following figure shows the Sync and Delay messages in the peer-to-peer transparent clock:

PTP profiles

If you are not using one of the defined profiles, configure a custom PTP profile.

Parameter	Description	Default value in end-to-end mode	Default value in peer-to-peer mode
name	Name of the PTP profile.	default	No default
description	Description of the PTP profile.	No default	No default
domain	PTP domain number. The range of values is 0-255. This option is available only when mode is set to transparent-p2p.	Not applicable	254
mode	PTP mode. You can select the end-to-end transparent clock or the peer-to-peer transparent clock. By default, the PTP mode is transparent-e2e.	transparent-e2e	transparent-p2p
pdelay-req-interval	The time between PDelay_Req messages. You can select 0.25, 0.5, 1, 2, or 4 seconds. The default value is 1 second. This option is available only when mode is set to transparent-p2p.	Not applicable	1sec
ptp-profile	PTP profile. Only the power profile is available. This option is available only when mode is set to transparent-p2p.	Not applicable	C37.238-2017
transport	PTP message transmission. This option is available only when mode is set to transparent-p2p.	Layer-2 and layer-3 multicast (fully handled by hardware)	Layer-2 multicast

PTP settings

Enable or disable PTP and select which PTP profile will use these PTP settings.

Parameter	Description	Default value
status	Enable or disable PTP.	disable
profile	The default profile is automatically selected. NOTE: On some legacy platforms, the default profile must be manually selected.	default

PTP policies

You can configure a custom PTP policy or use the default PTP policy.

Parameter	Description	Default value
name	Name of the PTP policy.	default
description	Description of the PTP policy.	No default
vlan	The VLAN that will use the PTP policy. The range of values is 0-4094. Setting vlan to 0 means that the native VLAN is used for PDelayXXX messages. NOTE: The VLAN must be a valid VLAN that the interface belongs to. Selecting an invalid VLAN can affect the performance.	0
vlan-pri	The priority of the PTP VLAN; it corresponds to the 802.1p priority. The VLAN priority is used only when there is traffic congestion. The range of values is 0-7. Set vlan-pri to 7 for the highest priority.	4

Topology examples

The following are three examples of supported topologies.

Configuring PTP

Follow these steps to configure PTP:

1. Configure a PTP profile or use the default profile.

2. Configure the PTP settings.

   Enable or disable PTP and select which PTP profile will use these PTP settings. The default profile is automatically selected.

3. Configure the default PTP policy or create a custom PTP policy.

   Select which VLAN will use the PTP policy and the priority of the VLAN. The default PTP policy is applied to all ports. If you want to select which ports to apply the PTP policy to, you need to create a custom PTP policy.

4. If you are not using the default PTP policy, select which port to apply your custom PTP policy to.

   By default, the PTP status is enabled.

To configure PTP:

1. If you are not using the default profile, configure a PTP profile:

   config system ptp profile

   edit {default | name_of_PTP_profile}

   set description <description_of_PTP_profile>

   set domain <0-255>

   set mode {transparent-e2e | transparent-p2p}

   set pdelay-req-interval {0.25sec | 0.5sec | 1sec | 2sec | 4sec}

   set ptp-profile C37.238-2017

   set transport l2-mcast

   next

   end

   For example:

   config system ptp profile

   edit newprofile

   set description "New PTP profile"

   set domain 1

   next

   end

2. Enable or disable PTP and select which PTP profile will use these PTP settings:

   config switch ptp settings

   set status {enable | disable}

   set profile {default | name_of_PTP_profile}

   end

   For example:

   config switch ptp settings

   set status enable

   set profile newprofile

   end

3. Configure the default PTP policy or create a custom PTP policy:

   config system ptp interface-policy

   edit {default | PTP_policy_name}

   set description <description_of_PTP_policy>

   set vlan <0-4094>

   set vlan-pri <0-7>

   next

   end

   For example:

   config system ptp interface-policy

   edit newPTPpolicy

   set description "PTP policy for VLAN 100"

   set vlan 100

   set vlan-pri 3

   next

   end

4. If you are not using the default PTP policy, apply your custom PTP policy to a port:

   config switch interface

   edit <interface_name>

   set ptp-status {enable | disable}

   set ptp-policy <PTP_policy_name>

   next

   end

   For example:

   config switch interface

   edit port5

   set ptp-status enable

   set ptp-policy newPTPpolicy

   next

   end

Troubleshooting PTP

Use the following command to troubleshoot your PTP configuration:

diagnose switch ptp port get-link-delay

For example:

SR24FPTF21000005 # diagnose switch  ptp port get-link-delay
			Portname     Speed  Link-Delay
			__________   _____  ___________
			port1        1G      -
			port2        1G      -
			port3        2.5G    2286ns
			port4        2.5G    2300ns
			port5        1G      628ns
			port6        1G      628ns
			port7        2.5G    2294ns
			port8        1G      -
			port9        2.5G    4718ns
			port10       2.5G    -
			port11       2.5G    4600ns
			port12       2.5G    4614ns
			port13       1G      679ns
			port14       1G      669ns
			port15       1G      675ns
			port16       1G      681ns
			port17       1G      688ns
			port18       2.5G    -
			port19       2.5G    -
			port20       2.5G    -
			port21       2.5G    -
			port22       1G      670ns
			port23       2.5G    -
			port24       2.5G    -
			port25       10G     -
			port26       10G     -
			port27       10G     -
			port28       10G     -
			port29       40G     -
		port30       40G     32ns

Configuration example

config system ptp profile

edit "default"

set mode transparent-e2e

next

edit "power"

set domain 254

set mode transparent-p2p

set ptp-profile C37.238-2017

next

edit "1588-e2e"

set mode transparent-e2e

next

end

config switch ptp settings

set status enable

set profile "power"

end

config system ptp interface-policy

edit "default"

next

edit "policy1"

set vlan 100

set vlan-pri 4

next

edit "policy2"

set vlan 200

set vlan-pri 7

next

end

config switch interface

edit "port3"

set allowed-vlans 100

set snmp-index 51

set ptp-policy "policy1"

next

end

PTP operation details and limitations

Review the following limitations before configuring PTP:

• Layer-3 peer-to-peer mode is not supported.

• When using the peer-to-peer mode, interoperability with IGMP snooping is not supported.

• When using the peer-to-peer mode, using the diagnose switch ptp port add-link-delay command does not work.

• The STP blocking port does not block PTP Announce, Sync, and FollowUp messages.

• When using the peer-to-peer mode, Fortinet recommends setting pdelay-req-interval to 1sec because the power profile limits it to 1 second.

• When using peer-to-peer mode, PTP events are not logged in syslog.

• Setting ptp-policy on a switch interface is valid only in peer-to-peer mode.

• Ports send out PDelayXXX messages intermittently when other ports do not allow the PTP VLAN. To work around this issue, make sure that the configured PTP VLAN in the interface policy is allowed (or native) in all ports in the switch.

• In the HSR and PRP modes, the PDelayXXX messages are always untagged, and the policy on the interface is ignored; this limitation applies only to HSR and PRP ports.

• Under the HSR/PRP mode, the interlink ports can only send untagged PDelayXXX messages. The PTP VLAN used by the interlink ports must be the same as the native VLAN, which matches hsr-internal-vlan or prp-internal-vlan.

• The link delay for the HSR/PRP trunk ports is not computed after the FortiSwitch unit is restarted. To work around this issue, use an automation stitch to restart PTP. For example:

  config system automation-action

  edit "restart-ptp"

  set action-type cli-script

  set script "config switch ptp setting

  set status disable

  end

  config switch ptp setting

  set status enable

  end"

  set accprofile "super_admin"

  next

  end

  config system automation-trigger

  edit "restart-ptp"

  set event-type reboot

  next

  end

  config system automation-stitch

  edit "1"

  set trigger "restart-ptp"

  set action "restart-ptp"

  next

  end