Configuring NTP authentication in multicast mode
To ensure a successful NTP authentication, configure the same authentication key ID, algorithm, and key on the multicast server and client. Make sure the peer device is allowed to use the authentication ID.
To configure NTP authentication for a multicast client:
Step | Command | Remarks |
---|---|---|
1. Enter system view. | system-view | N/A |
2. Enable NTP authentication. | ntp-service authentication enable | By default, NTP authentication is disabled. |
3. Configure an NTP authentication key. | ntp-service authentication-keyid keyid authentication-mode { hmac-sha-1 | hmac-sha-256 | hmac-sha-384 | hmac-sha-512 | md5 } { cipher | simple } string [ acl ipv4-acl-number | ipv6 acl ipv6-acl-number ] * | By default, no NTP authentication key exists. |
4. Configure the key as a trusted key. | ntp-service reliable authentication-keyid keyid | By default, no authentication key is configured as a trusted key. |
To configure NTP authentication for a multicast server:
Step | Command | Remarks |
---|---|---|
1. Enter system view. | system-view | N/A |
2. Enable NTP authentication. | ntp-service authentication enable | By default, NTP authentication is disabled. |
3. Configure an NTP authentication key. | ntp-service authentication-keyid keyid authentication-mode { hmac-sha-1 | hmac-sha-256 | hmac-sha-384 | hmac-sha-512 | md5 } { cipher | simple } string [ acl ipv4-acl-number | ipv6 acl ipv6-acl-number ] * | By default, no NTP authentication key exists. |
4. Configure the key as a trusted key. | ntp-service reliable authentication-keyid keyid | By default, no authentication key is configured as a trusted key. |
5. Enter interface view. | interface interface-type interface-number | N/A |
6. Associate the specified key with the multicast server. |
| By default, no multicast server is associated with the specified key. |
NTP authentication results differ when different configurations are performed on broadcast client and server. For more information, see Table 6. (N/A in the table means that whether the configuration is performed does not make any difference.)
Table 6: NTP authentication results
Multicast server | Multicast client | |||
---|---|---|---|---|
Enable NTP authentication | Specify the server and key | Trusted key | Enable NTP authentication | Trusted key |
Successful authentication | ||||
Yes | Yes | Yes | Yes | Yes |
Failed authentication | ||||
Yes | Yes | Yes | Yes | No |
Yes | Yes | Yes | No | N/A |
Yes | Yes | No | Yes | N/A |
Yes | No | N/A | Yes | N/A |
No | N/A | N/A | Yes | N/A |
Authentication not performed | ||||
Yes | Yes | No | No | N/A |
Yes | No | N/A | No | N/A |
No | N/A | N/A | No | N/A |