No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


S12700 V200R010C00 Configuration Guide - Device Management

This document describes the principles and configurations of the Device Management features, and provides configuration examples of these features.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring KOD

Configuring KOD


KOD is a modern access control technology implemented in NTPv4. It is used by the server to provide information to the client. The information provided includes status reports and access control.

With KOD enabled on the server, the server will send either the DENY or RATE kiss code to the client, according to the operating status of the system.

  • When receiving the kiss code DENY, the client terminates all connections to the server, and stops sending packets to the server.
  • When receiving the kiss code RATE, the client immediately reduces its polling interval to the server. The client will continue to reduce the interval if receiving subsequent RATE kiss codes.

KOD supports unicast client/server, symmetric peer, and manycast modes.

KOD functions only in NTPv4.

The following configuration is performed on the server.


  1. Run:


    The system view is displayed.

  2. Run:

    ntp-service kod-enable

    The KOD function is enabled.

    By default, the KOD function is disabled.

  3. Configure the basic ACL.

    Before configuring the access control authority, create a basic ACL. For the creation procedure, see ACL Configuration in the S12700 V200R010C00 Configuration Guide - Security.

  4. Run:

    ntp-service access limited { acl-number | ipv6 acl6-number } *

    Control on the incoming NTP packet rate is enabled.

    By default, control on the incoming NTP packet rate is disabled.


    Before enabling control on the rate of incoming NTP packets, check the ACL rule configuration. When the ACL rule is deny, the server sends the kiss code DENY. When the ACL is permit and the rate of incoming NTP packets reaches the upper threshold, the server sends the kiss code RATE.

  5. Run:

    ntp-service discard { min-interval min-interval-val | avg-interval avg-interval-val } * 

    The minimum inter-packet interval and the average inter-packet interval of NTP are configured.

    By default, the minimum inter-packet interval of NTP is set to the first power of 2 in seconds, namely, 2 seconds, and the average inter-packet interval of NTP is set to the fifth power of 2 in seconds, namely, 32 seconds.

Updated: 2019-08-21

Document ID: EDOC1000142080

Views: 108675

Downloads: 144

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Previous Next