No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NE40E-M2 V800R010C10SPC500 Configuration Guide - System Management 01

This is NE40E-M2 V800R010C10SPC500 Configuration Guide - System Management
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring NTP Authentication in Broadcast Mode

Example for Configuring NTP Authentication in Broadcast Mode

On a LAN, the device with high clock precision functions as the NTP server, and other devices are synchronized to the clock of the NTP server. In the broadcast mode, you do not need to specify a server for the client, and the client listens to packets sent from the broadcast server in real time.

Networking Requirements

As shown in Figure 5-5,

  • Device C and Device D are in the same network segment; Device A is in another network segment; Device F connects the two network segments.

  • Device C functions as the NTP broadcast server and its clock is the NTP master clock with the stratum being 3. Broadcast packets are sent from GE 0/1/0.

  • Device D and Device A sense the broadcast packets respectively from GE 0/1/0 of them.

  • Enable NTP authentication on Device A, Device C and Device D.

Figure 5-5 Configuring the NTP broadcast mode

NOTE:

Interfaces 1 and Interface 2 in this example are GE 0/1/0 and GE 0/2/0 respectively.

Precautions

Before configuring key at the client and server side, ensure the key already exists.

Configuration Roadmap

The configuration roadmap is as follows:

  1. Configure Device C as an NTP broadcast server.

  2. Configure Device A and Device D as the NTP broadcast clients.

  3. Configure NTP authentication on Device A, Device C, and Device D.

Data Preparation

To complete the configuration, you need the following data:

  • IP addresses of Device A, Device C, Device D, and Device F

  • Stratum of the NTP master clock

  • Authentication key and its ID

Procedure

  1. Configure an IP address for each Router.

    Configure IP addresses based on Figure 5-5. The detailed procedures are not mentioned here.

  2. Configure an NTP broadcast server and enable NTP authentication on it.

    # Set the local clock on Device C as an NTP master clock with stratum being 3.

    <DeviceC> system-view
    [~DeviceC] ntp-service refclock-master 3

    # Enable NTP authentication.

    [*DeviceC] ntp-service authentication enable
    [*DeviceC] ntp-service authentication-keyid 16 authentication-mode md5 Hello123
    [*DeviceC] ntp-service reliable authentication-keyid 16

    # Configure Device C to be an NTP broadcast server. Broadcast packets are encrypted by using the authentication key ID 16 and then sent from GE 0/1/0.

    [*DeviceC] interface gigabitethernet 0/1/0
    [*DeviceC-GigabitEthernet0/1/0] ntp-service broadcast-server authentication-keyid 16
    [*DeviceC-GigabitEthernet0/1/0] commit
    [~DeviceC-GigabitEthernet0/1/0] quit

  3. Configure the NTP broadcast client Device D on the same network segment as that of the NTP server.

    # Enable NTP authentication.

    <DeviceD> system-view
    [~DeviceD] ntp-service authentication enable
    [*DeviceD] ntp-service authentication-keyid 16 authentication-mode md5 Hello123
    [*DeviceD] ntp-service reliable authentication-keyid 16

    # Configure Device D to be the NTP broadcast client. Device D listens to the broadcast packets on GE 0/1/0.

    [*DeviceD] interface gigabitethernet 0/1/0
    [*DeviceD-GigabitEthernet0/1/0] ntp-service broadcast-client
    [*DeviceD-GigabitEthernet0/1/0] commit
    [~DeviceD-GigabitEthernet0/1/0] quit

    After configurations, the clock on Device D is synchronized to the clock on Device C.

  4. Configure the NTP broadcast client Device A in a network segment different from that of the NTP server.

    # Enable NTP authentication.

    [~DeviceA] ntp-service authentication enable
    [*DeviceA] ntp-service authentication-keyid 16 authentication-mode md5 Hello123
    [*DeviceA] ntp-service reliable authentication-keyid 16

    # Configure Device A to be the NTP broadcast client. Device A listens to the NTP broadcast packets on GE 0/1/0.

    [*DeviceA] interface gigabitethernet 0/1/0
    [*DeviceA-GigabitEthernet0/1/0] ntp-service broadcast-client
    [*DeviceA-GigabitEthernet0/1/0] commit
    [~DeviceA-GigabitEthernet0/1/0]quit

  5. Verify the configuration.

    After the configurations are complete, the clock on Device D can be synchronized to the clock on Device C. The clock on Device A, however, fails to be synchronized because Device A and Device C are in different network segments and Device A cannot sense the broadcast packets sent from Device C.

    Check the NTP status on Device D and you can find that the clock status is "synchronized". That is, clock synchronization completes. The stratum of the clock on Device D is 4, one stratum lower than that on Device C.

    [~DeviceD] display ntp-service status
     clock status: synchronized
     clock stratum: 4
     reference clock ID: 3.0.1.31
     nominal frequency: 60.0002 Hz
     actual frequency: 60.0002 Hz
     clock precision: 2^18
     clock offset: 0.0000 ms
     root delay: 0.00 ms
     root dispersion: 0.42 ms
     peer dispersion: 0.00 ms
     reference time: 12:17:21.773 UTC Mar 7 2006(C7B7F851.C5EAF25B)
     synchronization state: clock synchronized

Configuration Files

  • Device A configuration file

    #
     sysname DeviceA
    #
    ntp-service authentication-keyid 16 authentication-mode md5 cipher %#%#JA!v6M22=Gg\{>U.lx%#)c%yY}0*"/`5mi><QS)L%#%#
    ntp-service reliable authentication-keyid 16
    ntp-service authentication enable
    #
    interface GigabitEthernet0/1/0
     undo shutdown
     ip address 1.0.1.11 255.255.255.0
     ntp-service broadcast-client
    #
    ospf 1
     area 0.0.0.0
      network 1.0.1.0 0.0.0.255
    #
    return
  • Device C configuration file

    #
     sysname DeviceC
    #
    ntp-service authentication-keyid 16 authentication-mode md5 cipher %#%#>hD8))_H-XZVut2u3!_0lq3,+Ph=:OE}pX;T2M'9%#%#
    ntp-service reliable authentication-keyid 16
    ntp-service refclock-master 3
    ntp-service authentication enable
    #
    interface GigabitEthernet0/1/0
     undo shutdown
     ip address 3.0.1.31 255.255.255.0
     ntp-service broadcast-server authentication-keyid 16
    #
    return
  • Device D configuration file

    #
     sysname DeviceD
    #
    ntp-service authentication-keyid 16 authentication-mode md5 cipher %#%#m:fVJfk*r&3x"1J`21^K`Y;LH;B+g(t2<ZX^}Q_~%#%#
    ntp-service reliable authentication-keyid 16
    ntp-service authentication enable
    #
    interface GigabitEthernet0/1/0
     undo shutdown
     ip address 3.0.1.32 255.255.255.0
     ntp-service broadcast-client
    #
    Return
  • Device F configuration file

    #
     sysname DeviceF
    #
    interface GigabitEthernet0/1/0
     undo shutdown
     ip address 1.0.1.2 255.255.255.0
    #
    interface GigabitEthernet0/2/0
     undo shutdown
     ip address 3.0.1.2 255.255.255.0
    #
    ospf 1
     area 0.0.0.0
      network 1.0.1.0 0.0.0.255
      network 3.0.1.0 0.0.0.255
    #
    return
Download
Updated: 2019-01-02

Document ID: EDOC1100058392

Views: 14814

Downloads: 24

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next