Configuring access control right, Configuration prerequisites, Configuration procedure – H3C Technologies H3C S3100 Series Switches User Manual

1-10

Configuring a switch to work in the multicast client mode

Table 1-8 Configure a switch to work in the NTP multicast client mode

Operation

Command

Description

Enter system view

system-view

—

Enter VLAN interface view

interface Vlan-interface vlan-id

—

Configure the switch to work in the
NTP multicast client mode

ntp-service multicast-client
[ ip-address ]

Required

Not configured by default.

Configuring Access Control Right

With the following command, you can configure the NTP service access-control right to the local switch

for a peer device. There are four access-control rights, as follows:

z

query: Control query right. This level of right permits the peer device to perform control query to the

NTP service on the local device but does not permit the peer device to synchronize its clock to the

local device. The so-called “control query” refers to query of state of the NTP service, including

alarm information, authentication status, clock source information, and so on.

z

synchronization: Synchronization right. This level of right permits the peer device to synchronize

its clock to the local switch but does not permit the peer device to perform control query.

z

server: Server right. This level of right permits the peer device to perform synchronization and

control query to the local switch but does not permit the local switch to synchronize its clock to the

peer device.

z

peer: Peer access. This level of right permits the peer device to perform synchronization and

control query to the local switch and also permits the local switch to synchronize its clock to the

peer device.

From the highest NTP service access-control right to the lowest one are peer, server,

synchronization, and query. When a device receives an NTP request, it will perform an

access-control right match in this order and use the first matched right.

Configuration Prerequisites

Prior to configuring the NTP service access-control right to the local switch for peer devices, you need

to create and configure an ACL associated with the access-control right. For the configuration of ACL,

refer to ACL Configuration in Security Volume.

Configuration Procedure

Table 1-9 Configure the NTP service access-control right to the local device for peer devices

Operation

Command…

Description

Enter system view

system-view

—

Configure the NTP service
access-control right to the local
switch for peer devices

ntp-service access { peer |
server | synchronization | query }
acl-number

Optional

peer by default