Configuring ntp authentication for a server – H3C Technologies H3C MSR 50 User Manual

Page 51

Advertising
background image

Step Command

Remarks

By default, no NTP authentication
key is configured.

ntp-service authentication-keyid
keyid authentication-mode md5
[ cipher | simple ] value

69.

Configure an NTP

authentication key.

Configure the same authentication
key on the client and server.

70.

Configure the key as a trusted
key.

ntp-service reliable
authentication-keyid keyid

By default, no authentication key is
configured to be trusted.

You can associate a non-existing
key with an NTP server. To enable

NTP authentication, you must

configure the key and specify it as
a trusted key after associating the

key with the NTP server.

ntp-service unicast-server
{ ip-address | server-name }

authentication-keyid keyid

71.

Associate the specified key
with an NTP server.

Configuring NTP authentication for a server

Step Command

Remarks

72.

Enter system view.

system-view

N/A

By default, NTP authentication is
disabled.

73.

Enable NTP authentication.

ntp-service authentication enable

By default, no NTP authentication
key is configured.

ntp-service authentication-keyid
keyid authentication-mode md5
[ cipher | simple ] value

74.

Configure an NTP

authentication key.

Configure the same authentication
key on the client and server.

75.

Configure the key as a trusted
key.

ntp-service reliable
authentication-keyid keyid

By default, no authentication key is
configured to be trusted.

Configuring NTP authentication in symmetric peers mode

Follow these instructions to configure NTP authentication in symmetric peers mode:

An active symmetric peer can synchronize to the passive symmetric peer only when you configure
all the required tasks on both the active symmetric peer and passive symmetric peer.

When the active peer has a greater stratum level than the passive peer:

{

On the active peer, if NTP authentication is not enabled or no key is specified to associate with
the passive peer, the active peer synchronizes to the passive peer as long as NTP authentication

is disabled on the passive peer.

{

On the active peer, if NTP authentication is enabled and a key is associated with the passive
peer, but the key is not a trusted key, no matter whether NTP authentication is enabled or not on

the passive peer, the active peer does not synchronize to the passive peer.

When the active peer has a smaller stratum level than the passive peer:
On the active peer, if NTP authentication is not enabled, no key is specified to associate with the
passive peer, or the key is not a trusted key, the active peer can synchronize to the passive peer
as long as NTP authentication is disabled on the passive peer.

38

Advertising
This manual is related to the following products:

H3C MSR 30, H3C MSR 2600, H3C MSR 20-2X[40], H3C MSR 20-1X, H3C MSR 930, H3C MSR 900, H3C S12500 Series Switches, H3C S9500E Series Switches, H3C S10500 Series Switches, H3C S5800 Series Switches, H3C S5820X Series Switches

Popular Brands
Popular manuals