From: Ellie Chou (ellie_chou@hotmail.com)
Date: Wed Jan 28 2004 - 01:12:46 GMT-3
Hi, I found lots of NTP authentication discussion in the archive but
still have some puzzle in my mind. So I configured the following scenario
to test my knowledge. My understanding according to the config is, R1
will ask key 2 from R2 (from the "ntp server7.7.7.7 key 2" config), R2
will respond with key2 since it has it configured. However, key 2 is not
a trusted key (ntp trusted-key 1) so the authentication should fail. But
it doesn't! "show ntp status" shows R1 is synced. Can someone help me on
this? Is there anything wrong with the statement I made above? thanks a
lot!! R1:sh run | inc ntp
ntp authentication-key 1 md5 0458080F0A 7
ntp authentication-key 2 md5 021201481F 7
ntp authenticate
ntp trusted-key 1
ntp clock-period 17179935
ntp server 7.7.7.7 key 2
R2:sh run | inc ntp
ntp authentication-key 2 md5 021201481F 7
ntp master 3
ntp update-calendar
R1#sh ntp sta
Clock is unsynchronized, stratum 16, no reference clock
nominal freq is 250.0000 Hz, actual freq is 249.9990 Hz, precision is
2**18
reference time is C3C093A4.5455894F (07:37:08.329 UTC Tue Jan 27 2004)
clock offset is -0.1228 msec, root delay is 26.61 msec
root dispersion is 0.34 msec, peer dispersion is 0.17 msec
------------------------------------------------------------------------
Get a FREE online virus check for your PC here, from McAfee.
This archive was generated by hypermail 2.1.4 : Mon Feb 02 2004 - 09:07:51 GMT-3