Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4048T-ON

791

792

793

794

795

796

797

798

799

800

Configuring NTP Authentication

NTP authentication and the corresponding trusted key provide a reliable means of exchanging NTP packets with trusted time sources.

NTP authentication begins when the first NTP packet is created following the configuration of keys. NTP authentication in Dell

Networking OS uses the message digest 5 (MD5) algorithm and the key is embedded in the synchronization packet that is sent to an NTP

time source.

Dell Networking OS Behavior: Dell Networking OS uses an encryption algorithm to store the authentication key that is different from

previous Dell Networking OS versions; Dell Networking OS uses data encryption standard (DES) encryption to store the key in the

startup-config when you enter the ntp authentication-key command. Therefore, if your system boots with a startup-

configuration from an Dell Networking OS version in which you have configured ntp authentication-key, the system cannot

correctly decrypt the key and cannot authenticate the NTP packets. In this case, re-enter this command and save the running-config to

the startup-config.

To configure NTP authentication, use the following commands.

1. Enable NTP authentication.

CONFIGURATION mode

ntp authenticate

2. Set an authentication key.

CONFIGURATION mode

ntp authentication-key number md5 key

Configure the following parameters:

• number: the range is from 1 to 4294967295. This number must be the same as the number in the ntp trusted-key

command.

• key: enter a text string. This text string is encrypted.

3. Define a trusted key.

CONFIGURATION mode

ntp trusted-key number

Configure a number from 1 to 4294967295.

The number must be the same as the number used in the ntp authentication-key command.

4. Configure an NTP server.

CONFIGURATION mode

ntp server [vrf] <vrf-name> {hostname | ipv4-address |ipv6-address} [ key keyid] [prefer]

[version number]

Configure the IP address of a server and the following optional parameters:

• ○ vrf-name : Enter the name of the VRF through which the NTP server is reachable.

○ hostname : Enter the keyword hostname to see the IP address or host name of the remote device.

○ ipv4-address : Enter an IPv4 address in dotted decimal format (A.B.C.D).

○ ipv6-address : Enter an IPv6 address in the format 0000:0000:0000:0000:0000:0000:0000:0000. Elision of zeros is

supported.

○ key keyid : Configure a text string as the key exchanged between the NTP server and the client.

○ prefer: Enter the keyword prefer to set this NTP server as the preferred server.

○ version number : Enter a number as the NTP version. The range is from 1 to 4.

5. Configure the switch as NTP master.

CONFIGURATION mode

ntp master <stratum>

To configure the switch as NTP Server use the ntp master<stratum> command. stratum number identifies the NTP Server's

hierarchy.

The following example shows configuring an NTP server.

R6_E300(conf)#1w6d23h : NTP: xmit packet to 192.168.1.1:

leap 0, mode 3, version 3, stratum 2, ppoll 1024

rtdel 0219 (8.193970), rtdsp AF928 (10973.266602), refid C0A80101 (192.168.1.1)

ref CD7F4F63.6BE8F000 (14:51:15.421 UTC Thu Apr 2 2009)

796

System Time and Date