Network requirements, Configuration procedure – H3C Technologies H3C S7500E Series Switches User Manual
Page 91
3-27
Configuring NTP Client/Server Mode with Authentication
Network requirements
As shown in
, perform the following configurations to synchronize the time between
Device B and Device A and ensure network security.
z
The local clock of Device A is to be configured as a reference source, with the stratum level
of 2.
z
Device B works in the client mode and Device A is to be used as the NTP server of Device
B, with Device B as the client.
z
NTP authentication is to be enabled on both Device A and Device B.
Figure 3-11 Network diagram for configuration of NTP client/server mode with authentication
Configuration procedure
1) Configure IP addresses for interfaces (omitted).
2) Configuration on Device A:
# Specify the local clock as the reference source, with the stratum level of 2.
[DeviceA] ntp-service refclock-master 2
3) Configuration on Device B:
# Enable NTP authentication on Device B.
[DeviceB] ntp-service authentication enable
# Set an authentication key.
[DeviceB] ntp-service authentication-keyid 42 authentication-mode md5 aNiceKey
# Specify the key as a trusted key.
[DeviceB] ntp-service reliable authentication-keyid 42
# Specify Device A as the NTP server of Device B.
[DeviceB] ntp-service unicast-server 1.0.1.11 authentication-keyid 42
Before Device B can synchronize its clock to that of Device A, enable NTP authentication for
Device A.
Perform the following configuration on Device A:
# Enable NTP authentication.
[DeviceA] ntp-service authentication enable
# Set an authentication key.
[DeviceA] ntp-service authentication-keyid 42 authentication-mode md5 aNiceKey
# Specify the key as a trusted key.
[DeviceA] ntp-service reliable authentication-keyid 42
# View the NTP status of Device B after clock synchronization.
[DeviceB] display ntp-service status
Clock status: synchronized
Clock stratum: 3