R3303-HP HSR6800 Routers Network Management and Monitoring Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP HSR68xx Configure-to-Order Router Solution

Ste

Command

Remarks

2. Configure the NTP service

access-control right for a peer

device to access the local

device.

ntp-service access { peer | query |

server | synchronization }

acl-number

The default is peer.

Configuring NTP authentication

Enable NTP authentication for a system running NTP in a network where there is a high security demand.

NTP authentication enhances network security by using client-server key authentication, which prohibits

a client from synchronizing with a device that fails authentication.

To configure NTP authentication, do the following:

• Enable NTP authentication

• Configure an authentication key

• Configure the key as a trusted key

• Associate the specified key with an NTP server or a symmetric peer

These tasks are required. If any task is omitted, NTP authentication cannot function.

Configuring NTP authentication in client/server mode

Follow these instructions to configure NTP authentication in client/server mode:

• A client can synchronize to the server only when you configure all the required tasks on both the

client and server.

• On the client, if NTP authentication is not enabled or no key is specified to associate with the NTP

server, the client is not authenticated. No matter whether NTP authentication is enabled or not on

the server, the clock synchronization between the server and client can be performed.

• On the client, if NTP authentication is enabled and a key is specified to associate with the NTP

server, but the key is not a trusted key, the client does not synchronize to the server no matter whether

NTP authentication is enabled or not on the server.

Configuring NTP authentication for a client

Ste

Command

Remarks

1. Enter system view.

system-view N/A

2. Enable NTP authentication.

ntp-service authentication enable

By default, NTP authentication is

disabled.

3. Configure an NTP

authentication key.

ntp-service authentication-keyid

keyid authentication-mode md5

[ cipher | simple ] value

By default, no NTP authentication

key is configured.

Configure the same authentication

key on the client and server.

4. Configure the key as a trusted

key.

ntp-service reliable

authentication-keyid keyid

By default, no authentication key is

configured to be trusted.