Table of Contents
Advertisement
SmartAX MA5616 Multi-service Access Module
Configuration Guide
Prerequisites
Before configuring the NTP authentication, make sure that the network interface and the routing
protocol of the MA5616 are configured so that the server and the client are reachable to each
other at the network layer.
Context
In certain networks that have strict requirements on security, enable NTP authentication when
running the NTP protocol. Configuring NTP authentication is classified into configuring NTP
authentication on the client and configuring NTP authentication on the server.
Precaution
l
l
l
l
l
l
Procedure
Step 1 Run the ntp-service authentication enable command to enable NTP authentication.
Step 2 Run the ntp-service authentication-keyid command to set an NTP authentication key.
Step 3 Run the ntp-service reliable authentication-keyid command to declare that the key is reliable.
----End
Example
To enable NTP authentication, set the NTP authentication key as aNiceKey with the key number
42, and then define key 42 as a reliable key, do as follows:
huawei(config)#ntp-service authentication enable
huawei(config)#ntp-service authentication-keyid 42 authentication-mode md5
aNiceKey
huawei(config)#ntp-service reliable authentication-keyid 42
3.9.1.2 Configuring the NTP Broadcast Mode
This topic describes how to configure the MA5616 for clock synchronization in the NTP
broadcast mode. After the configuration is complete, the server periodically broadcasts clock
synchronization packets through a specified port, and functions as a client to snoop on the
broadcast packets sent from the server and synchronizes the local clock according to the received
broadcast packets.
Issue 04 (2011-10-30)
If NTP authentication is not enabled on the client, the client can synchronize with the server,
regardless of whether NTP authentication is enabled on the server.
If NTP authentication is enabled, a reliable key should be configured.
The configuration of the server must be the same as that of the client.
When NTP authentication is enabled on the client, the client can pass the authentication if
the server is configured with the same key as that of the client. In this case, you need not
enable NTP authentication on the server or declare that the key is reliable.
The client synchronizes with only the server that provides the reliable key. If the key
provided by the server is unreliable, the client does not synchronize with the server.
The flow of configuring NTP authentication is as follows: start->enable NTP
authentication->configure the reliable NTP authentication key->declare the reliable key-
>end.
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
3 Basic Configuration
71
Hide quick links:
Advertisement
Table of Contents
