Network Requirement
- Device1 is the NTP server; Device2 is the NTP client, and they adopt the MD5 algorithm authentication.
- Device1 is interconnected with Device2 via their interface vlan2; the route is reachable.
- The NTP server is the clock source, and the client gets the clock from the server.
Network Topology
Figure 4-3 Networking of configuring the NTP server and client with MD5 authentication
Configuration Steps
Step1: Configure the IP address of the interface (omitted).
Step 2: Configure the NTP server.
#Enable NTP IPv4 of Device1, configure the time zone as Beijing time zone, local clock as the reference clock, and the layers of the clock as 3.
Device1#configure terminal
Device1(config)#ntp enable
Device1(config)#clock timezone BINJING 8
Device1(config)#ntp master 3
Device1(config)#exit
|
#Enable the authentication.
Device1(config)#ntp authenticate
|
#Configure the authentication key No. as 1, algorithm as MD5, and key as admin.
Device1(config)#ntp authentication-key 1 md5 0 admin
|
#Configure key 1 to be trusted.
Device1(config)#ntp trusted-key 1
|
Step 3: Configure the NTP client.
#Enable NTP IPv4 of Device2, and configure the time zone as Beijing time zone,
Device2#configure terminal
Device2(config)#ntp enable
Device2(config)#clock timezone BINJING 8
|
#Specify the NTP server for the client and the IP address is 1.0.0.1.
Device2(config)#ntp server 1.0.0.1
|
#Enable authentication.
Device2(config)#ntp authenticate
|
#Configure the authentication key No. as 1, algorithm as MD5, and key as admin.
Device2(config)#ntp authentication-key 1 md5 0 admin
|
#Configure key 1 to be trusted.
Device2(config)#ntp trusted-key 1
|
Step 4: Check the result.
#Execute the show ntp status command on the client Device2 to view the clock synchronization status and other information, indicating that the client and the NTP server device1 have been synchronized, and the number of clock layers is 4, larger than that of Device1 by 1.
Device2#show ntp status
Current NTP status information
NTP ipv4 is enabled
NTP ipv6 is disabled
Clock is synchronized, stratum 4, reference is 1.0.0.1
reference time is D442ECE1.8BB7B219 (01:56:49.545 Tue Nov 06 2012)
#On Device2, execute the show clock command to view the device clock.
Device2#show clock
BEIJING(UTC+08:00) TUE NOV 06 09:56:52 2012
-
The authentication serial number of NTP client and server must be the same, and the key must be the same.