From: Jason Sinclair (sinclairj@xxxxxxxxxxxxxxx)
Date: Sun Mar 24 2002 - 21:00:31 GMT-3
Nicolai,
You do not need the ntp authenticate statement under the master. That is
used to authenticate the NTP source and is not required on the master.
Config should be as follows:
For R1 (master) I have the following config:
ntp authentication-key 1 md5 121A0C041104 7
ntp source Loopback0
ntp master 2
For R2 (Client):
ntp authentication-key 1 md5 05080F1C2243 7
ntp authenticate
ntp trusted-key 1
ntp clock-period 17179869
ntp source Loopback0
ntp server 1.1.1.1 key 1
Cheers,
Jason Sinclair
Manager, Network Support Group
POWERTEL
Ground Level, 55 Clarence Street,
SYDNEY NSW 2000
AUSTRALIA
office: + 61 2 8264 3820
mobile: + 61 416 105 858
* sinclairj@powertel.com.au
-----Original Message-----
From: Nicolai Gersbo Solling [mailto:nicolai@cisco.com]
Sent: Saturday, 23 March 2002 03:32
To: CCIE
Subject: NTP Authentication - I think I finally
nailed it!
Hi there Pranksters!
I think I have nailed the problems we have with NTP and
getting the updates
to authenticate etc...
For R1 (master) I have the following config:
ntp authentication-key 1 md5 121A0C041104 7
ntp authenticate
ntp source Loopback0
ntp master 2
For R2 (Client):
ntp authentication-key 1 md5 05080F1C2243 7
ntp authenticate
ntp trusted-key 1
ntp clock-period 17179869
ntp source Loopback0
ntp server 1.1.1.1 key 1
The trick is the order the commands are typed in!
Always type them in the order they appear in the config file
afterwards...
That means for instance on R1 I typed in the NTP
authentication-key first,
then the ntp authenticate, then ntp source and at last ntp
master.
I used the same procedure for R2.
When I show NTP associations detail I get the following
output on the R2
(client):
1.1.1.1 configured, authenticated, our_master, sane, valid,
stratum 2
ref ID 127.127.7.1, time C045E787.E246703F (17:25:27.883 UTC
Fri Mar 22
2002)
our mode client, peer mode server, our poll intvl 64, peer
poll intvl 64
root delay 0.00 msec, root disp 0.03, reach 377, sync dist
1.099
delay 1.82 msec, offset 8.6792 msec, dispersion 0.17
precision 2**18, version 3
org time C045E7B9.34282B63 (17:26:17.203 UTC Fri Mar 22
2002)
rcv time C045E7B9.322B1692 (17:26:17.195 UTC Fri Mar 22
2002)
xmt time C045E7B9.31A6C6EE (17:26:17.193 UTC Fri Mar 22
2002)
filtdelay = 1.82 1.92 1.82 1.77 1.79 1.89
1.82 1.82
filtoffset = 8.68 8.64 8.52 8.40 8.32
8.03 7.81
7.52
filterror = 0.02 0.99 1.97 2.94 3.92
4.90 5.87
6.85
I hope it helps some of you out there that has been pulling
your hair out
trying to figure out why it did not work!
Nicolai Solling
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:57:20 GMT-3