Disabling an interface from receiving ntp messages, Configuring ntp authentication – H3C Technologies H3C SecBlade NetStream Cards User Manual
Page 212
197
To do…
Use the command…
Remarks
Enter system view
system-view
—
Specify the source interface for
NTP messages
ntp-service source-interface
interface-type interface-number
Required
By default, no source interface is
specified for NTP messages, and
the system uses the IP address of
the interface determined by the
matching route as the source IP
address of NTP messages.
CAUTION:
•
If you have specified the source interface for NTP messages in the ntp-service unicast-server command,
the interface specified in the ntp-service unicast-server command serves as the source interface of NTP
messages.
•
If the specified source interface for NTP messages is down, the source IP address for an NTP message
that is sent out is the primary IP address of the outgoing interface of the NTP message.
Disabling an interface from receiving NTP messages
When NTP is enabled, NTP messages can be received from all the interfaces by default, and you can
disable an interface from receiving NTP messages through the following configuration.
To do…
Use the command…
Remarks
Enter system view
system-view
—
Enter interface view
interface interface-type
interface-number
—
Disable the interface from
receiving NTP messages
ntp-service in-interface disable
Required
An interface is enabled to receive
NTP messages by default.
Configuring the maximum number of dynamic sessions
allowed
To do…
Use the command…
Remarks
Enter system view
system-view
—
Configure the maximum number of
dynamic sessions allowed to be
established locally
ntp-service max-dynamic-sessions
number
Required
100 by default
Configuring NTP authentication
NTP authentication should be enabled for a system running NTP in a network where there is a high
security demand. It enhances the network security by means of client-server key authentication, which
prohibits a client from synchronizing with a device that has failed authentication.