No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

FAQ - Important Notes for Configuring NTP Keys on NE5000E

Publication Date:  2013-09-24 Views:  94 Downloads:  0
Issue Description

1. If an NE5000E that functions as an NTP server also is a client to synchronize with an external clock source, multiple keys are configured for authentication. How to distinguish the uplink and downlink NTP clock synchronization packets on NE5000E?

2. Must the ntp-service reliable authentication-keyid command be configured only at the server side or at both the server side and client side?
Handling Process
None
Root Cause
None
Solution

1. Multiple keys can be configured on one device. The device checks whether a received NTP packet carries a key among its configured keys.

2. The ntp-service reliable authentication-keyid command must be configured at both the server side and client side.

The configurations are as follows:

DEVICE1-------------NE5000E-------------DEVICE2

DEVICE1:-----level-1 clock

 ntp-service authentication enable
 ntp-service authentication-keyid 11 authentication-mode md5 E'R),JQEOU_Q=^Q`MAF
4<1!!
 
ntp-service reliable authentication-keyid 11
 ntp-service refclock-master  5 

NE5000E: ----------level-2 clock, synchronizing with the level-1 reference clock using key 11

 ntp-service authentication enable
 ntp-service authentication-keyid 11 authentication-mode md5 E'R),JQEOU_Q=^Q`MAF
4<1!!

ntp-service authentication-keyid 22 authentication-mode md5 GF[&GER;[G_Q=^Q`MAF//Configure two keys.

4<1!!
 ntp-service reliable authentication-keyid 11
 ntp-service reliable authentication-keyid 22
 ntp-service unicast-server 188.0.3.1 authentication-keyid 11

DEVICE2: ----------level-3 clock, synchronizing with the level-2 reference clock using key 22

 ntp-service authentication enable
 ntp-service authentication-keyid 22 authentication-mode md5 GF[&GER;[G_Q=^Q`MAF
4<1!!
 ntp-service reliable authentication-keyid 22
 ntp-service unicast-server 188.0.3.2 authentication-keyid 22

3. As a client, a device transmits a packet carrying a key ID to its homing server. Upon receiving the packet, the server searches for the key ID among its valid key IDs. If the key ID exists, the server transmits a response packet to the client and performs clock synchronization. If the key ID does not exist, synchronization fails.

Therefore, uplink and downlink keys do not need to be distinguished. Whether ntp-service unicast-server 188.0.3.1 authentication-keyid 11 contains any key ID determines whether the uplink and downlink keys are the same.

If DEVICE1 and DEVICE2 have the same key, only one key is required for the uplink and downlink NTP packets.
Suggestions
None

END