RE: NTP

From: Kenneth Wygand (KWygand@customonline.com)
Date: Wed Jun 23 2004 - 10:06:45 GMT-3

• Next message: Joe Chang: "Re: Is PBR static routing?"
• Previous message: Joe Chang: "Re: Frame Relay End2 End keepalives"
• Maybe in reply to: Ty: "NTP"
• Next in thread: tycampbell@comcast.net: "RE: NTP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Ty,

Yes - think of NTP Authentication not as "I want to make sure I know who
you are before I tell you what time it is", but instead as "I want to
make sure I know who you are before I -BELIEVE- what time you tell me it
is".

I consider it almost like a signature in PKI - it's authenticating
(trusting) the SENDER, not the RECEIVER. (Similar to the way ISIS
updates are authenticated as well!).

Hope this helps!

Kenneth E. Wygand
Systems Engineer, Project Services
CISSP #37102, CCNP, CCDP, ACSP, Cisco IPT Design Specialist, MCP, CNA,
Network+, A+
Custom Computer Specialists, Inc.
"The only unattainable goal is the one not attempted."
-Anonymous

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Brian Dennis
Sent: Tuesday, June 22, 2004 8:48 PM
To: Ty; ccielab@groupstudy.com
Subject: RE: NTP

Ty,
        You might take a look at this white paper on NTP Authentication
to help answer your question.

http://www.internetworkexpert.com/resources/01700369.htm

Brian Dennis, CCIE #2210 (R&S/ISP-Dial/Security)
bdennis@internetworkexpert.com
Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987
Direct: 775-745-6404 (Outside the US and Canada)

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Ty
Sent: Tuesday, June 22, 2004 5:19 PM
To: ccielab@groupstudy.com
Subject: NTP

quick NTP question..did research on DOC CD and a few books I have but
couldn't
find an answer..

R1 is ntp master...has authentication

R2 is server connecting to R1... has authentication

R4 is configured as peer, connecting to R2

with no authentication on R4 configured, R4 received the correct time.
Should
this have happened without R4 being configured for authentication, or is
it
because R4 peers to the interface of R2 that I do not need
authentication ?
just looking for clarification, as this was not in the lab I was
doing...I was
taking the lab farther on my own to experiment. (yes, even on NTP
hahahah)

Thanks!!

Ty

• Next message: Joe Chang: "Re: Is PBR static routing?"
• Previous message: Joe Chang: "Re: Frame Relay End2 End keepalives"
• Maybe in reply to: Ty: "NTP"
• Next in thread: tycampbell@comcast.net: "RE: NTP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Jul 03 2004 - 19:40:48 GMT-3