Brocade Communications Systems 6650 manual Sntp server-mode authentication-key 2 $QHMiR3NzQA=

2 Configuring the device as an SNTP server

To use the device as a an SNTP server, enter a command such as the following at the Privileged EXEC level.

Brocade(config)# sntp server-mode use-local-clock authentication-key abc123 Brocade(config)# write memory

The above example configures the device to operate as an SNTP server with the local clock as a reference backup and an authentication key of “abc123” and writes the configuration changes to memory.

Syntax: [no] sntp server-mode [ use-local-clock [ stratum <stratum-number> ] ] [ authentication-key <key-string> ]

•The use-local-clockoption causes the Brocade device to use the local clock as a reference source if an upstream reference source becomes unavailable. The SNTP stratum number is set to 1 by default. You may specify a different stratum number using the stratum option; <stratum-number> must be between 1 and 15. When the internal clock is serving as the SNTP reference source, the Brocade device will use the specified stratum number (or the default value of 1). When it is synchronized with the upstream server, the Brocade device will use the upstream server’s stratum number plus 1.

If you do not include the use-local-clockoption the Brocade device will function as specified by RFC 4330: when the Brocade device loses upstream synchronization, it will respond to client SNTP requests with a “kiss-of-death” response (stratum value=0).

NOTE

To enable the use-local-clockoption, you must set the internal clock of the Brocade device either by SNTP synchronization (see “Specifying an SNTP server” on page 20) or by using the clock set command (see “Setting the system clock” on page 26). Until the internal clock is set, the Brocade device will continue to rely exclusively on an upstream SNTP server if one is reachable. If none, the SNTP server of the Brocade device is disabled (down).

•To require a code string for authentication of SNTP communication from clients, use the authentication-keyoption and enter a key string of up to 16 characters. When this option is used, authentication parameters are required in clients’ SNTP request messages. If authentication fails, the Brocade device will reply with stratum 0 and a reference ID code of “CRYP” (cryptographic authentication or identification failed), and messages received without the required parameters will be dropped.

NOTE

Once entered, the authentication key cannot be viewed. Using the show running-configcommand will show output similar to the following when an authentication key has been set:

sntp server-mode authentication-key 2 $QHMiR3NzQA=

The 2 indicates that the key is encrypted using base-64 encryption; the characters following the 2 are the encrypted authentication string.

NOTE

You cannot enable or disable the use-local-clockoption (or its stratum number) or change the authentication string when the SNTP server is up. To change these settings after enabling SNTP server mode, you must disable server mode using the command no sntp server-mode, then re-enable it with the new parameters.