Network requirements, Configuration procedure – H3C Technologies H3C SecPath F1000-E User Manual
Page 135
23
[DeviceA-GigabitEthernet0/1] display ntp-service sessions
source reference
stra reach poll now offset delay disper
**************************************************************************
[1234] 3.0.1.31 127.127.1.0 2 255 64 26 -16.0 40.0 16.6
note: 1 source(master),2 source(peer),3 selected,4 candidate,5 configured
Total associations : 1
NOTE:
For more information about how to configuration IGMP and PIM, see
IGMP Configuration and PIM
Configuration in the IP Multicast volume.
Configuring NTP Client/Server Mode with Authentication
Network requirements
As shown in
, perform the following configurations to synchronize the time between Device B
and Device A and ensure network security. More specifically:
•
The local clock of Device A is to be configured as a reference source, with the stratum level of 2.
•
Device B works in client mode and Device A is to be used as the NTP server of Device B, with Device
B as the client.
•
NTP authentication is to be enabled on both Device A and Device B.
Figure 11 Network diagram for configuration of NTP client/server mode with authentication
Configuration procedure
Step1
Set the IP address for each interface as shown in
. The configuration procedure is omitted.
Step2
Configuration on Device A:
# Specify the local clock as the reference source, with the stratum level of 2.
[DeviceA] ntp-service refclock-master 2
Step3
Configuration on Device B:
# Enable NTP authentication on Device B.
[DeviceB] ntp-service authentication enable
# Set an authentication key.
[DeviceB] ntp-service authentication-keyid 42 authentication-mode md5 aNiceKey
# Specify the key as a trusted key.
[DeviceB] ntp-service reliable authentication-keyid 42
# Specify Device A as the NTP server.
[DeviceB] ntp-service unicast-server 1.0.1.11 authentication-keyid 42
Before Device B can synchronize its clock to that of Device A, enable NTP authentication for Device A.