7-8
Catalyst 2928 Switch Software Configuration Guide
OL-23389-01
Chapter 7 Administering the Switch
Managing the System Time and Date
To disable an interface from receiving NTP broadcast packets, use the
no ntp broadcast client
interface
configuration command. To change the estimated round-trip delay to the default, use the
no ntp
broadcastdelay
global configuration command.
This example shows how to configure a port to receive NTP broadcast packets:
Switch(config)#
interface gigabitethernet0/1
Switch(config-if)#
ntp broadcast client
Configuring NTP Access Restrictions
You can control NTP access on two levels as described in these sections:
•
Creating an Access Group and Assigning a Basic IP Access List, page 7-8
•
Disabling NTP Services on a Specific Interface, page 7-10
Creating an Access Group and Assigning a Basic IP Access List
Beginning in privileged EXEC mode, follow these steps to control access to NTP services by using
access lists:
Step 5
ntp broadcastdelay
microseconds
(Optional) Change the estimated round-trip delay between the switch and
the NTP broadcast server.
The default is 3000 microseconds; the range is 1 to 999999.
Step 6
end
Return to privileged EXEC mode.
Step 7
show running-config
Verify your entries.
Step 8
copy running-config startup-config
(Optional) Save your entries in the configuration file.
Command
Purpose
Command
Purpose
Step 1
configure terminal
Enter global configuration mode.
Step 2
ntp access-group
{
query-only
|
serve-onl
y |
serve
|
peer
}
access-list-number
Create an access group, and apply a basic IP access list.
The keywords have these meanings:
•
query-only
—Allows only NTP control queries.
•
serve-only
—Allows only time requests.
•
serve
—Allows time requests and NTP control queries, but does not
allow the switch to synchronize to the remote device.
•
peer
—Allows time requests and NTP control queries and allows the
switch to synchronize to the remote device.
For
access-list-number
, enter a standard IP access list number from 1
to 99.