Login
- Table of Contents
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 03-NTP Commands | 100.51 KB |
ntp-service authentication enable
ntp-service authentication-keyid·
ntp-service in-interface disable·
ntp-service max-dynamic-sessions·
ntp-service reliable authentication-keyid·
NTP configuration commands
display ntp-service sessions
Use display ntp-service sessions to display information about all NTP associations.
Syntax
display ntp-service sessions [ verbose ] [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
verbose: Displays detailed information about all NTP associations. If you do not specify this keyword, the command displays only brief information about the NTP associations.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Examples
# Display brief information about all NTP associations.
<Sysname> display ntp-service sessions
source reference stra reach poll now offset delay disper
********************************************************************************
[12345]127.127.1.0 127.127.1.0 3 1 64 33 0.0 0.0 0.0
note: 1 source(master),2 source(peer),3 selected,4 candidate,5 configured
Total associations : 1
Table 1 Command output
|
Field |
Description |
|
source |
IP address of the clock source. |
|
reference |
Reference clock ID of the clock source: · If the reference clock is the local clock, the value of this field is related to the value of the stra field: ¡ When the value of the stra field is 0 or 1, this field will be LOCL. ¡ When the stra field has another value, this field will be the IP address of the local clock. · If the reference clock is the clock of another device on the network, the value of this field will be the IP address of that device. |
|
stra |
Stratum level of the clock source, which determines the clock precision. The value is in the range of 1 to 16. The clock precision decreases from stratum 1 to stratum 16. A stratum 1 clock has the highest precision, and a stratum 16 clock is not synchronized. |
|
reach |
Reachability count of the clock source. 0 indicates that the clock source is unreachable. |
|
poll |
Poll interval in seconds, namely, the maximum interval between successive NTP messages. |
|
now |
Length of time from when the last NTP message was received or when the local clock was last updated to the current time. By default time is in seconds. If the time length is greater than 2048 seconds, it is displayed in minutes. If greater than 300 minutes, it is displayed in hours. If greater than 96 hours, it is displayed in days. |
|
offset |
Offset of the system clock relative to the reference clock, in milliseconds. |
|
delay |
Roundtrip delay from the local device to the clock source, in milliseconds. |
|
disper |
Maximum error of the system clock relative to the reference source. |
|
[12345] |
· 1—The current reference source that the device is synchronizing to. · 2—Stratum level of the clock source is less than or equal to 15. · 3—This clock source has survived the clock selection algorithm. · 4—This clock source is a candidate clock source. · 5—This clock source was created by a configuration command. |
|
Total associations |
Total number of associations. |
# Display detailed information about all NTP associations.
<Sysname> display ntp-service sessions verbose
clock source: 127.127.1.0
clock stratum: 3
clock status: configured, master, sane, valid
reference clock ID: 127.127.1.0
local mode: client, local poll: 6
peer mode: server, peer poll: 6
offset: 0.0000 ms,delay: 0.00 ms, disper: 0.02 ms
root delay: 0.00 ms, root disper: 10.00 ms
reach: 1, sync dist: 0.010, sync state: 2
precision: 2^18, version: 3, peer interface: InLoopBack0
reftime: 10:56:22.442 UTC Aug 7 2009(CE2686D6.71484513)
orgtime: 10:56:22.442 UTC Aug 7 2009(CE2686D6.71484513)
rcvtime: 10:56:22.442 UTC Aug 7 2009(CE2686D6.7149E881)
xmttime: 10:56:22.442 UTC Aug 7 2009(CE2686D6.71464DC2)
filter delay : 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
filter offset: 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
filter disper: 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
reference clock status: working abnormally
timecode:
Total associations : 1
Table 2 Command output
|
Field |
Description |
|
clock source |
IP address of the clock source. |
|
clock stratum |
Stratum level of the clock source, which determines the clock precision. The value is in the range of 1 to 16. The clock precision decreases from stratum 1 to stratum 16. A stratum 1 clock has the highest precision, and a stratum 16 clock is not synchronized. |
|
clock status |
Status of the clock source: · configured—The association is a static one. · dynamic—The association is a dynamic one. · master—The clock source is the primary reference source of the current system. · selected—The clock source has survived the clock selection algorithm. · candidate—The clock source is the candidate reference source. · sane—The clock source has passed the sane authentication. · insane—The clock source has failed the sane authentication. · valid—The clock source is valid: it has passed the authentication and is in synchronized state, its stratum level is valid, and its root delay and root dispersion values are within the allowed ranges. · invalid—The clock source is invalid. · unsynced—The clock source has not been synchronized or the value of the stratum level is invalid. |
|
reference clock ID |
Reference clock ID of the clock source: · If the reference clock is the local clock, the value of this field is related to the stratum level of the clock source: ¡ When the stratum level of the clock source is 0 or 1, this field is LOCL. ¡ When the stratum level of the clock source has another value, this field is the IP address of the local clock. · If the reference clock is the clock of another device on the network, the value of this field is the IP address of that device. |
|
local mode |
Operation mode of the local device: · unspec—The mode is unspecified. · active—Active mode. · passive—Passive mode. · client—Client mode. · server—Server mode. · bdcast—Broadcast server mode. · control—Control query mode. · private—Private message mode. |
|
local poll |
Poll interval of the local device, in seconds. The value displayed is a power of 2. For example, if the displayed value is 6, the poll interval of the local device is 26, or 64 seconds. |
|
peer mode |
Operation mode of the peer device: · unspec—The mode is unspecified. · active—Active mode. · passive—Passive mode. · client—Client mode. · server—Server mode. · bdcast—Broadcast server mode. · control—Control query mode. · private—Private message mode. |
|
peer poll |
Poll interval of the peer device, in seconds. The value displayed is a power of 2. For example, if the displayed value is 6, the poll interval of the local device is 26, or 64 seconds. |
|
offset |
Offset of the system clock relative to the reference clock, in milliseconds. |
|
delay |
Roundtrip delay from the local device to the clock source, in milliseconds. |
|
disper |
Maximum error of the system clock relative to the reference clock. |
|
root delay |
Roundtrip delay from the local device to the primary reference source, in milliseconds. |
|
root disper |
Maximum error of the system clock relative to the primary reference clock, in milliseconds. |
|
reach |
Reachability count of the clock source. 0 indicates that the clock source is unreachable. |
|
sync dist |
Synchronization distance relative to the upper-level clock, in seconds, and calculated from dispersion and roundtrip delay values. |
|
sync state |
State of the state machine. The displayed value is an integer that is in the range of 0 to 5. |
|
precision |
Precision of the system clock. |
|
version |
NTP version. The displayed value is an integer that is in the range of 1 to 4. |
|
peer interface |
Source interface. If the source interface is not specified, this field is wildcard. |
|
reftime |
Reference timestamp in the NTP message. |
|
orgtime |
Originate timestamp in the NTP message. |
|
rcvtime |
Receive timestamp in the NTP message. |
|
xmttime |
Transmit timestamp in the NTP message. |
|
filter delay |
Delay information. |
|
filter offset |
Offset information. |
|
filter disper |
Dispersion information. |
|
reference clock status |
Status of the reference clock: · working normally—The clock is working correctly. · working abnormally—The clock is working incorrectly. |
|
timecode |
Time code. |
|
Total associations |
Total number of associations. |
If the device is operating in NTP broadcast/multicast server mode, the display ntp-service sessions command does not display the NTP association created for the broadcast/multicast server. However, the association is included in the total number of associations.
display ntp-service status
Use display ntp-service status to display NTP service status information.
Syntax
display ntp-service status [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Examples
# Display NTP service status information.
<Sysname> display ntp-service status
Clock status: unsynchronized
Clock stratum: 16
Reference clock ID: none
Nominal frequency: 100.0000 Hz
Actual frequency: 100.0000 Hz
Clock precision: 2^17
Clock offset: 0.0000 ms
Root delay: 0.00 ms
Root dispersion: 0.00 ms
Peer dispersion: 0.00 ms
Reference time: 00:00:00.000 UTC Jan 1 1900(00000000.00000000)
Table 3 Command output
|
Field |
Description |
|
Clock status |
Status of the system clock: · Synchronized—The system clock has been synchronized. · Unsynchronized—The system clock has not been synchronized. |
|
Clock stratum |
Stratum level of the system clock. |
|
Reference clock ID |
When the system clock is synchronized to a remote time server, this field indicates the address of the remote time server. When the system clock is synchronized to a local reference source, this field indicates the address of the local clock source: · When the local clock has a stratum level of 1, the value of this field is LOCL. · When the stratum of the local clock has another value, the value of this field is the IP address of the local clock. |
|
Nominal frequency |
Nominal frequency of the local system hardware clock, in Hz. |
|
Actual frequency |
Actual frequency of the local system hardware clock, in Hz. |
|
Clock precision |
Precision of the system clock. |
|
Clock offset |
Offset of the system clock relative to the reference source, in milliseconds. |
|
Root delay |
Roundtrip delay from the local device to the primary reference source, in milliseconds. |
|
Root dispersion |
Maximum error of the system clock relative to the primary reference source, in milliseconds. |
|
Peer dispersion |
Maximum error of the system clock relative to the reference source, in milliseconds. |
|
Reference time |
Reference timestamp. |
display ntp-service trace
Use display ntp-service trace to display brief information about each NTP server on the path from the local device to the primary reference source.
Syntax
display ntp-service trace [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Usage guidelines
The display ntp-service trace command takes effect only when the local device and all the devices on the NTP server chain can reach one another. Otherwise, this command is unable to display all the NTP servers on the NTP chain due to timeout.
Examples
# Display brief information about each NTP server on the path from the local device to the primary reference source.
<Sysname> display ntp-service trace
server 127.0.0.1,stratum 2, offset -0.013500, synch distance 0.03154
server 133.1.1.1,stratum 1, offset -0.506500, synch distance 0.03429
refid LOCL
The output shows an NTP server chain for server 127.0.0.1: Server 127.0.0.1 is synchronized to server 133.1.1.1, and server 133.1.1.1 is synchronized to the local clock source.
Table 4 Command output
|
Field |
Description |
|
server |
IP address of the NTP server. |
|
stratum |
Stratum level of the corresponding system clock. |
|
offset |
Clock offset relative to the upper-level clock, in seconds. |
|
synch distance |
Synchronization distance (in seconds) relative to the upper-level clock. It is calculated from dispersion and roundtrip delay values. |
|
refid |
Identifier of the primary reference source. When the stratum level of the primary reference clock is 0, it is displayed as LOCL. Otherwise, it is displayed as the IP address of the primary reference clock. |
ntp-service access
Use ntp-service access to configure the access-control right for the peer devices to access the NTP services of the local device.
Use undo ntp-service access to remove the configured NTP service access-control right to the local device.
Syntax
ntp-service access { peer | query | server | synchronization } acl-number
undo ntp-service access { peer | query | server | synchronization }
Default
The access-control right for the peer devices to access the NTP services of the local device is set to peer.
Views
System view
Default command level
3: Manage level
Parameters
peer: Permits full access. This level of right permits a remote device to use the local device as a synchronization source and perform control query, and it also permits the local device to use the remote device as a synchronization source.
query: Permits control query. This level of right permits a remote NTP device to get NTP-related information (such as NTP states, authentication status, and clock sources) from the local device, but it prevents the local device from becoming a synchronization source of the remote NTP device.
server: Permits server access and query. This level of right permits a remote device to use the local device as a synchronization source and perform control query, but it does not permit synchronization by the remote device.
synchronization: Permits server access only. This level of right permits a remote device to use the local device as a synchronization source, but it does not permit the remote device to perform control query.
acl-number: Specifies a basic ACL number in the range of 2000 to 2999.
Usage guidelines
NTP service access-control rights are peer, server, synchronization, and query, from highest to lowest. When the device receives an NTP message, it performs an access-control right match and uses the first matching right to process the message. If no matching right is found, the device drops the NTP message.
The ntp-service access command provides only a minimum degree of security protection. Identity authentication is more secure. The related command is ntp-service authentication enable.
Before specifying an ACL number in the ntp-service access command, make sure you have created and configured this ACL.
Examples
# Configure the peer devices on subnet 10.10.0.0/16 to have the full access right to the local device.
<Sysname> system-view
[Sysname] acl number 2001
[Sysname-acl-basic-2001] rule permit source 10.10.0.0 0.0.255.255
[Sysname-acl-basic-2001] quit
[Sysname] ntp-service access peer 2001
ntp-service authentication enable
Use ntp-service authentication enable to enable NTP authentication.
Use undo ntp-service authentication enable to disable NTP authentication.
Syntax
ntp-service authentication enable
undo ntp-service authentication enable
Default
NTP authentication is disabled.
Views
System view
Default command level
3: Manage level
Examples
# Enable NTP authentication.
<Sysname> system-view
[Sysname] ntp-service authentication enable
Related commands
· ntp-service authentication-keyid
· ntp-service reliable authentication-keyid
ntp-service authentication-keyid
Use ntp-service authentication-keyid to set an NTP authentication key.
Use undo ntp-service authentication-keyid to remove the NTP authentication key.
Syntax
ntp-service authentication-keyid keyid authentication-mode md5 [ cipher | simple ] value [ acl ipv4-acl-number ] *
undo ntp-service authentication-keyid keyid
Default
No NTP authentication key is set.
Views
System view
Default command level
3: Manage level
Parameters
keyid: Specifies an authentication key ID in the range of 1 to 4294967295.
cipher: Sets a ciphertext key.
simple: Sets a plaintext key. This key will be saved in cipher text for secrecy.
value: Specifies the MD5 authentication key string. This argument is case sensitive. If simple is specified, it is a string of 1 to 32 characters. If cipher is specified, it is a string of 1 to 73 characters. If neither cipher nor simple is specified, it is a plaintext key string.
acl ipv4-acl-number: Specifies an IPv4 basic ACL by its number in the range of 2000 to 2999. Only the devices permitted by the ACL can use the key ID for authentication.
Usage guidelines
In a security-demanding network, the NTP authentication feature should be enabled for a system running NTP. This feature enhances network security by using the client-server key authentication, which prohibits a client from synchronizing with a device that has failed authentication.
The key ID in the message from the peer device identifies the key used for authentication. The acl ipv4-acl-number option is used to identify the peer device that can use the key ID.
To ensure a successful NTP authentication, configure the same authentication key ID and key on the time server and client. Make sure the peer device is allowed to use the key ID for authentication on the local device.
After you specify an NTP authentication key, configure the key as a trusted key by using the ntp-service reliable authentication-keyid command.
For security purposes, all keys, including keys configured in plain text, are saved in cipher text.
The system supports only the MD5 algorithm for key authentication.
A maximum of 1,024 keys can be set for each device.
If an NTP authentication key is specified as a trusted key, the key automatically changes to untrusted after you delete the key. In this case, you do not need to execute the undo ntp-service reliable authentication-keyid command.
Examples
# Set an MD5 authentication key, with the key ID of 10 and key value of BetterKey.
<Sysname> system-view
[Sysname] ntp-service authentication enable
[Sysname] ntp-service authentication-keyid 10 authentication-mode md5 BetterKey
Related commands
ntp-service reliable authentication-keyid
ntp-service broadcast-client
Use ntp-service broadcast-client to configure the device to operate in NTP broadcast client mode and use the current interface to receive NTP broadcast packets.
Use undo ntp-service broadcast-client to remove the configuration.
Syntax
ntp-service broadcast-client
undo ntp-service broadcast-client
Default
The device does not operate in any NTP operation mode.
Views
Interface view
Default command level
3: Manage level
Examples
# Configure the device to operate in broadcast client mode and receive NTP broadcast messages on VLAN-interface 1.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] ntp-service broadcast-client
ntp-service broadcast-server
Use ntp-service broadcast-server to configure the device to operate in NTP broadcast server mode and use the current interface to send NTP broadcast packets.
Use undo ntp-service broadcast-server to remove the configuration.
Syntax
ntp-service broadcast-server [ authentication-keyid keyid | version number ] *
undo ntp-service broadcast-server
Default
The device does not operate in any NTP operation mode.
Views
Interface view
Default command level
3: Manage level
Parameters
authentication-keyid keyid: Specifies the key ID to be used for sending broadcast messages to broadcast clients, where keyid is in the range of 1 to 4294967295. This parameter is not necessary if authentication is not required.
version number: Specifies the NTP version. The value range for the number argument is 1 to 3, and the default is 4.
Examples
# Configure the device to operate in broadcast server mode and send NTP broadcast messages on VLAN-interface 1, using key 4 for encryption, and set the NTP version to 3.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] ntp-service broadcast-server authentication-keyid 4 version 3
ntp-service in-interface disable
Use ntp-service in-interface disable to disable an interface from receiving NTP messages.
Use undo ntp-service in-interface disable to restore the default.
Syntax
ntp-service in-interface disable
undo ntp-service in-interface disable
Default
All interfaces are enabled to receive NTP messages.
Views
Interface view
Default command level
3: Manage level
Examples
# Disable VLAN-interface 1 from receiving NTP messages.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] ntp-service in-interface disable
ntp-service max-dynamic-sessions
Use ntp-service max-dynamic-sessions to set the maximum number of dynamic NTP associations that can be established on the device.
Use undo ntp-service max-dynamic-sessions to restore the maximum number of dynamic NTP associations to the system default.
Syntax
ntp-service max-dynamic-sessions number
undo ntp-service max-dynamic-sessions
Default
The number is 100.
Views
System view
Default command level
3: Manage level
Parameters
number: Maximum number of dynamic NTP associations that are allowed to be established, in the range of 0 to 100.
Usage guidelines
NTP has the following types of associations:
· Static association—Association that is created in response to a manual NTP command configuration. A static association is removed when the command that triggered the creation of the association is undone.
· Dynamic association—Association that is created in response to an NTP message exchange. A dynamic association is removed if no messages are exchanged over a specific period of time.
All static and dynamic associations are created automatically.
The following describes how an association is established in different operation modes:
· Client/server mode—When the NTP server is specified on the client, the client creates a static association with the server and sends an NTP message to the server. The server responds to the client, but it does not create an association with the client.
· Symmetric active/passive mode—The symmetric-active peer creates a static association when you specify a symmetric-passive peer on it. When receiving an NTP message from the symmetric-active peer, the symmetric-passive peer creates a dynamic association.
· Broadcast or multicast mode—When you enable a broadcast or multicast server, a static association is created. When receiving an NTP message from the server, the clients creates a dynamic association.
The device supports a maximum of 128 concurrent associations, including static associations and dynamic associations.
Examples
# Set the maximum number of dynamic NTP associations allowed to be established to 50.
<Sysname> system-view
[Sysname] ntp-service max-dynamic-sessions 50
ntp-service multicast-client
Use ntp-service multicast-client to configure the device to operate in NTP multicast client mode and use the current interface to receive NTP multicast packets.
Use undo ntp-service multicast-client to remove the configuration.
Syntax
ntp-service multicast-client [ ip-address ]
undo ntp-service multicast-client [ ip-address ]
Default
The device does not operate in any NTP operation mode.
Views
Interface view
Default command level
3: Manage level
Parameters
ip-address: Specifies the multicast IP address. The default is 224.0.1.1.
Examples
# Configure the device to operate in multicast client mode and receive NTP multicast messages on VLAN-interface 1, and set the multicast address to 224.0.1.1.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] ntp-service multicast-client 224.0.1.1
ntp-service multicast-server
Use ntp-service multicast-server to configure the device to operate in NTP multicast server mode and use the current interface to send NTP multicast packets.
Use undo ntp-service multicast-server to remove the configuration.
Syntax
ntp-service multicast-server [ ip-address ] [ authentication-keyid keyid | ttl ttl-number | version number ] *
undo ntp-service multicast-server [ ip-address ]
Default
The device does not operate in any NTP operation mode.
Views
Interface view
Default command level
3: Manage level
Parameters
ip-address: Specifies the multicast IP address. The default is 224.0.1.1.
ttl ttl-number: Specifies the TTL of NTP multicast messages. The value range for the ttl-number argument is 1 to 255, and the default is 16.
version number: Specifies the NTP version. The value range for the number argument is 1 to 4, and the default is 3.
Examples
# Configure the device to operate in multicast server mode and send NTP multicast messages on VLAN-interface 1 to the multicast address 224.0.1.1, using key 4 for encryption, and set the NTP version to 3.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] ntp-service multicast-server 224.0.1.1 version 3 authentication-keyid 4
ntp-service refclock-master
Use ntp-service refclock-master to configure the local clock as a reference source for other devices.
Use undo ntp-service refclock-master to remove the configuration.
Syntax
ntp-service refclock-master [ ip-address ] [ stratum ]
undo ntp-service refclock-master [ ip-address ]
Default
The local clock does not work as a synchronization source.
Views
System view
Default command level
3: Manage level
Parameters
ip-address: IP address of the local clock, which is 127.127.1.u, where u is the NTP process ID that is in the range of 0 to 3. If you do not specify ip-address, it defaults to 127.127.1.0.
stratum: Specifies the stratum level of the local clock, in the range of 1 to 15. The default is 8.
Usage guidelines
The stratum level of a clock defines the clock precision. NTP supports 16 stratums. The clock precision decreases from stratum 1 to stratum 16. A stratum 1 clock has the highest precision, and a stratum 16 clock is always in unsynchronized state.
Examples
# Specify the local clock as the reference source, with the stratum level 3.
<Sysname> system-view
[Sysname] ntp-service refclock-master 3
ntp-service reliable authentication-keyid
Use ntp-service reliable authentication-keyid to specify that the created authentication key is a trusted key. When NTP authentication is enabled, a client can be synchronized only to a server that can provide a trusted authentication key.
Use undo ntp-service reliable authentication-keyid to remove the configuration.
Syntax
ntp-service reliable authentication-keyid keyid
undo ntp-service reliable authentication-keyid keyid
Default
No authentication key is configured to be trusted.
Views
System view
Default command level
3: Manage level
Parameters
keyid: Specifies an authentication key number in the range of 1 to 4294967295.
Examples
# Enable NTP authentication, specify to use MD5 encryption algorithm, with the key ID of 37 and key value of BetterKey.
<Sysname> system-view
[Sysname] ntp-service authentication enable
[Sysname] ntp-service authentication-keyid 37 authentication-mode md5 BetterKey
# Specify this key as a trusted key.
[Sysname] ntp-service reliable authentication-keyid 37
ntp-service source-interface
Use ntp-service source-interface to specify the source interface for NTP messages.
Use undo ntp-service source-interface to restore the default.
Syntax
ntp-service source-interface interface-type interface-number
undo ntp-service source-interface
Default
No source interface is specified for NTP messages, and the system uses the IP address of the interface determined by the matched route as the source IP address of NTP messages.
Views
System view
Default command level
3: Manage level
Parameters
interface-type interface-number: Specifies an interface by its type and number.
Usage guidelines
If you do not want the IP address of a specific interface on the local device to become the destination address of response messages, use this command to specify the source interface for NTP messages so that the source IP address in NTP messages is the primary IP address of this interface.
If the specified source interface goes down, NTP searches the routing table for the outgoing interface, and uses the primary IP address of the outgoing interface as the source IP address.
Examples
# Specify the source interface of NTP messages as VLAN-interface 1.
<Sysname> system-view
[Sysname] ntp-service source-interface vlan-interface 1
ntp-service unicast-peer
Use ntp-service unicast-peer to designate a symmetric-passive peer for the device.
Use undo ntp-service unicast-peer to remove the symmetric-passive peer designated for the device.
Syntax
ntp-service unicast-peer { ip-address | peer-name } [ authentication-keyid keyid | priority | source-interface interface-type interface-number | version number ] *
undo ntp-service unicast-peer { ip-address | peer-name }
Default
No symmetric-passive peer is designated for the device.
Views
System view
Default command level
3: Manage level
Parameters
ip-address: IP address of the symmetric-passive peer. It must be a unicast address and not a broadcast address, a multicast address or the IP address of the local clock.
peer-name: Host name of the symmetric-passive peer, a string of 1 to 20 characters.
authentication-keyid keyid: Specifies the key ID to be used for sending NTP messages to the peer, where keyid is in the range of 1 to 4294967295.
priority: Specifies the peer designated by ip-address or peer-name as the first choice under the same condition.
source-interface interface-type interface-number: Specifies the source interface for NTP messages. In an NTP message the local device sends to its peer, the source IP address is the primary IP address of this interface. The interface-type interface-number argument represents the interface type and number.
version number: Specifies the NTP version. The value range for the number argument is 1 to 4, and the default is 3.
Examples
# Designate the device with the IP address of 10.1.1.1 as the symmetric-passive peer of the device, configure the device to run NTP version 3, and specify the source interface of NTP messages as VLAN-interface 1.
<Sysname> system-view
[Sysname] ntp-service unicast-peer 10.1.1.1 version 3 source-interface vlan-interface 1
ntp-service unicast-server
Use ntp-service unicast-server to designate an NTP server for the device.
Use undo ntp-service unicast-server to remove an NTP server designated for the device.
Syntax
ntp-service unicast-server { ip-address | server-name } [ authentication-keyid keyid | priority | source-interface interface-type interface-number | version number ] *
undo ntp-service unicast-server { ip-address | server-name }
Default
No NTP server is designated for the device.
Views
System view
Default command level
3: Manage level
Parameters
ip-address: IP address of the NTP server. It must be a unicast address and not a broadcast address, a multicast address or the IP address of the local clock.
server-name: Host name of the NTP server, a string of 1 to 20 characters.
authentication-keyid keyid: Specifies the key ID to be used for sending NTP messages to the NTP server, where keyid is in the range of 1 to 4294967295.
priority: Specifies this NTP server as the first choice under the same condition.
source-interface interface-type interface-number: Specifies the source interface for NTP messages. In an NTP message the local device sends to the NTP server, the source IP address is the primary IP address of this interface. The interface-type interface-number argument represents the interface type and number.
version number: Specifies the NTP version. The value range for the number argument is 1 to 4, and the default is 3.
Examples
# Designate NTP server 10.1.1.1 for the device, and configure the device to run NTP version 3.
<Sysname> system-view
[Sysname] ntp-service unicast-server 10.1.1.1 version 3
