NTP 285
Setting the Authority to Access a Local Switch
Set the authority to access the NTP services on a local switch. This is a basic
security measure. An access request will be matched with
peer, serve, serve
only, and query only in an ascending order of the limitation. The first matched
authority will be granted.
Perform the following configurations in system view.
IP address ACL number is specified through the acl-number parameter and ranges
from 2000 to 2999. The meanings of other authority levels are as follows:
■ query: Allow control query for the local NTP service only.
■ synchronization: Allow request for local NTP time service only.
■ serve: Allow local NTP time service request and control query. However, the
local clock will not be synchronized by a remote server.
■ peer: Allow local NTP time service request and control query. And the local
clock will also be synchronized by a remote server.
Setting Maximum Local Sessions
This configuration task sets the maximum local sessions.
Perform the following configurations in system view.
number specifies the maximum number of local sessions, ranges from 0 to 100,
and defaults to 100.
Displaying and Debugging NTP
After completing the previous configurations, you can use the display command
to show how NTP runs and verify the configurations according to the outputs. You
can use the
debugging command, in user view, to debug NTP. See Table 333 for
the details of these commands.
Table 331 Setting the Authority to Access a Local Ethernet Switch
Operation Command
Set authority to access a local Ethernet switch ntp-service access { query |
synchronization | serve | peer }
acl-number
Cancel settings of the authority to access a
local Ethernet switch
undo ntp-service access { query |
synchronization | serve | peer }
Table 332 Setting the Maximum Local Sessions
Operation Command
Set the maximum local sessions ntp-service max-dynamic-sessions
number
Resume the maximum number of local
sessions
undo ntp-service
max-dynamic-sessions
Table 333 Displaying and Debugging NTP
Operation Command
Display the status of NTP service display ntp-service status