Cisco Systems SMC-169 manual Configuring NTP Access Groups Example, SMC-189

Page 21

Implementing NTP on Cisco IOS XR Software

Configuration Examples for Implementing NTP on Cisco IOS XR Software

Configuring NTP Access Groups: Example

The following example shows a NTP access group configuration where the following access group restrictions are applied:

Peer restrictions are applied to IP addresses that pass the criteria of the access list named peer-acl.

Serve restrictions are applied to IP addresses that pass the criteria of access list named serve-acl.

Serve-only restrictions are applied to IP addresses that pass the criteria of the access list named serve-only-acl.

Query-only restrictions are applied to IP addresses that pass the criteria of the access list named query-only-acl.

!

ntp

peer 10.1.1.1 peer 10.2.2.2 peer 10.3.3.3 peer 10.4.4.4 peer 10.5.5.5 peer 10.6.6.6 peer 10.7.7.7 peer 10.8.8.8

access-group peer peer-acl access-group serve serve-acl access-group serve-only serve-only-acl access-group query-only query-only-acl

!

ipv4 access-list peer-acl

10 permit ip host 10.1.1.1 any

20 permit ip host 10.8.8.8 any

!

ipv4 access-list serve-acl

10 permit ip host 10.4.4.4 any

20 permit ip host 10.5.5.5 any

!

ipv4 access-list query-only-acl 10 permit ip host 10.2.2.2 any 20 permit ip host 10.3.3.3 any

!

ipv4 access-list serve-only-acl 10 permit ip host 10.6.6.6 any 20 permit ip host 10.7.7.7 any

!

Configuring NTP Authentication: Example

The following example shows an NTP authentication configuration. In this example, the following is configured:

NTP authentication is enabled.

Two authentication keys are configured (key 2 and key 3).

The router is configured to allow its software clock to be synchronized with the clock of the peer (or vice versa) at IP address 10.3.32.154 using authentication key 2.

The router is configured to allow its software clock to be synchronized with the clock by the device at IP address 10.32.154.145 using authentication key 3.

Cisco IOS XR System Management Configuration Guide

SMC-189

Image 21
Contents Implementing NTP on Cisco IOS XR Software SMC-170 NTP Functional OverviewConfiguring Poll-Based Associations Poll-Based AssociationsSMC-171 SMC-172 Summary StepsConfiguring Broadcast-Based NTP Associations Broadcast-Based NTP AssociationsSMC-173 SMC-174 Configuring NTP Access Groups NTP Access GroupsSMC-175 SMC-176 SMC-177 Configuring NTP Authentication NTP AuthenticationSMC-178 SMC-179 Supported is md5SMC-180 Disabling NTP Services on a Specific InterfaceSMC-181 SMC-182 Configuring the Source IP Address for NTP PacketsSMC-183 SMC-184 Configuring the System as an Authoritative NTP ServerSMC-185 Updating the Hardware ClockSMC-186 Verifying the Status of the External Reference Clock ExamplesSMC-187 Configuring Poll-Based Associations Example Configuring Broadcast-Based Associations ExampleSMC-188 Configuring NTP Access Groups Example Configuring NTP Authentication ExampleSMC-189 Configuring the Source IP Address for NTP Packets Example Disabling NTP on an Interface ExampleSMC-190 Related Documents Updating the Hardware Clock ExampleStandards MIBsRFCs Technical AssistanceSMC-192