Configuring Access-Control Rights 957
Configuring the
Maximum Number of
Dynamic Sessions
Allowed
Configuring
Access-Control Rights
With the following command, you can configure the NTP service access-control
right to the local switch. There are four access-control rights, as follows:
■ query: control query permitted. This level of right permits the peer switch to
perform control query to the NTP service on the local switch but does not
permit the peer switch to synchronize its clock to the local switch. The so-called
“control query” refers to query of some states of the NTP service, including
alarm information, authentication status, clock source information, and so on.
■ synchronization: server access only. This level of right permits the peer switch
to synchronize its clock to the local switch but does not permit the peer switch
to perform control query.
■ server: server access and query permitted. This level of right permits the peer
switch to perform synchronization and control query to the local switch but
does not permit the local switch to synchronize its clock to the peer switch.
■ peer: full access. This level of right permits the peer switch to perform
synchronization and control query to the local switch and also permits the local
switch to synchronize its clock to the peer switch.
From the highest NTP service access-control right to the lowest one are peer,
server, synchronization, and query. When a switch receives an NTP request, it
will perform an access-control right match and will use the first matched right.
Configuration
Prerequisites
Prior to configuring the NTP service access-control right to the local switch, you
need to create and configure an ACL associated with the access-control right. For
the configuration of ACL, refer to “ACL Overview” on page 835.
Configuration Procedure Follow these steps to configure the NTP service access-control right to the local
switch:
Disable the interface from
receiving NTP messages
ntp-service in-interface
disable
Required
An interface is enabled to
receive NTP messages by
default
To do… Use the command… Remarks
To do… Use the command… Remarks
Enter system view system-view -
Configure the maximum
number of dynamic sessions
allowed to be established
locally
ntp-service
max-dynamic-sessions
number
Required
100 by default
To do… Use the command… Remarks
Enter system view system-view -
Configure the NTP service
access-control right to the
local switch
ntp-service access { peer |
query | server |
synchronization }
acl-number
Required
peer by default
To Next Page
Loading...
