Ntp-Service Authentication Enable - H3C SR6600 Command Reference Manual

Network management and monitoring command reference

Hide thumbs Also See for SR6600:

Command reference manual (248 pages)

Fundamentals configuration manual (184 pages)

Configuration manual (145 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

page of 265

/ 265
Contents
Table of Contents
Bookmarks

Table of Contents

Default

The access-control right for the peer devices to access the NTP services of the local device is set to peer.

Views

System view

Default command level

3: Manage level

Parameters

peer: Permits full access. This level of right permits the peer devices to perform synchronization and

control query to the local device and also permits the local device to synchronize its clock to that of a peer

device. Control query refers to query of NTP status information, such as alarm information, authentication

status, and clock source information.

query: Permits control query. This level of right permits the peer devices to perform control query to the

NTP service on the local device but does not permit a peer device to synchronize its clock to that of the

local device.

server: Permits server access and query. This level of right permits the peer devices to perform

synchronization and control query to the local device but does not permit the local device to synchronize

its clock to that of a peer device.

synchronization: Permits server access only. This level of right permits a peer device to synchronize its

clock to that of the local device but does not permit the peer devices to perform control query.

acl-number: Specifies a basic ACL number in the range of 2000 to 2999.

Usage guidelines

From the highest NTP service access-control right to the lowest one are peer, server, synchronization,

and query. When a device receives an NTP request, it matches against the access-control right in this

order and uses the first matched right. If no matched right is found, the device drops the NTP request.

The ntp-service access command provides only a minimum degree of security protection. A more secure

method is identity authentication. The related command is ntp-service authentication enable.

Before specifying an ACL number in the ntp-service access command, make sure you have created and

configured this ACL.

Examples

# Configure the peer devices on subnet 10.10.0.0/16 to have the full access right to the local device.

<Sysname> system-view

[Sysname] acl number 2001

[Sysname-acl-basic-2001] rule permit source 10.10.0.0 0.0.255.255

[Sysname-acl-basic-2001] quit

[Sysname] ntp-service access peer 2001