1-10
From the highest NTP service access-control right to the lowest one are peer, server,
synchronization, and query. When a device receives an NTP request, it will perform an
access-control right match in this order and use the first matched right.
Configuration Prerequisites
Prior to configuring the NTP service access-control right to the local switch for peer devices, you need
to create and configure an ACL associated with the access-control right. For the configuration of ACL,
refer to ACL Configuration in Security Volume.
Configuration Procedure
Table 1-9 Configure the NTP service access-control right to the local device for peer devices
Operation Command… Description
Enter system view
system-view
—
Configure the NTP service
access-control right to the local
switch for peer devices
ntp-service access { peer |
server | synchronization |
query } acl-number
Optional
peer by default
The access-control right mechanism provides only a minimum degree of security protection for the local
switch. A more secure method is identity authentication.
Configuring NTP Authentication
In networks with higher security requirements, the NTP authentication function must be enabled to run
NTP. Through password authentication on the client and the server, the clock of the client is
synchronized only to that of the server that passes the authentication. This improves network security.
Table 1-10 shows the roles of devices in the NTP authentication function.
Table 1-10 Description on the roles of devices in NTP authentication function
Role of device Working mode
Client in the server/client mode
Client in the broadcast mode
Client in the multicast mode
Client
Symmetric-active peer in the symmetric peer mode
Server in the server/client mode
Server in the broadcast mode
Server in the multicast mode
Server
Symmetric-passive peer in the symmetric peer mode
To Next Page
Loading...