NTP configuration commands 1

display ntp-service sessions 1

display ntp-service status 5

display ntp-service trace· 7

ntp-service access 8

ntp-service authentication enable· 9

ntp-service authentication-keyid· 9

ntp-service broadcast-client 10

ntp-service broadcast-server 11

ntp-service in-interface disable· 12

ntp-service max-dynamic-sessions 12

ntp-service multicast-client 13

ntp-service multicast-server 13

ntp-service refclock-master 14

ntp-service reliable authentication-keyid· 15

ntp-service source-interface· 16

ntp-service unicast-peer 16

ntp-service unicast-server 17

 

display ntp-service sessions

Syntax

display ntp-service sessions [ verbose ] [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

verbose: Displays detailed information about all NTP sessions.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.

begin: Displays the first line that matches the specified regular expression and all lines that follow.

exclude: Displays all lines that do not match the specified regular expression.

include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use the display ntp-service sessions command to view information about all NTP sessions.

Examples

# View the brief information of all NTP sessions.

<Sysname> display ntp-service sessions

       source          reference       stra reach poll  now offset  delay disper

********************************************************************************

[12345]127.127.1.0     127.127.1.0        3     1   64   33    0.0    0.0    0.0

note: 1 source(master),2 source(peer),3 selected,4 candidate,5 configured

Total associations :  1

Table 1 Output description

Field	Description
source	IP address of the clock source
reference	Reference clock ID of the clock source 1.      If the reference clock is the local clock, the value of this field is related to the value of the stra field: ¡ When the value of the stra field is 0 or 1, this field will be “LOCL”; ¡ When the stra field has another value, this field will be the IP address of the local clock. 2.      If the reference clock is the clock of another device on the network, the value of this field will be the IP address of that device.
stra	Stratum level of the clock source, which determines the clock precision. The value ranges from 1 to 16. The clock precision decreases from stratum 1 to stratum 16. A stratus 1 clock has the highest precision, and a stratum 16 clock is not synchronized and cannot be used as a reference clock.
reach	Reachability count of the clock source. 0 indicates that the clock source in unreachable.
poll	Poll interval in seconds, namely, the maximum interval between successive NTP messages.
now	The length of time from when the last NTP message was received or when the local clock was last updated to the current time The time is in seconds by default. If the time length is greater than 2048 seconds, it is displayed in minutes; if greater than 300 minutes, in hours; if greater than 96 hours, in days.
offset	The offset of the system clock relative to the reference clock, in milliseconds
delay	The roundtrip delay from the local switch to the clock source, in milliseconds
disper	The maximum error of the system clock relative to the reference source.
[12345]	·       1—Clock source selected by the system, namely, the current reference source, with a system clock stratum level less than or equal to 15. ·       2—Stratum level of the clock source is less than or equal to 15. ·       3—This clock source has survived the clock selection algorithm. ·       4—This clock source is a candidate clock source. ·       5—This clock source was created by a configuration command.
Total associations	Total number of associations

 

# View the detailed information about all NTP sessions.

<Sysname> display ntp-service sessions verbose

 clock source: 127.127.1.0

 clock stratum: 3

 clock status: configured, master, sane, valid

 reference clock ID: 127.127.1.0

 local mode: client, local poll: 6

 peer mode: server, peer poll: 6

 offset: 0.0000 ms,delay: 0.00 ms,  disper: 0.02 ms

 root delay: 0.00 ms, root disper: 10.00 ms

 reach: 1, sync dist: 0.010, sync state: 2

 precision: 2^18, version: 3, peer interface: InLoopBack0

 reftime: 10:56:22.442 UTC Aug 7 2009(CE2686D6.71484513)

 orgtime: 10:56:22.442 UTC Aug 7 2009(CE2686D6.71484513)

 rcvtime: 10:56:22.442 UTC Aug 7 2009(CE2686D6.7149E881)

 xmttime: 10:56:22.442 UTC Aug 7 2009(CE2686D6.71464DC2)

 filter delay :  0.00   0.00   0.00   0.00   0.00   0.00   0.00   0.00

 filter offset:  0.00   0.00   0.00   0.00   0.00   0.00   0.00   0.00

 filter disper:  0.00   0.00   0.00   0.00   0.00   0.00   0.00   0.00

 reference clock status: working abnormally

 timecode:

 Total associations : 1

Table 2 Output description

Field	Description
clock source	IP address of the clock source
clock stratum	Stratum level of the clock source, which determines the clock precision. The value range is 1 to 16. The clock precision decreases from stratum 1 to stratum 16. A stratum 1 clock has the highest precision, and a stratum 16 clock is not synchronized and cannot be used as a reference clock.
clock status	Status of the clock source corresponding to this session, including ·       configured—The session was created by a configuration command. ·       dynamic—This session is established dynamically. ·       master—The clock source is the primary reference source of the current system. ·       selected—The clock source has survived the clock selection algorithm. ·       candidate—The clock source is the candidate reference source. ·       sane—The clock source has passed the sane authentication. ·       insane—The clock source has failed the sane authentication. ·       valid—The clock source is valid, which means the clock source meet the following requirements: it has passed the authentication and is being synchronized; its stratum level is valid; its root delay and root dispersion values are within their ranges. ·       invalid—The clock source is invalid. ·       unsynced—The clock source has not been synchronized or the value of the stratum level is invalid.
reference clock ID	Reference clock ID of the clock source 3.      If the reference clock is the local clock, the value of this field is related to the stratum level of the clock source: ¡ When the stratum level of the clock source is 0 or 1, this field is “LOCL”; ¡ When the stratum level of the clock source has another value, this field is the IP address of the local clock. 4.      If the reference clock is the clock of another device on the network, the value of this field is the IP address of that device.
local mode	Operation mode of the local switch, including ·       unspec—The mode is unspecified. ·       active—Active mode. ·       passive—Passive mode. ·       client—Client mode. ·       server—Server mode. ·       bdcast—Broadcast server mode. ·       control—Control query mode. ·       private—Private message mode.
local poll	Poll interval of the local switch, in seconds. The value displayed is a power of 2. For example, if the displayed value is 6, the poll interval of the local switch is 26, that is, 64 seconds.
peer mode	Operation mode of the peer device, including ·       unspec—The mode is unspecified. ·       active—Active mode. ·       passive—Passive mode. ·       client—Client mode. ·       server—Server mode. ·       bdcast—Broadcast server mode. ·       control—Control query mode. ·       private—Private message mode.
peer poll	Poll interval of the peer device, in seconds. The value displayed is a power of 2. For example, if the displayed value is 6, the poll interval of the local switch is 26, that is, 64 seconds.
offset	The offset of the system clock relative to the reference clock, in milliseconds
delay	The roundtrip delay from the local switch to the clock source, in milliseconds
disper	The maximum error of the system clock relative to the reference clock
root delay	The roundtrip delay from the local switch to the primary reference source, in milliseconds
root disper	The maximum error of the system clock relative to the primary reference clock, in milliseconds
reach	Reachability count of the clock source. 0 indicates that the clock source is unreachable.
sync dist	The synchronization distance relative to the upper-level clock, in seconds, and calculated from dispersion and roundtrip delay values.
sync state	State of the state machine The displayed value is an integral that ranges from 0 to 5.
precision	Precision of the system clock
version	NTP version The displayed value is an integral that ranges from 1 to 3.
peer interface	Source interface If the source interface is not specified, this field is wildcard.
reftime	Reference timestamp in the NTP message
orgtime	Originate timestamp in the NTP message
rcvtime	Receive timestamp in the NTP message
xmttime	Transmit timestamp in the NTP message
filter delay	Delay information
filter offset	Offset information
filter disper	Dispersion information
reference clock status	Status of the reference clock, including ·       working normally ·       working abnormally
timecode	Time code
Total associations	Total number of associations

 

NOTE: When a switch is working in NTP broadcast/multicast server mode, using the display ntp-service sessions command on the switch does not display the NTP session information corresponding to the broadcast/multicast server, but the sessions are counted in the total number of associations.

 

display ntp-service status

Syntax

display ntp-service status [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.

begin: Displays the first line that matches the specified regular expression and all lines that follow.

exclude: Displays all lines that do not match the specified regular expression.

include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use the display ntp-service status command to view the NTP service status information.

Examples

# View the NTP service status information.

<Sysname> display ntp-service status

Clock status: unsynchronized

 Clock stratum: 16

 Reference clock ID: none

 Nominal frequency: 100.0000 Hz

 Actual frequency: 100.0000 Hz

 Clock precision: 2^17

 Clock offset: 0.0000 ms

 Root delay: 0.00 ms

 Root dispersion: 0.00 ms

 Peer dispersion: 0.00 ms

 Reference time: 00:00:00.000 UTC Jan 1 1900(00000000.00000000)

Table 3 Output description

Field	Description
Clock status	Status of the system clock, including ·       Synchronized—The system clock has been synchronized. ·       Unsynchronized—The system clock has not been synchronized.
Clock stratum	Stratum level of the system clock
Reference clock ID	When the system clock is synchronized to a remote time server, this field indicates the address of the remote time server. When the system clock is synchronized to a local reference source, this field indicates the address of the local clock source: ·       When the local clock has a stratum level of 1, the value of this field is “LOCL”; ·       When the stratum of the local clock has another value, the value of this field is the IP address of the local clock.
Nominal frequency	The nominal frequency of the local system hardware clock, in Hz
Actual frequency	The actual frequency of the local system hardware clock, in Hz
Clock precision	The precision of the system clock
Clock offset	The offset of the system clock relative to the reference source, in milliseconds
Root delay	The roundtrip delay from the local switch to the primary reference source, in milliseconds
Root dispersion	The maximum error of the system clock relative to the primary reference source, in milliseconds
Peer dispersion	The maximum error of the system clock relative to the reference source, in milliseconds
Reference time	Reference timestamp

 

display ntp-service trace

Syntax

display ntp-service trace [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.

begin: Displays the first line that matches the specified regular expression and all lines that follow.

exclude: Displays all lines that do not match the specified regular expression.

include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use the display ntp-service trace command view the brief information of each NTP server from the local switch back to the primary reference source.

The display ntp-service trace command takes effect only when the local switch and all the devices on the NTP server chain can reach one another. Otherwise, this command is unable to display all the NTP servers on the NTP chain due to timeout.

Examples

# View the brief information of each NTP server from the local switch back to the primary reference source.

<Sysname> display ntp-service trace

 server 127.0.0.1,stratum 2, offset -0.013500, synch distance 0.03154

 server 133.1.1.1,stratum 1, offset -0.506500, synch distance 0.03429

 refid LOCL

The output shows an NTP server chain for server 127.0.0.1: Server 127.0.0.1 is synchronized to server 133.1.1.1, and server 133.1.1.1 is synchronized to the local clock source.

Table 4 Output description

Field	Description
server	IP address of the NTP server
stratum	The stratum level of the corresponding system clock
offset	The clock offset relative to the upper-level clock, in seconds
synch distance	The synchronization distance relative to the upper-level clock, in seconds, and calculated from dispersion and roundtrip delay values.
refid	Identifier of the primary reference source. When the stratum level of the primary reference clock is 0, it is displayed as LOCL; otherwise, it is displayed as the IP address of the primary reference clock.

 

ntp-service access

Syntax

ntp-service access { peer | query | server | synchronization } acl-number

undo ntp-service access { peer | query | server | synchronization }

View

System view

Default level

3: Manage level

Parameters

peer: Permits full access. This level of right permits the peer devices to perform synchronization and control query to the local switch and also permits the local switch to synchronize its clock to that of a peer device. Control query refers to query of NTP status information, such as alarm information, authentication status, and clock source information.

query: Permits control query. This level of right permits the peer devices to perform control query to the NTP service on the local switch but does not permit a peer device to synchronize its clock to that of the local switch.

server: Permits server access and query. This level of right permits the peer devices to perform synchronization and control query to the local switch but does not permit the local switch to synchronize its clock to that of a peer device.

synchronization: Permits server access only. This level of right permits a peer device to synchronize its clock to that of the local switch but does not permit the peer devices to perform control query.

acl-number: Basic ACL number, in the range of 2000 to 2999.

Description

Use the ntp-service access command to configure the access-control right for the peer devices to access the NTP services of the local switch.

Use the undo ntp-service access command to remove the configured NTP service access-control right to the local switch.

By default, the access-control right for the peer devices to access the NTP services of the local switch is set to peer.

From the highest NTP service access-control right to the lowest one are peer, server, synchronization, and query. When a device receives an NTP request, it matches against the access-control right in this order and uses the first matched right. If no matched right is found, the device drops the NTP request.

The ntp-service access command provides only a minimum degree of security protection. A more secure method is identity authentication. The related command is ntp-service authentication enable.

Before specifying an ACL number in the ntp-service access command, make sure you have already created and configured this ACL.

Examples

# Configure the peer devices on subnet 10.10.0.0/16 to have the full access right to the local switch.

<Sysname> system-view

[Sysname] acl number 2001

[Sysname-acl-basic-2001] rule permit source 10.10.0.0 0.0.255.255

[Sysname-acl-basic-2001] quit

[Sysname] ntp-service access peer 2001

ntp-service authentication enable

Syntax

ntp-service authentication enable

undo ntp-service authentication enable

View

System view

Default level

3: Manage level

Parameters

None

Description

Use the ntp-service authentication enable command to enable NTP authentication.

Use the undo ntp-service authentication enable command to disable NTP authentication.

By default, NTP authentication is disabled.

Related commands: ntp-service authentication-keyid and ntp-service reliable authentication-keyid.

Examples

# Enable NTP authentication.

<Sysname> system-view

[Sysname] ntp-service authentication enable

ntp-service authentication-keyid

Syntax

ntp-service authentication-keyid keyid authentication-mode md5 value

undo ntp-service authentication-keyid keyid

View

System view

Default level

3: Manage level

Parameters

keyid: Authentication key ID, which ranges from 1 to 4294967295.

authentication-mode md5 value: Specifies using the MD5 algorithm for key authentication, where value represents authentication key and is a string of 1 to 32 characters.

Description

Use the ntp-service authentication-keyid command to set the NTP authentication key.

Use the undo ntp-service authentication-keyid command to remove the set NTP authentication key.

By default, no NTP authentication key is set.

In a network where there is a high security demand, the NTP authentication feature should be enabled for a system running NTP. This feature enhances the network security by means of the client-server key authentication, which prohibits a client from synchronizing with a device that has failed authentication.

When the NTP authentication key is configured, configure the key as a trusted key by using the ntp-service reliable authentication-keyid command.

 

CAUTION: ·       Presently the system supports only the MD5 algorithm for key authentication. ·       A maximum of 1,024 keys can be set for each switch. ·       If an NTP authentication key is specified as a trusted key, the key automatically changes to untrusted after you delete the key. In this case, you do not need to execute the undo ntp-service reliable authentication-keyid command.

 

Related commands: ntp-service reliable authentication-keyid.

Examples

# Set an MD5 authentication key, with the key ID of 10 and key value of BetterKey.

<Sysname> system-view

[Sysname] ntp-service authentication enable

[Sysname] ntp-service authentication-keyid 10 authentication-mode md5 BetterKey

ntp-service broadcast-client

Syntax

ntp-service broadcast-client

undo ntp-service broadcast-client

View

Interface view

Default level

3: Manage level

Parameters

None

Description

Use the ntp-service broadcast-client command to configure the switch to work in the NTP broadcast client mode and use the current interface to receive NTP broadcast packets.

Use the undo ntp-service broadcast-client command to remove the configuration.

By default, the switch does not work in any NTP operation mode.

Examples

# Configure the switch to work in broadcast client mode and receive NTP broadcast messages on VLAN-interface 1.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] ntp-service broadcast-client

ntp-service broadcast-server

Syntax

ntp-service broadcast-server [ authentication-keyid keyid | version number ] *

undo ntp-service broadcast-server

View

Interface view

Default level

3: Manage level

Parameters

authentication-keyid keyid: Specifies the key ID to be used for sending broadcast messages to broadcast clients, where keyid ranges from 1 to 4294967295. This parameter is not meaningful if authentication is not required.

version number: Specifies the NTP version, where number ranges from 1 to 3 and defaults to 3.

Description

Use the ntp-service broadcast-server command to configure the switch to work in the NTP broadcast server mode and use the current interface to send NTP broadcast packets.

Use the undo ntp-service broadcast-server command to remove the configuration.

By default, the switch does not work in any NTP operation mode.

Examples

# Configure the switch to work in broadcast server mode and send NTP broadcast messages on VLAN-interface 1, using key 4 for encryption, and set the NTP version to 3.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] ntp-service broadcast-server authentication-keyid 4 version 3

ntp-service in-interface disable

Syntax

ntp-service in-interface disable

undo ntp-service in-interface disable

View

Interface view

Default level

3: Manage level

Parameters

None

Description

Use the ntp-service in-interface disable command to disable an interface from receiving NTP messages.

Use the undo ntp-service in-interface disable command to restore the default.

By default, all interfaces are enabled to receive NTP messages.

Examples

# Disable VLAN-interface 1 from receiving NTP messages.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] ntp-service in-interface disable

ntp-service max-dynamic-sessions

Syntax

ntp-service max-dynamic-sessions number

undo ntp-service max-dynamic-sessions

View

System view

Default level

3: Manage level

Parameters

number: Maximum number of dynamic NTP sessions that are allowed to be established, which ranges from 0 to 100.

Description

Use the ntp-service max-dynamic-sessions command to set the maximum number of dynamic NTP sessions that are allowed to be established locally.

Use the undo ntp-service max-dynamic-sessions command to restore the maximum number of dynamic NTP sessions to the system default.

By default, the number is 100.

A single switch can have a maximum of 128 concurrent associations, including static associations and dynamic associations. A static association refers to an association that a user has manually created by using an NTP command, while a dynamic association is a temporary association created by the system during operation. A dynamic association is removed if the system fails to receive messages from it over a specific long time. In client/server mode, for example, when you carry out a command to synchronize the time to a server, the system creates a static association, and the server just responds passively upon the receipt of a message, rather than creating an association (static or dynamic). In symmetric mode, static associations are created at the symmetric-active peer side, and dynamic associations are created at the symmetric-passive peer side. In broadcast or multicast mode, static associations are created at the server side, and dynamic associations are created at the client side.

Examples

# Set the maximum number of dynamic NTP sessions allowed to be established to 50.

<Sysname> system-view

[Sysname] ntp-service max-dynamic-sessions 50

ntp-service multicast-client

Syntax

ntp-service multicast-client [ ip-address ]

undo ntp-service multicast-client [ ip-address ]

View

Interface view

Default level

3: Manage level

Parameters

ip-address: Multicast IP address, which defaults to 224.0.1.1.

Description

Use the ntp-service multicast-client command to configure the switch to work in the NTP multicast client mode and use the current interface to receive NTP multicast packets.

Use the undo ntp-service multicast-client command to remove the configuration.

By default, the switch does not work in any NTP operation mode.

Examples

# Configure the switch to work in the multicast client mode and receive NTP multicast messages on VLAN-interface 1, and set the multicast address to 224.0.1.1.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] ntp-service multicast-client 224.0.1.1

ntp-service multicast-server

Syntax

ntp-service multicast-server [ ip-address ] [ authentication-keyid keyid | ttl ttl-number | version number ] *

undo ntp-service multicast-server [ ip-address ]

View

Interface view

Default level

3: Manage level

Parameters

ip-address: Multicast IP address, which defaults to 224.0.1.1.

authentication-keyid keyid: Specifies the key ID to be used for sending multicast messages to multicast clients, where keyid ranges from 1 to 4294967295. This parameter is not meaningful if authentication is not required.

ttl ttl-number: Specifies the TTL of NTP multicast messages, where ttl-number ranges from 1 to 255 and defaults to 16.

version number: Specifies the NTP version, where number ranges from 1 to 3 and defaults to 3.

Description

Use the ntp-service multicast-server command to configure the switch to work in the NTP multicast server mode and use the current interface to send NTP multicast packets.

Use the undo ntp-service multicast-server command to remove the configuration.

By default, the switch does not work in any NTP operation mode.

Examples

# Configure the switch to work in the multicast server mode and send NTP multicast messages on VLAN-interface 1 to the multicast address 224.0.1.1, using key 4 for encryption, and set the NTP version to 3.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] ntp-service multicast-server 224.0.1.1 version 3 authentication-keyid 4

ntp-service refclock-master

Syntax

ntp-service refclock-master [ ip-address ] [ stratum ]

undo ntp-service refclock-master [ ip-address ]

View

System view

Default level

3: Manage level

Parameters

ip-address: IP address of the local clock, which is 127.127.1.u, where u is the NTP process ID that ranges from 0 to 3. If you do not specify ip-address, it defaults to 127.127.1.0.

stratum: Stratum level of the local clock, which ranges from 1 to 15 and defaults to 8.

Description

Use the ntp-service refclock-master command to configure the local clock as a reference source for other devices.

Use the undo ntp-service refclock-master command to remove the configuration.

 

NOTE: The stratum level of a clock defines the clock precision. The value range is 1 to 16. The clock precision decreases from stratum 1 to stratum 16. A stratum 1 clock has the highest precision, and a stratum 16 clock is not synchronized and cannot be used as a reference clock.

 

Examples

# Specify the local clock as the reference source, with the stratum level of 3.

<Sysname> system-view

[Sysname] ntp-service refclock-master 3

ntp-service reliable authentication-keyid

Syntax

ntp-service reliable authentication-keyid keyid

undo ntp-service reliable authentication-keyid keyid

View

System view

Default level

3: Manage level

Parameters

keyid: Authentication key number, which ranges from 1 to 4294967295.

Description

Use the ntp-service reliable authentication-keyid command to specify that the created authentication key is a trusted key. When NTP authentication is enabled, a client can be synchronized only to a server that can provide a trusted authentication key.

Use the undo ntp-service reliable authentication-keyid command to remove the configuration.

By default, no authentication key is configured to be trusted.

Examples

# Enable NTP authentication, specify using MD5 encryption algorithm, with the key ID of 37 and key value of BetterKey.

<Sysname> system-view

[Sysname] ntp-service authentication enable

[Sysname] ntp-service authentication-keyid 37 authentication-mode md5 BetterKey

# Specify this key as a trusted key.

[Sysname] ntp-service reliable authentication-keyid 37

ntp-service source-interface

Syntax

ntp-service source-interface interface-type interface-number

undo ntp-service source-interface

View

System view

Default level

3: Manage level

Parameters

interface-type interface-number: Specifies an interface by its interface type and interface number.

Description

Use the ntp-service source-interface command to specify the source interface for NTP messages.

Use the undo ntp-service source-interface command to restore the default.

By default, no source interface is specified for NTP messages, and the system uses the IP address of the interface determined by the matched route as the source IP address of NTP messages.

If you do not want the IP address of a certain interface on the local switch to become the destination address of response messages, use this command to specify the source interface for NTP messages so that the source IP address in NTP messages is the primary IP address of this interface.

Examples

# Specify the source interface of NTP messages as VLAN-interface 1.

<Sysname> system-view

[Sysname] ntp-service source-interface vlan-interface 1

ntp-service unicast-peer

Syntax

ntp-service unicast-peer [ vpn-instance vpn-instance-name ] { ip-address | peer-name } [ authentication-keyid keyid | priority | source-interface interface-type interface-number | version number ] *

undo ntp-service unicast-peer [ vpn-instance vpn-instance-name ] { ip-address | peer-name }

View

System view

Default level

3: Manage level

Parameters

vpn-instance vpn-instance-name: Specifies the MPLS L3VPN to which the symmetric-passive peer belongs, where vpn-instance-name is a case-sensitive string of 1 to 31 characters. If the symmetric-passive peer is on the public network, do not specify this option.

ip-address: IP address of the symmetric-passive peer. It must be a unicast address, rather than a broadcast address, a multicast address or the IP address of the local clock.

peer-name: Host name of the symmetric-passive peer, which is a string of 1 to 20 characters.

authentication-keyid keyid: Specifies the key ID to be used for sending NTP messages to the peer, where keyid ranges from 1 to 4294967295.

priority: Specifies the peer designated by ip-address or peer-name as the first choice under the same condition.

source-interface interface-type interface-number: Specifies the source interface for NTP messages. In an NTP message the local switch sends to its peer, the source IP address is the primary IP address of this interface. interface-type interface-number represents the interface type and number.

version number: Specifies the NTP version, where number ranges from 1 to 3 and defaults to 3.

Description

Use the ntp-service unicast-peer command to designate a symmetric-passive peer for the switch.

Use the undo ntp-service unicast-peer command to remove the symmetric-passive peer designated for the switch.

By default, no symmetric-passive peer is designated for the switch.

 

NOTE: ·       To synchronize the PE to a PE or CE in a VPN, provide vpn-instance vpn-instance-name in your command. ·       If you include vpn-instance vpn-instance-name in the undo ntp-service unicast-peer command, the command removes the symmetric-passive peer with the IP address of ip-address in the specified VPN. If you do not include vpn-instance vpn-instance-name in this command, the command removes the symmetric-passive peer with the IP address of ip-address in the public network.

 

Examples

# Designate the switch with the IP address of 10.1.1.1 as the symmetric-passive peer of the switch, configure the switch to run NTP version 3, and specify the source interface of NTP messages as VLAN-interface 1.

<Sysname> system-view

[Sysname] ntp-service unicast-peer 10.1.1.1 version 3 source-interface vlan-interface 1

ntp-service unicast-server

Syntax

ntp-service unicast-server [ vpn-instance vpn-instance-name ] { ip-address | server-name } [ authentication-keyid keyid | priority | source-interface interface-type interface-number | version number  ] *

undo ntp-service unicast-server [ vpn-instance vpn-instance-name ] { ip-address | server-name }

View

System view

Default level

3: Manage level

Parameters

vpn-instance vpn-instance-name: Specifies the MPLS L3VPN to which the NTP server belongs, where vpn-instance-name is a case-sensitive string of 1 to 31 characters. If the NTP server is on the public network, do not specify this option.

ip-address: IP address of the NTP server. It must be a unicast address, rather than a broadcast address, a multicast address or the IP address of the local clock.

server-name: Host name of the NTP server, which is a string of 1 to 20 characters.

authentication-keyid keyid: Specifies the key ID to be used for sending NTP messages to the NTP server, where keyid ranges from 1 to 4294967295.

priority: Specifies this NTP server as the first choice under the same condition.

source-interface interface-type interface-number: Specifies the source interface for NTP messages. In an NTP message the local switch sends to the NTP server, the source IP address is the primary IP address of this interface. interface-type interface-number represents the interface type and number.

version number: Specifies the NTP version, where number ranges from 1 to 3 and defaults to 3.

Description

Use the ntp-service unicast-server command to designate an NTP server for the switch.

Use the undo ntp-service unicast-server command to remove an NTP server designated for the switch.

By default, no NTP server is designated for the switch.

 

NOTE: ·       To synchronize the PE to a PE or CE in a VPN, provide vpn-instance vpn-instance-name in your command. ·       If you include vpn-instance vpn-instance-name in the undo ntp-service unicast-server command, the command removes the NTP server with the IP address of ip-address in the specified VPN. If you do not include vpn-instance vpn-instance-name in this command, the command removes the NTP server with the IP address of ip-address in the public network.

 

Examples

# Designate NTP server 10.1.1.1 for the switch, and configure the switch to run NTP version 3.

<Sysname> system-view

[Sysname] ntp-service unicast-server 10.1.1.1 version 3