Disabling an interface from receiving ntp messages, Configuring access-control rights, Configuration prerequisites – H3C Technologies H3C WX6000 Series Access Controllers User Manual
Page 80
6-12
Disabling an Interface from Receiving NTP Messages
When NTP is enabled, NTP messages can be received from all the interfaces by default, and you can
disable an interface from receiving NTP messages through the following configuration.
To do…
Use the command…
Remarks
Enter system view
system-view
—
Enter interface view
interface interface-type
interface-number
—
Disable the interface from
receiving NTP messages
ntp-service in-interface disable
Required
An interface is enabled to receive
NTP messages by default.
Configuring the Maximum Number of Dynamic Sessions Allowed
To do…
Use the command…
Remarks
Enter system view
system-view
—
Configure the maximum number of
dynamic sessions allowed to be
established locally
ntp-service
max-dynamic-sessions number
Required
100 by default
Configuring Access-Control Rights
With the following command, you can configure the NTP service access-control right to the local AC.
There are four access-control rights, as follows:
z
query: control query permitted. This level of right permits the peer ACs to perform control query to
the NTP service on the local AC but does not permit a peer AC to synchronize its clock to that of the
local AC. The so-called “control query” refers to query of some states of the NTP service, including
alarm information, authentication status, clock source information, and so on.
z
synchronization: server access only. This level of right permits a peer AC to synchronize its clock
to that of the local AC but does not permit the peer ACs to perform control query.
z
server: server access and query permitted. This level of right permits the peer ACs to perform
synchronization and control query to the local AC but does not permit the local AC to synchronize
its clock to that of a peer AC.
z
peer: full access. This level of right permits the peer ACs to perform synchronization and control
query to the local AC and also permits the local AC to synchronize its clock to that of a peer AC.
From the highest NTP service access-control right to the lowest one are peer, server,
synchronization, and query. When an AC receives an NTP request, it will perform an access-control
right match and will use the first matched right.
Configuration Prerequisites
Prior to configuring the NTP service access-control right to the local AC, you need to create and
configure an ACL associated with the access-control right. For more information about the ACL, see
ACL in the ACL and QoS Configuration Guide.