[no] ntp
config>system>time
Supported on all 7210 SAS platforms as described in this document, including platforms configured in the access-uplink operating mode
Commands in this context configure Network Time Protocol (NTP) and its operation. This protocol defines a method to accurately distribute and maintain time for network elements. Furthermore this capability allows for the synchronization of clocks between the various network elements.
The no form of this command stops the execution of NTP and removes its configuration.
[no] authentication-check
config>system>time>ntp
Supported on all 7210 SAS platforms as described in this document
This command provides the option to skip the rejection of NTP PDUs that do not match the authentication key ID, type or key requirements. The default behavior when authentication is configured is to reject all NTP protocol PDUs that have a mismatch in either the authentication key ID, type or key.
When authentication-check is enabled, NTP PDUs are authenticated on receipt. However, mismatches cause a counter to be increased, one counter for type and one for key ID, one for type, value mismatches. These counters are visible in a show command.
The no form of this command allows authentication mismatches to be accepted; the counters however are maintained.
authentication-check — rejects authentication mismatches
authentication-key key-id {key key} [hash | hash2] type {des | message-digest}
no authentication-key key-id
config>system>time>ntp
Supported on all 7210 SAS platforms as described in this document, including platforms configured in the access-uplink operating mode
This command sets the authentication key ID, type and key used to authenticate NTP PDUs sent to or received by other network elements participating in the NTP protocol. For authentication to work, the authentication key ID, type and key value must match.
The no form of this command removes the authentication key.
Specifies the authentication key ID that will be used by the node when transmitting or receiving Network Time Protocol packets.
Entering the authentication-key command with a key ID value that matches an existing configuration key will result in overriding the existing entry.
Recipients of the NTP packets must have the same authentication key ID, type, and key value in order to use the data transmitted by this node. This is an optional parameter.
Specifies the authentication key associated with the configured key ID, the value configured in this parameter is the actual value used by other network elements to authenticate the NTP packet.
The key can be any combination of ASCII characters up to maximum 32 characters for message-digest (MD5) or maximum 8 characters for DES (length limits are not encrypted). If spaces are used in the string, enclose the entire string in quotation marks (‟.”).
Specifies that the key is entered in an encrypted form. If the hash or hash2 parameter is not used, the key is assumed to be in a non-encrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash or hash2 parameter specified.
Specifies that the key is entered in a more complex encrypted form that involves more variables then the key value alone, this means that hash2 encrypted variable can’t be copied and pasted. If the hash or hash2 parameter is not used, the key is assumed to be in a non-encrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash or hash2 parameter specified.
Specifies if DES or message-digest authentication is used.
broadcast [router router-name] {interface ip-int-name} [key-id key-id] [version version] [ttl ttl]
no broadcast [router router-name] {interface ip-int-name}
config>system>time>ntp
Supported on all 7210 SAS platforms as described in this document, including platforms configured in the access-uplink operating mode
This command configures the node to transmit NTP packets on a given interface. Broadcast and multicast messages can easily be spoofed, thus, authentication is strongly recommended.
The no form of this command removes the address from the configuration.
Specifies the router name used to transmit NTP packets. Base is the default.
Specifies the local interface on which to transmit NTP broadcast packets, up to 32 characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.
Specifies the authentication key and authentication type used by this node to receive and transmit NTP packets to and from an NTP server and peers. If an NTP packet is received by this node both authentication key and authentication type must be valid otherwise the packet will be rejected and an event/trap generated.
Specifies the NTP version number that is generated by this node. This parameter does not need to be configured when in client mode in which case all versions will be accepted.
Specifies the IP Time To Live (TTL) value.
broadcastclient [router router-name] {interface ip-int-name} [authenticate]
no broadcastclient [router router-name] {interface ip-int-name}
config>system>time>ntp
Supported on all 7210 SAS platforms as described in this document, including platforms configured in the access-uplink operating mode
This command configures the node to receive broadcast packets on a given subnet. Broadcast and multicast messages can easily be spoofed, thus, authentication is strongly recommended. If broadcast is not configured then received NTP broadcast traffic will be ignored. Use the show command to view the state of the configuration.
The no form of this command removes the address from the configuration.
Specifies the router name used to receive NTP packets.
Specifies the local interface on which to receive NTP broadcast packets, up to 32 characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.
Specifies whether or not to require authentication of NTP PDUs. When enabled, NTP PDUs are authenticated upon receipt.
ntp-server [authenticate]
no ntp-server
config>system>time>ntp
Supported on all 7210 SAS platforms as described in this document, including platforms configured in the access-uplink operating mode
This command configures the node to assume the role of an NTP server. Unless the server command is used, this node will function as an NTP client only and will not distribute the time to downstream network elements.
no ntp-server
Keyword to make authentication a requirement. If authentication is required, the authentication key ID received in a message must have been configured in the authentication-key command, and that the key ID type and value must also match.
peer ip-address [key-id key-id] [version version] [prefer]
no peer ip-address
config>system>time>ntp
Supported on all 7210 SAS platforms as described in this document, including platforms configured in the access-uplink operating mode
This command configures symmetric active mode for an NTP peer. Although any system can be configured to peer with any other NTP node it is recommended to configure authentication and to configure known time servers as their peers.
The no form of this command removes the configured peer.
Specifies the IP address of the peer that requires a peering relationship to be set up.
Specifies the key-id that identifies the configured authentication key and authentication type used by this node to transmit NTP packets to an NTP peer. Successful authentication requires that both peers must have configured the same authentication key ID, type and key value.
If an NTP packet is received by this node, the authentication key ID, type, and key value must be valid otherwise the packet will be rejected and an event/trap generated.
Specifies the NTP version number that is generated by this node. This parameter does not need to be configured when in client mode in which case all three nodes are accepted.
Specifies the preferred peer. When configuring more than one peer, one remote system can be configured as the preferred peer. When a second peer is configured as preferred, the new entry overrides the old entry.
server {ip address | ptp} [key-id key-id] [version version] [prefer]
no server ip address
config>system>time>ntp
Supported on all 7210 SAS platforms as described in this document, including platforms configured in the access-uplink operating mode
This command is used when the node should operate in client mode with the NTP server specified in the address field of this command.
Up to five NTP servers can be configured.
If the internal PTP process is to be used as a source of time for System Time and OAM time then it must be specified as a server for NTP. If PTP is specified then the prefer parameter must also be specified. Once PTP has established a UTC traceable time from an external grandmaster then it shall always be the source for time into NTP even if PTP goes into time holdover.
Use of the internal PTP time source for NTP will promote the internal NTP server to stratum 1 level. This may impact the NTP network topology.
The no form of this command removes the server with the specified address from the configuration.
Specifies the IP address of a node that acts as an NTP server to this network element.
Keyword to configure the internal PTP process as a time server into the NTP process. The prefer keyword is mandatory with this server option. The ptp keyword is supported only on the 7210 SAS-Mxp, 7210 SAS-R6, 7210 SAS-R12, 7210 SAS-Sx/S 1/10GE (standalone), and 7210 SAS-T.
Specifies the configured authentication key and authentication type used by this node to transmit NTP packets to an NTP server. If an NTP packet is received by this node, the authentication key ID, type, and key value must be valid otherwise the packet will be rejected and an event/trap generated.
Specifies the NTP version number that is expected by this node.
Specifies the preferred peer. When configuring more than one peer, one remote system can be configured as the preferred peer. When a second peer is configured as preferred, the new entry overrides the old entry.