3com MSR 20-20 참조 매뉴얼
2304
C
HAPTER
152: NTP C
ONFIGURATION
C
OMMANDS
ntp-service access
Syntax
ntp-service access { peer | query | server | synchronization } acl-number
undo ntp-service access { peer | query | server | synchronization }
View
System view
Parameter
peer: Specifies to permit full access.
query: Specifies to permit control query.
server: Specifies to permit server access and query.
synchronization: Specifies to permit server access only.
acl-number: Basic ACL number, in the range of 2000 to 2999.
Description
Use the ntp-service access command to configure the NTP service
access-control right to the local device.
access-control right to the local device.
Use the undo ntp-service access command to remove the configured NTP
service access-control right to the local device.
service access-control right to the local device.
By default, the local NTP service access-control right is set to peer.
From the highest NTP service access-control right to the lowest one are peer,
server, synchronization, and query. When a device receives an NTP request, it
will perform an access-control right match and will use the first matched right.
server, synchronization, and query. When a device receives an NTP request, it
will perform an access-control right match and will use the first matched right.
n
■
The ntp-service access command provides only a minimum degree of security
protection. A more secure method is identity authentication.
protection. A more secure method is identity authentication.
■
Before specifying an ACL number in the ntp-service access command, make
sure you have already created and configured this ACL.
sure you have already created and configured this ACL.
Example
# Configure devices on the subnet 10.10.0.0/16 to have the full access right to the
local device.
local device.
<Sysname> system-view
[Sysname] acl number 2001
Table 607 Description on the fields of the display ntp-service trace command
Field Description
server
IP address of the NTP server
stratum
The stratum level of the corresponding system clock
offset
The clock offset relative to the upper-level clock
synch distance
The synchronization distance relative to the upper-level clock
refid
Identifier of the primary reference source. When the stratum level of the
primary reference clock is 0, it is displayed as LOCL; otherwise, it is
displayed as the IP address of the primary reference clock.
primary reference clock is 0, it is displayed as LOCL; otherwise, it is
displayed as the IP address of the primary reference clock.