< Home

Setting NTP Access Authorities

This section describes how to configure access permission control to restrict certain NTP requests.

Context

When receiving an access request packet, the NTP server matches the request packet with the access authority in descending order (from peer, server, synchronization, query to limited). The first matched authority takes effect.

Procedure

  1. Access the system view. 

    system-view

  2. Set the access permission for the NTP service on the FW. 

    ntp-service access { peer | query | server | synchronization | limited } { acl-number | ipv6 acl6-number } *

    Where the ntp-service access command is run depends on the actual situations.

    Table 1 shows the detailed NTP access authorities.

    Table 1 Description of the NTP access authorities

    NTP Operation Mode

    Limited NTP Query

    Supported Devices

    Unicast NTP client/server mode

    Synchronizing the client with the server

    Client

    Clock synchronization request from the client

    Server

    NTP peer mode

    Clock synchronization with each other

    Symmetric active end

    Clock synchronization request from the active end

    Symmetric passive end

    NTP multicast mode

    Synchronizing the client with the server

    NTP multicast client

    NTP broadcast mode

    Synchronizing the client with the server

    NTP broadcast client

    NTP manycast client mode

    Synchronizing the client with the server

    NTP manycast client

    Clock synchronization request from the client

    NTP manycast server

Parent Topic: Configuring NTP Security Mechanisms
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
Next topic >