beautypg.com

Configuring sntp authentication – H3C Technologies H3C MSR 5600 User Manual

Page 117

background image

104

Step Command

Remarks

2.

Specify an NTP server for the
device.

For IPv4:
sntp unicast-server { ip-address

| server-name } [ vpn-instance

vpn-instance-name ]
[ authentication-keyid keyid |

source interface-type

interface-number | version
number ] *

For IPv6:

sntp ipv6 unicast-server
{ ipv6-address | server-name }

[ vpn-instance

vpn-instance-name ]
[ authentication-keyid keyid |

source interface-type

interface-number ] *

By default, no NTP server is
specified for the device.
Repeat this step to specify multiple
NTP servers.
To use authentication, you must
specify the authentication-keyid

keyid option.

To use an NTP server as the time source, make sure its clock has been synchronized. If the stratum level
of the NTP server is greater than or equal to that of the client, the client does not synchronize with the NTP

server.

Configuring SNTP authentication

SNTP authentication makes sure an SNTP client is synchronized only to an authenticated trustworthy NTP
server.
To make sure SNTP authentication can work, follow these guidelines on configuring SNTP

authentication:

Enable authentication on both the NTP server and the SNTP client.

Configure the SNTP client with the same authentication key ID and key value as the NTP server, and
specify the key as a trusted key on both the NTP server and the SNTP client. For information about

configuring NTP authentication on an NTP server, see "

Configuring NTP

."

Associate the specified key with the specific NTP server on the SNTP client.

With authentication disabled, the SNTP client can synchronize with the NTP server regardless of whether
the NTP server is enabled with authentication.
To configure SNTP authentication on the SNTP client:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enable SNTP authentication.

sntp authentication enable

By default, SNTP authentication is
disabled.

3.

Configure an SNTP
authentication key.

sntp authentication-keyid keyid
authentication-mode md5 { cipher

| simple } value

By default, no SNTP authentication
key is configured.

4.

Specify the key as a trusted
key.

sntp reliable authentication-keyid
keyid

By default, no trusted key is
specified.

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: