PurposeCommand or Action
Configuring NTP Access Groups
No specific command enables NTP; the first NTP configuration command that you issue enables NTP.Note
The access list-based restriction scheme allows you to grant or deny certain access privileges to an entire
network, a subnet within a network, or a host within a subnet.
The access group options are scanned in the following order, from least restrictive to most restrictive:
1
peer—Allows time requests and NTP control queries and allows the system to synchronize itself to a
system whose address passes the access list criteria.
2
serve—Allows time requests and NTP control queries, but does not allow the system to synchronize itself
to a system whose address passes the access list criteria.
3
serve-only—Allows only time requests from a system whose address passes the access list criteria.
4
query-only—Allows only NTP control queries from a system whose address passes the access list criteria.
If the source IP address matches the access lists for more than one access type, the first type is granted. If no
access groups are specified, all access types are granted to all systems. If any access groups are specified,
only the specified access types are granted.
For details on NTP control queries, see RFC 1305 (NTP version 3).
SUMMARY STEPS
1.
configure
2.
ntp
3.
access-group{peer | query-only | serve | serve-only} access-list-name
4.
Use one of the following commands:
•
end
•
commit
DETAILED STEPS
PurposeCommand or Action
configure
Step 1
Cisco ASR 9000 Series Aggregation Services Router System Management Configuration Guide, Release 5.1.x
214
Implementing NTP
Configuring NTP Access Groups
To Next Page
Loading...
