From: Pylko, Eric (EPylko@xxxxxxxxxxx)
Date: Wed Apr 12 2000 - 13:32:39 GMT-3
2 Questions:
When reading documentation about authentication and OSPF, my current
understanding is if I am going to use authentication in an area, I only need
to use it on routers in the same subnet. For example, if I have:
R1----Area1----R2-----Area1----R3
if I were doing authentication between R1 and R2, I do not necessarily have
to do it for R2 to R3. Is that correct?
My second question is about NTP:
I setup an NTP server on a 7000. I added the "ntp authenticate" command as
well as the "ntp authentication-key ..." command. Any client I setup with
the command "ntp server <address of 7000>" can synchronize their clock,
regardless of whether I have keys setup or not. It seems that ntp
authentication is for an NTP client to (hopefully) guarantee they will be
syncing off a trusted server.
There is an "ntp access-group ..." command that uses access lists. Is there
a way to limit access to an NTP server without the overhead of using
access-lists on the server?
Thanks!
-Eric
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:23:13 GMT-3