- Table of Contents
-
- H3C S7500 Series Command Manual(Release 3100 Series)-(V1.04)
- 00-1Cover
- 01-CLI Commands
- 02-Login Commands
- 03-Configuration File Management Commands
- 04-VLAN Commands
- 05-Extended VLAN Application Commands
- 06-IP Address-IP Performance-IPX Commands
- 07-GVRP Commands
- 08-QinQ Commands
- 09-Port Basic Configuration Commands
- 10-Link Aggregation Commands
- 11-Port Isolation Commands
- 12-Port Binding Commands
- 13-DLDP Commands
- 14-MAC Address Table Commands
- 15-MSTP Commands
- 16-Routing Protocol Commands
- 17-Multicast Commands
- 18-802.1x Commands
- 19-AAA-RADIUS-HWTACACS-EAD Commands
- 20-Traffic Accounting Commands
- 21-VRRP-HA Commands
- 22-ARP Commands
- 23-DHCP Commands
- 24-ACL Commands
- 25-QoS Commands
- 26-Mirroring Commands
- 27-Cluster Commands
- 28-PoE Commands
- 29-UDP-Helper Commands
- 30-SNMP-RMON Commands
- 31-NTP Commands
- 32-SSH Terminal Service Commands
- 33-File System Management Commands
- 34-FTP and TFTP Commands
- 35-Information Center Commands
- 36-DNS Commands
- 37-System Maintenance and Debugging Commands
- 38-HWPing Commands
- 39-RRPP Commands
- 40-NAT-Netstream-Policy Routing Commands
- 41-Telnet Protection Commands
- 42-Hardware-Dependent Software Configuration Commands
- 43-Appendix
- Related Documents
-
Title | Size | Download |
---|---|---|
31-NTP Commands | 113 KB |
Table of Contents
Chapter 1 NTP Configuration Commands
1.1 NTP Configuration Commands
1.1.1 display ntp-service sessions
1.1.2 display ntp-service status
1.1.3 display ntp-service trace
1.1.5 ntp-service authentication enable
1.1.6 ntp-service authentication-keyid
1.1.7 ntp-service broadcast-client
1.1.8 ntp-service broadcast-server
1.1.10 ntp-service in-interface disable
1.1.11 ntp-service max-dynamic-sessions
1.1.12 ntp-service multicast-client
1.1.13 ntp-service multicast-server
1.1.14 ntp-service refclock-master
1.1.15 ntp-service reliable authentication-keyid
1.1.16 ntp-service source-interface
1.1.17 ntp-service unicast-peer
1.1.18 ntp-service unicast-server
Chapter 1 NTP Configuration Commands
1.1 NTP Configuration Commands
1.1.1 display ntp-service sessions
Syntax
display ntp-service sessions [ verbose ]
View
Any view
Parameters
verbose: Displays the detailed information about all the sessions maintained by the NTP service. When you configure this command without the verbose parameter, the Ethernet switch displays the brief information about all the sessions.
Description
Use the display ntp-service sessions command to display the status of all the sessions maintained by NTP service provided by the local device.
Caution:
The sessions can be created in all NTP operating modes except the NTP server mode.
Examples
# Display the status of all the sessions maintained by the NTP service.
<H3C> display ntp-service sessions
source reference stra reach poll now offset delay disper
********************************************************************
[12345]1.0.1.11 LOCAL(0) 3 377 64 16 -0.4 0.0 0.9
note: 1 source(master),2 source(peer),3 selected,4 candidate,5 configured
1.1.2 display ntp-service status
Syntax
display ntp-service status
View
Any view
Parameters
None
Description
Use the display ntp-service status command to display the NTP service status.
Examples
# Display the NTP service status information.
<H3C> display ntp-service status
Service status:enabled
Clock status: unsynchronized
Clock stratum: 16
Reference clock ID: none
Nominal frequency: 100.0000 Hz
Actual frequency: 100.0000 Hz
Clock precision: 2^18
Clock offset: 0.0000 ms
Root delay: 0.00 ms
Root dispersion: 0.00 ms
Peer dispersion: 0.00 ms
Reference time: 00:00:00.000 UTC Jan 1 1900(00000000.00000000)
The following table describes the displayed fields:
Table 1-1 NTP service status information
Field |
Meaning |
Service status |
NTP service status: enabled or disabled |
Clock status: unsynchronized |
Local clock status: is not synchronized to any remote NTP server |
Clock stratum |
Indicates the NTP stratum of the local clock |
Reference clock ID |
|
Nominal frequency |
Nominal frequency of the local system hardware clock |
Actual frequency |
Actual frequency of the local system hardware clock |
Clock precision |
Precision of the local clock |
Clock offset |
Time difference between Offset of the local clock to the NTP server clock |
Root delay |
Total delay from local device to the master reference clock |
Root dispersion |
Dispersion of the local clock relative to the master reference clock |
Peer dispersion |
Dispersion of the remote NTP server |
Reference time |
Reference timestamp |
1.1.3 display ntp-service trace
Syntax
display ntp-service trace
View
Any view
Parameters
None
Description
Use the display ntp-service trace command to display the brief information about every NTP server on the way from the local device to the reference clock source.
Examples
# Display the brief information about every NTP server on the way from the local device to the master reference clock source.
<H3C> display ntp-service trace
server 127.0.0.1,stratum 8, offset 0.000000, synch distance 0.00000
refid 127.127.1.0
1.1.4 ntp-service access
Syntax
ntp-service access { query | synchronization | server | peer } acl-number
undo ntp-service access { query | synchronization | server | peer }
View
System view
Parameters
query: Allows to query the local NTP service only.
synchronization: Only allows the peer device to synchronize its clock to the local device.
server: Allows the peer device to perform synchronization and control query to the local device but does not permit the local device to synchronize its clock to the peer device.
peer: Full access. This level of right permits the peer device to perform synchronization and control query to the local device and also permits the local device to synchronize its clock to the peer device.
acl-number: The IP address access control list number, ranging from 2000 to 2999.
Description
Use the ntp-service access command to set the right to access the local device service.
Use the undo ntp-service access command to cancel the access authority settings.
By default, no right limit is configured.
Compared with authentication, setting the right to access and control the NTP services is a basic and brief security measure. From the highest NTP service access-control right to the lowest one are peer, server, synchronization, and query. When a device receives an NTP request, it will perform an access control right match and will use first matched right.
Examples
# Configure to permit the remote switch defined in ACL 2000 to perform time synchronization request, query and synchronization to the local device.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] ntp-service access peer 2000
# Configure to permit the remote switch defined in ACL 2000 to perform time synchronization request and query to the local device.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] ntp-service access synchronization 2000
1.1.5 ntp-service authentication enable
Syntax
ntp-service authentication enable
undo ntp-service authentication enable
View
System view
Parameters
None
Description
Use the ntp-service authentication enable command to enable the NTP-service authentication function.
Use the undo ntp-service authentication enable command to disable this function.
By default, the authentication is disabled.
Examples
# Enable NTP authentication function.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] ntp-service authentication enable
1.1.6 ntp-service authentication-keyid
Syntax
ntp-service authentication-keyid number authentication-mode md5 value
undo ntp-service authentication-keyid number
View
System view
Parameters
number: Specifies the key number from 1 to 4,294,967,295.
value: Specifies the value of the key with 1 to 32 ASCII characters.
Description
Use the ntp-service authentication-keyid command to set an NTP authentication key.
Use the undo ntp-service authentication-keyid command to cancel the NTP authentication key.
By default, no authentication key is configured.
Currently the system supports MD5 authentication only.
Examples
# Set MD5 authentication key 10 as hello.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] ntp-service authentication-keyid 10 authentication-mode md5 hello
1.1.7 ntp-service broadcast-client
Syntax
ntp-service broadcast-client
undo ntp-service broadcast-client
View
VLAN interface view
Parameters
None
Description
Use the ntp-service broadcast-client command to configure NTP broadcast client mode.
Use the undo ntp-service broadcast-client command to disable NTP broadcast client mode.
By default, the NTP broadcast client mode is disabled.
Designate an interface on the local device to receive NTP broadcast packets. The local device operates in broadcast client mode. The local device listens to the broadcast packets from the server. When it receives the first broadcast packet, it starts a brief client/server mode to exchange messages with a remote server for estimating the network delay. Thereafter, the local device enters broadcast client mode and continues listening to the broadcast packets and synchronizes the local clock based on the arrived broadcast packets.
Examples
# Configure to receive NTP broadcast packets through VLAN-interface 1.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] interface vlan-interface1
[H3C-Vlan-Interface1] ntp-service broadcast-client
1.1.8 ntp-service broadcast-server
Syntax
ntp-service broadcast-server [ authentication-keyid keyid version number ]*
undo ntp-service broadcast-server
View
VLAN interface view
Parameters
authentication-keyid: Specifies an authentication key.
keyid: Key ID used in broadcast, ranging from 1 to 4,294,967,295.
version: Defines an NTP version number.
number: NTP version number, ranging from 1 to 3.
Description
Use the ntp-service broadcast-server command to configure NTP broadcast server mode.
Use the undo ntp-service broadcast-server command to disable the NTP broadcast server mode.
By default, the broadcast service is disabled. When no NTP version number is specified, the default version number is 3.
Designate an interface on the local device to broadcast NTP packets. The local device runs in broadcast-server mode and regularly broadcasts packets to its clients.
Examples
# Configure to broadcast NTP packets through VLAN-interface 1. Encrypt them with Key 4 and set the NTP version number to 3.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] interface vlan-interface1
[H3C-Vlan-Interface1] ntp-service broadcast-server authentication-key 4 version 3
1.1.9 ntp-service disable
Syntax
ntp-service disable
undo ntp-service disable
View
System view
Parameters
None
Description
Use the ntp-service disable command to disable the NTP service function.
Use undo ntp-service disable command to enable this function.
By default, the NTP service is enabled.
Examples
# Disable NTP service on the device.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] ntp-service disable
1.1.10 ntp-service in-interface disable
Syntax
ntp-service in-interface disable
undo ntp-service in-interface disable
View
VLAN interface view
Parameters
None
Description
Use the ntp-service in-interface disable command to disable an interface from receiving NTP messages.
Use the undo ntp-service in-interface disable command to enable an interface to receive NTP messages.
By default, an interface is enabled to receive NTP messages.
Examples
# Disable VLAN-interface 1 from receiving NTP message.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] interface vlan-interface1
[H3C-Vlan-Interface1] ntp-service in-interface disable
1.1.11 ntp-service max-dynamic-sessions
Syntax
ntp-service max-dynamic-sessions number
undo ntp-service max-dynamic-sessions
View
System view
Parameters
number: The maximum number of sessions that can be created locally, ranging from 0 to 100.
Description
Use the ntp-service max-dynamic-sessions command to set the maximum number of dynamic sessions that can be created locally.
Use the undo ntp-service max-dynamic-sessions command to restore the default value.
By default, a local device allows up to 100 dynamic sessions.
& Note:
Only the sessions created in NTP peer mode, NTP broadcast client mode and NTP multicast client mode are dynamic sessions. Other sessions are static sessions.
Examples
# Set the local device to allow up to 50 sessions.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] ntp-service max-dynamic-sessions 50
1.1.12 ntp-service multicast-client
Syntax
ntp-service multicast-client [ ip-address ]
undo ntp-service multicast-client [ ip-address ]
View
VLAN interface view
Parameters
ip-address: Specifies a multicast IP address of Class D.
Description
Use the ntp-service multicast-client command to configure the NTP multicast client mode.
Use the undo ntp-service multicast-client command to disable the NTP multicast client mode.
By default, the multicast client service is disabled. ip-address defaults to 224.0.1.1.
Designate an interface on the local device to receive NTP multicast packets. The local device operates in the multicast client mode. The local device listens to the multicast packets from the server. When it receives the first multicast packet, it starts a brief client/server mode to exchange messages with a remote server for estimating the network delay. Thereafter, the local device enters the multicast client mode and continues listening to the multicast packets and synchronizes the local clock based on the arrived multicast message.
Examples
# Configure to receive NTP multicast packets to the multicast group address of 224.0.1.1 through VLAN-interface1.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] interface vlan-interface 1
[H3C-Vlan-Interface1] ntp-service multicast-client 224.0.1.1
1.1.13 ntp-service multicast-server
Syntax
ntp-service multicast-server [ ip-address ] [ authentication-keyid keyid ] [ ttl ttl-number ] [ version number ]*
undo ntp-service multicast-server [ ip-address ]
View
VLAN interface view
Parameters
ip-address: Specifies a multicast IP address of Class D and default to 224.0.1.1.
authentication-keyid: Specifies an authentication key.
keyid: Key ID used in multicast, ranging from 1 to 4,294,967,295.
ttl: Defines the time to live (TTL) of a multicast packet.
ttl-number: Specify the TTL of a multicast packet, ranging from 1 to 255.
version: Defines an NTP version number.
number: Specifies an NTP version number, ranging from 1 to 3.
Description
Use the ntp-service multicast-server command to configure NTP multicast server mode. If no IP address is specified, the switch automatically chooses 224.0.1.1 as the multicast IP address.
Use the undo ntp-service multicast-server command to disable NTP multicast server mode, if no IP address is specified, the switch will disable the configuration of the multicast IP address 224.0.1.1.
By default, the multicast service is disabled. IP address defaults to 224.0.1.1 and the version number defaults to 3.
Designate an interface on the local device to transmit NTP multicast packets. The local device operates in multicast-server mode and multicasts packets regularly to its clients.
Examples
# Configure to transmit NTP multicast packets encrypted with Key 4 through VLAN-interface 1 at 224.0.1.1 and use NTP version 3.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] interface vlan-interface 1
[H3C-Vlan-Interface1] ntp-service multicast-server 224.0.1.1 authentication-keyid 4 version 3
1.1.14 ntp-service refclock-master
Syntax
ntp-service refclock-master [ ip-address ] [ stratum ]
undo ntp-service refclock-master [ ip-address ]
View
System view
Parameters
ip-address: Specifies the reference clock IP address as 127.127.1.u. Here, u ranges from 0 to 3.
stratum: Specifies which stratum the local clock is located at. The value ranges from 1 to 15.
Description
Use the ntp-service refclock-master command to configure an external reference clock or the local clock as an NTP master clock.
Use the undo ntp-service refclock-master command to cancel the NTP master clock settings.
By default, no NTP master clock is configured. When ip-address is not specified, the local clock is set to the NTP master clock by default. When stratum is not specified, the local clock is located at stratum 8 by default.
You can use this command to designate an external reference clock or the local clock as an NTP master clock to provide synchronized time to other devices. ip-address specifies the IP address of an external clock as 127.127.1.u. If no IP address is specified, the local clock is configured as the NTP master clock by default. You can also specify the stratum at which the NTP master clock is located.
Examples
# Specify the local clock as the NTP master clock to provide synchronized time for its peers and locate the master clock at stratum 3.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] ntp-service refclock-master 3
1.1.15 ntp-service reliable authentication-keyid
Syntax
ntp-service reliable authentication-keyid number
undo ntp-service reliable authentication-keyid number
View
System view
Parameters
number: Specifies the key number, ranging from 1 to 4,294,967,295.
Description
Use the ntp-service reliable authentication-keyid command to configure the key as a reliable key.
Use the undo ntp-service reliable authentication-keyid command to cancel the current setting.
By default, no reliable key is configured.
When you enable the authentication, you can use this command to configure one or more than one reliable keys. In this case, a client only synchronizes to the server that provides reliable keys.
Examples
# Enable NTP authentication, adopt MD5 encryption, and designate Key 37 BetterKey and configure it as a reliable key.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] ntp-service authentication enable
[H3C] ntp-service authentication-keyid 37 authentication-mode md5 BetterKey
[H3C] ntp-service reliable authentication-keyid 37
1.1.16 ntp-service source-interface
Syntax
ntp-service source-interface interface-type interface-number
undo ntp-service source-interface
View
System view
Parameters
interface-type: Specifies an interface type. This parameter is used to specify an interface together with the interface-number parameter.
interface-number: Specifies an interface number. This parameter is used to specify an interface with the interface-type parameter.
Description
Use the ntp-service source-interface command to designate an interface to transmit NTP messages.
Use the undo ntp-service source-interface command to cancel the current setting.
By default, the source address depends on the output interface.
You can use this command to designate an interface of which the IP address will be the source IP address in all the NTP packets sent by the local device so that the remote device sends the response message to this interface only.
Examples
# Configure all the outgoing NTP packets to use the IP address of VLAN-interface1 as their source IP address.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] ntp-service source-interface Vlan-Interface 1
1.1.17 ntp-service unicast-peer
Syntax
ntp-service unicast-peer { ip-address | server-name } [ version number | authentication-key keyid | source-interface interface-type interface-number | priority ]*
undo ntp-service unicast-peer { ip-address | server-name }
View
System view
Parameters
ip-address: Specifies the IP address of a remote server.
server-name: Specifies the host name of an NTP server, containing 1 to 20 characters.
version: Defines an NTP version number.
number: NTP version number, ranging from 1 to 3.
authentication-keyid: Defines an authentication key.
keyid: Key ID used for transmitting messages to a remote server, ranging from 1 to 4,294,967,295.
source-interface: Specifies an interface name.
interface-type: Specifies an interface type and determines an interface together with the interface-number parameter.
interface-number: Specifies an interface number and determines an interface together with the interface-type parameter.
priority: Designates a server as the first choice.
Description
Use the ntp-service unicast-peer command to configure NTP peer mode.
Use the undo ntp-service unicast-peer command to cancel NTP peer mode.
By default, no NTP peer mode is configured. When you do not specify a version number, the default version number is 3. When you do not specify authentication-keyid, authentication is disabled and the local server is not the first choice.
This command sets the remote server at ip-address as a peer of the local device, which operates in symmetric active mode. ip-address specifies a host address other than a broadcast address, multicast address, or the IP address of a reference clock. Under this configuration, a local device can synchronize and be synchronized by a remote server.
Examples
# Configure the local device to synchronize or to be synchronized by a peer at 128.108.22.44. Set the NTP version to 3. The IP address of the NTP packets is taken from that of VLAN-interface 1.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] ntp-service unicast-peer 131.108.22.33 version 3 source-interface Vlan-Interface 1
1.1.18 ntp-service unicast-server
Syntax
ntp-service unicast-server { ip-address | server-name } [ version number | authentication-keyid keyid | source-interface interface-type interface-number | priority ]*
undo ntp-service unicast-server { ip-address | server-name }
View
System view
Parameters
ip-address: Specifies the IP address of a remote server.
server-name: Specifies the host name of an NTP server, containing 1 to 20 characters.
version: Defines an NTP version number.
number: NTP version number, ranging from 1 to 3.
authentication-keyid: Defines an authentication key.
keyid: Key ID used for transmitting messages to a remote server, ranging from 1 to 4,294,967,295.
source-interface: Specifies an interface name.
interface-type: Specifies an interface type and determines an interface together with the interface-number parameter.
interface-number: Specifies an interface number and determines an interface together with the interface-type parameter.
priority: Designates a server as the first choice.
Description
Use the ntp-service unicast-server command to configure NTP server mode. Use the undo ntp-service unicast-server command to disable NTP server mode.
By default, no NTP server mode is configured. When you do not specify a version number, the default version number is 3. When you do not specify authentication-keyid, authentication is disabled.
The command announces to use the remote server at ip-address as the local time server. ip-address specifies a host address other than a broadcast address, multicast address, or the IP address of a reference clock. By operating in client mode, a local device can be synchronized by a remote server, but not synchronize any remote server.
Examples
# Designate the server at 128.108.22.44 to synchronize the local device and use NTP version 3.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] ntp-service unicast-server 128.108.22.44 version 3