Brocade Communications Systems 6650

24 Brocade ICX 6650 Administration Guide

53-1002600-01

Configuring the device as an SNTP server

To use the device as a an SNTP server, enter a command such as the following at the Privileged

EXEC level.

Brocade(config)# sntp server-mode use-local-clock authentication-key abc123

Brocade(config)# write memory

The above example configures the device to operate as an SNTP server with the local clock as a

reference backup and an authentication key of “abc123” and writes the configuration changes to

memory.

Syntax: [no] sntp server-mode [ use-local-clock [ stratum <stratum-number> ] ] [

authentication-key <key-string> ]

•The use-local-clock option causes the Brocade device to use the local clock as a reference

source if an upstream reference source becomes unavailable. The SNTP stratum number is set

to 1 by default. You may specify a different stratum number using the stratum option;

<stratum-number> must be between 1 and 15. When the internal clo ck is servi ng as the SNTP

reference source, the Brocade device will use the specified stratum number (or the default

value of 1). When it is synchronized with the upstream server, the Brocade device will use the

upstream server’s stratum number plus 1.

If you do not include the use-local-clock option the Brocade device will function as specified by

RFC 4330: when the Brocade device loses upstream synchronization, it will respond to client

SNTP requests with a “kiss-of-death” response (stratum value=0).

NOTE

To enable the use-local-clock option, you must set the internal clock of the Brocade device

either by SNTP synchronization (see “Specifying an SNTP server” on page 20) or by using the

clock set command (see “Setting the system clock” on page26). Until the internal clock is set,

the Brocade device will continue to rely exclusively on an upstream SNTP server if one is

reachable. If none, the SNTP server of the Brocade device is disabled (down).

•To require a code string for authentication of SNTP communication from clients, use the

authentication-key option and enter a key string of up to 16 characters. When this option is

used, authentication parameters are required in clients’ SNTP request messages. If

authentication fails, the Brocade device will reply with stratum 0 and a reference ID code of

“CRYP” (cryptographic authentication or identification failed), and messages received without

the required parameters will be dropped.

NOTE

Once entered, the authentication key cannot be viewed. Using the show running-config

command will show output similar to the following when an authentication key has been set:

sntp server-mode authentication-key 2 $QHMiR3NzQA=

The 2 indicates that the key is encrypted using base-64 encryption; the characters following

the 2 are the encrypted authentication string.

NOTE

You cannot enable or disable the use-local-clock option (or its stratum number) or change the

authentication string when the SNTP server is up. To change these settings after enabling SNTP

server mode, you must disable server mode using the command no sntp server-mode, then

re-enable it with the new parameters.