Configuring ntp authentication for an active peer – H3C Technologies H3C SR8800 User Manual

Page 77

Advertising
background image

65

Step Command

Remarks

3.

Configure an NTP

authentication key.

ntp-service authentication-keyid
keyid authentication-mode md5
value

No NTP authentication key by
default

4.

Configure the key as a trusted
key.

ntp-service reliable

authentication-keyid keyid

No authentication key is
configured to be trusted by default

NOTE:

The same authentication key must be configured on both the server and client sides.

Configuring NTP authentication in symmetric peers mode

When configuring NTP authentication in symmetric peers mode, configure the required tasks on both the

active and passive peers, and on the active peer associate the key with the passive peer.

1.

When the active peer has a greater stratum level than the passive peer:

{

If NTP authentication is not enabled or no key is associated with the passive peer on the active
peer, the active peer synchronizes its clock to the passive peer as long as NTP authentication

is disabled on the passive peer.

{

If NTP authentication is enabled and a key is associated with the passive peer on the active
peer, but the key is not a trusted key, no matter the NTP authentication is enabled on the passive

peer or not, the active peer does not synchronize its clock to the passive peer.

2.

When the active peer has a smaller stratum level than the passive peer:
If NTP authentication is not enabled, no key is associated with the passive peer on the active peer,
or the key is not a trusted key, the clock of the active peer can be synchronized to the passive peer

as long as NTP authentication is disabled on the passive peer.

Configuring NTP authentication for an active peer

To configure NTP authentication for an active peer:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enable NTP authentication.

ntp-service authentication enable

Disabled by default

3.

Configure an NTP
authentication key.

ntp-service authentication-keyid
keyid authentication-mode md5

value

No NTP authentication key is
configured by default.

4.

Configure the key as a trusted
key.

ntp-service reliable
authentication-keyid keyid

No authentication key is
configured to be trusted by default

5.

Associate the specified key

with the passive peer.

ntp-service unicast-peer
{ ip-address | peer-name }
authentication-keyid keyid

You can associate a non-existing
key with a passive peer. To enable
NTP authentication, you must

configure the key and specify it as

a trusted key after associating the
key with the passive peer.

Advertising
This manual is related to the following products:

H3C SR6600-X, H3C SR6600, H3C SecPath F5020, H3C SecPath F5040, H3C VMSG VFW1000, H3C WX3000E Series Wireless Switches, H3C WX5500E Series Access Controllers, H3C WX3500E Series Access Controllers, H3C WX2500E Series Access Controllers, H3C WX6000 Series Access Controllers, H3C WX5000 Series Access Controllers, H3C LSWM1WCM10 Access Controller Module, H3C LSUM3WCMD0 Access Controller Module, H3C LSUM1WCME0 Access Controller Module, H3C LSWM1WCM20 Access Controller Module, H3C LSQM1WCMB0 Access Controller Module, H3C LSRM1WCM2A1 Access Controller Module, H3C LSBM1WCM2A0 Access Controller Module

Popular Brands
Popular manuals