Access Control
Permission
Configuration
NTP Authentication
Configuration
Prerequisites
NTP multicast client mode will respond this packet and start the clock
synchronization procedure. In this mode, the switch can accommodate up to
1,024 multicast clients.
n
The total number of the servers and peers configured for a switch can be up to
■
128.
After the configuration, the Switch 7750 does not establish connections with
■
the peer if it operates in NTP server mode. Whereas if it operates in any of the
other modes, it establishes connections with the peer.
If a Switch 7750 operates as a passive peer in peer mode, NTP broadcast client
■
mode, or NTP multicast client mode, the connections it establishes with the
peers are dynamic. If it operates in other modes, the connections it establishes
with the peers are static.
Access control permission to NTP server is a security measure that is of the
minimum extent. Authentication is more reliable comparing to it.
An access request made to an NTP server is matched from the highest permission
to the lowest, that is, in the order of peer, server, synchronization, and query.
Table 603 Configure the access control permission to the local NTP server
Operation
Enter system view
Configure the access
control permission to
the local NTP server
For the networks with higher security requirements, you can specify to perform
authentications when enabling NTP. With the authentications performed on both
the client side and the server side, the client is synchronized only to the server that
passes the authentication. This improves network security.
NTP authentication configuration involves:
Configuring NTP authentication on the client
■
Configuring NTP authentication on the server
■
Note the following when performing NTP authentication configuration:
If the NTP authentication is not enabled on a client, the client can be
■
synchronized to a server regardless of the NTP authentication configuration
performed on the server (assuming that the related configurations are
performed).
You need to couple the NTP authentication with a trusted key.
■
The configurations performed on the server and the client must be the same.
■
A client with NTP authentication enabled is only synchronized to a server that
■
can provide a trusted key.
Access Control Permission Configuration
Command
system-view
ntp-service access { peer |
server | synchronization |
query } acl-number
Description
-
Optional
By default, the access control
permission to the local NTP server
is peer
759