Dynabrade Dynabug 57810, Руководство пользователя

Страница: 29 / 68

By default, the router or switch sends NTP version 4 packets to the time server. To set
the NTP version level to 1,or 2, or 3, include the
version
option.
If you configure more than one time server, you can mark one server preferred by including
the
prefer
option.
For information about how to configure trusted keys, see “Configuring NTP Authentication
Keys” on page 18 . For information about how to configure the router or switch to operate
in client mode, see “Configuring the Router or Switch to Operate in Client Mode” on
page 15 .
The following example shows how to configure the router or switch to operate in server
mode:
[edit system ntp]
authentication-key 1 type md5 value "$9$txERuBEreWx-wtuLNdboaUjH.T3AtOESe";
server 172.17.27.46 prefer;
trusted-key 1;
NOTE: When a host is added as an NTP server, it resolves to an IP address
prior to being adding to the configuration. When using a public NTP server,
the host might resolve to different IP addresses.
If the resolved IP address becomes unreachable for any reason, the switch
cannot access the NTP server. In order to leverage public NTP pool entities,
this functionality has been modified so that a host is accepted as a string
without DNS resolution.
Related
Documentation
Understanding NTP Time Servers on page 5
•
•
Example: Configuring NTP as a Single Time Source for Router and Switch Clock
Synchronization on page 17
Example: Configuring NTP as a Single Time Source for Router and Switch Clock
Synchronization
Debugging and troubleshooting are much easier when the timestamps in the log files of
all the routers or switches are synchronized, because events that span the network can
be correlated with synchronous entries in multiple logs. We strongly recommend using
the Network Time Protocol (NTP) to synchronize the system clocks of routers, switches,
and other network equipment.
By default, NTP operates in an entirely unauthenticated manner. If a malicious attempt
to influence the accuracy of a router or switch’s clock succeeds, it could have negative
effects on system logging, make troubleshooting and intrusion detection more difficult,
and impede other management functions.
The following sample configuration synchronizes all the routers or switches in the network
to a single time source. We recommend using authentication to make sure that the NTP
peer is trusted. The
boot-server
statement identifies the server from which the initial time
17 Copyright © 2014, Juniper Networks, Inc.
Chapter 2: Configuring Time