Disabling an interface from receiving ntp messages, Configuring access-control rights – H3C Technologies H3C SecPath F1000-E User Manual
Page 124
12
CAUTION:
•
If you have specified the source interface for NTP messages in the ntp-service unicast-server or
ntp-service unicast-peer command, the interface specified in the ntp-service unicast-server or
ntp-service unicast-peer command serves as the source interface of NTP messages.
•
If you have configured the ntp-service broadcast-server or ntp-service multicast-server command, the
source interface of the broadcast or multicast NTP messages is the interface configured with the
respective command.
•
If the specified source interface for NTP messages is down, the source IP address for an NTP message
that is sent out is the primary IP address of the outgoing interface of the NTP message.
Disabling an Interface from Receiving NTP Messages
When NTP is enabled, NTP messages can be received from all the interfaces by default, and you can
disable an interface from receiving NTP messages through the following configuration.
To do…
Use the command…
Remarks
Enter system view
system-view
—
Enter interface view
interface interface-type
interface-number
—
Disable the interface from
receiving NTP messages
ntp-service in-interface
disable
Required
An interface is enabled to receive
NTP messages by default.
Configuring the Maximum Number of Dynamic Sessions
Allowed
To do…
Use the command…
Remarks
Enter system view
system-view
—
Configure the maximum number of
dynamic sessions allowed to be
established locally
ntp-service
max-dynamic-sessions
number
Required
100 by default
Configuring Access-Control Rights
With the following command, you can configure the NTP service access-control right to the local device.
There are four access-control rights, as follows:
•
query: Control query permitted. This level of right permits the peer devices to perform control
query to the NTP service on the local device but does not permit a peer device to synchronize its
clock to that of the local device. The so-called “control query” refers to query of some states of the
NTP service, including alarm information, authentication status, clock source information, and so
on.
•
synchronization: Server access only. This level of right permits a peer device to synchronize its
clock to that of the local device but does not permit the peer devices to perform control query.