Configuring sntp authentication – H3C Technologies H3C MSR 5600 User Manual
Page 117
104
Step Command
Remarks
2.
Specify an NTP server for the
device.
•
For IPv4:
sntp unicast-server { ip-address
| server-name } [ vpn-instance
vpn-instance-name ]
[ authentication-keyid keyid |
source interface-type
interface-number | version
number ] *
•
For IPv6:
sntp ipv6 unicast-server
{ ipv6-address | server-name }
[ vpn-instance
vpn-instance-name ]
[ authentication-keyid keyid |
source interface-type
interface-number ] *
By default, no NTP server is
specified for the device.
Repeat this step to specify multiple
NTP servers.
To use authentication, you must
specify the authentication-keyid
keyid option.
To use an NTP server as the time source, make sure its clock has been synchronized. If the stratum level
of the NTP server is greater than or equal to that of the client, the client does not synchronize with the NTP
server.
Configuring SNTP authentication
SNTP authentication makes sure an SNTP client is synchronized only to an authenticated trustworthy NTP
server.
To make sure SNTP authentication can work, follow these guidelines on configuring SNTP
authentication:
•
Enable authentication on both the NTP server and the SNTP client.
•
Configure the SNTP client with the same authentication key ID and key value as the NTP server, and
specify the key as a trusted key on both the NTP server and the SNTP client. For information about
configuring NTP authentication on an NTP server, see "
•
Associate the specified key with the specific NTP server on the SNTP client.
With authentication disabled, the SNTP client can synchronize with the NTP server regardless of whether
the NTP server is enabled with authentication.
To configure SNTP authentication on the SNTP client:
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Enable SNTP authentication.
sntp authentication enable
By default, SNTP authentication is
disabled.
3.
Configure an SNTP
authentication key.
sntp authentication-keyid keyid
authentication-mode md5 { cipher
| simple } value
By default, no SNTP authentication
key is configured.
4.
Specify the key as a trusted
key.
sntp reliable authentication-keyid
keyid
By default, no trusted key is
specified.