Re: Access-group on NTP

From: Bill Greenwood (billgreenwood@xxxxxxxxxxxxx)
Date: Sun Feb 17 2002 - 23:51:43 GMT-3

• Next message: Simon Hamilton-Wilkes: "RE: Voice-module for 2600"
• Previous message: D. J. Jones: "Re: Access-group on NTP"
• Maybe in reply to: Bill Greenwood: "Access-group on NTP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
I've read the CCO document, but it doesn't seem to work (at least the way I
tought it would)

Peer is fairly obvious. It allows the remote to become a peer, meaning it
can get time as well as update the time on the local machine.
Serve. Seems to say the the remote can get time, but not update the local
router
Serve-only. ?
query-only. ?

----- Original Message -----
From: "D. J. Jones" <meganac@attbi.com>
To: "Bill Greenwood" <billgreenwood@earthlink.net>; <ccielab@groupstudy.com>
Sent: Sunday, February 17, 2002 9:44 PM
Subject: Re: Access-group on NTP

> Haven't tried it yet, but this is what I saw in the documentation:
>
> The access group options are scanned in the following order, from least
> restrictive to most restrictive:
>
> 1. peer-Allows time requests and NTP control queries and allows the
system
> to synchronize itself to a system whose address passes the access list
> criteria.
>
> 2. serve-Allows time requests and NTP control queries, but does not
allow
> the system to synchronize itself to a system whose address passes the
access
> list criteria.
>
> 3. serve-only-Allows only time requests from a system whose address
passes
> the access list criteria.
>
> 4. query-only-Allows only NTP control queries from a system whose
address
> passes the access list criteria.
>
> ----- Original Message -----
> From: "Bill Greenwood" <billgreenwood@earthlink.net>
> To: <ccielab@groupstudy.com>
> Sent: Sunday, February 17, 2002 6:05 PM
> Subject: Access-group on NTP
>
>
> > Has anyone been successful in using "ntp access-group"
> >
> > I am putting this on my server:
> >
> > access-list 6 permit 10.1.1.2
> > ntp access-group peer 6
> > ntp master 5
> >
> > This works fine, as the only client to receive packets and synchronize
is
> > 10.1.1.2.
> >
> > My question is how do you use the other access-group types:
> >
> > R1(config)#ntp access-group ?
> > peer Provide full access
> > query-only Allow only control queries
> > serve Provide server and query access
> > serve-only Provide only server access
> >
> > Whenever I specify anything other than peer the client never
synchronizes,
> in
> > fact it never receives any packets. What am I missing?
> >
> > Bill

• Next message: Simon Hamilton-Wilkes: "RE: Voice-module for 2600"
• Previous message: D. J. Jones: "Re: Access-group on NTP"
• Maybe in reply to: Bill Greenwood: "Access-group on NTP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 20 2002 - 13:46:26 GMT-3