R3303-HP HSR6800 Routers Network Management and Monitoring Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP HSR68xx Configure-to-Order Router Solution

Ste

Command

Remarks

5. Associate the specified key

with an NTP server.

ntp-service unicast-server

{ ip-address | server-name }

authentication-keyid keyid

You can associate a non-existing

key with an NTP server. To enable

NTP authentication, you must

configure the key and specify it as

a trusted key after associating the

key with the NTP server.

Configuring NTP authentication for a server

Ste

Command

Remarks

1. Enter system view.

system-view N/A

2. Enable NTP authentication.

ntp-service authentication enable

By default, NTP authentication is

disabled.

3. Configure an NTP

authentication key.

ntp-service authentication-keyid

keyid authentication-mode md5

[ cipher | simple ] value

By default, no NTP authentication

key is configured.

Configure the same authentication

key on the client and server.

4. Configure the key as a trusted

key.

ntp-service reliable

authentication-keyid keyid

By default, no authentication key is

configured to be trusted.

Configuring NTP authentication in symmetric peers mode

Follow these instructions to configure NTP authentication in symmetric peers mode:

• An active symmetric peer can synchronize to the passive symmetric peer only when you configure

all the required tasks on both the active symmetric peer and passive symmetric peer.

• When the active peer has a greater stratum level than the passive peer:

{ On the active peer, if NTP authentication is not enabled or no key is specified to associate with

the passive peer, the active peer synchronizes to the passive peer as long as NTP authentication

is disabled on the passive peer.

{ On the active peer, if NTP authentication is enabled and a key is associated with the passive

peer, but the key is not a trusted key, no matter whether NTP authentication is enabled or not on

the passive peer, the active peer does not synchronize to the passive peer.

• When the active peer has a smaller stratum level than the passive peer:

On the active peer, if NTP authentication is not enabled, no key is specified to associate with the

passive peer, or the key is not a trusted key, the active peer can synchronize to the passive peer

as long as NTP authentication is disabled on the passive peer.

Configuring NTP authentication for an active peer

Ste

Command

Remarks

1. Enter system view.

system-view N/A