Re: NTP Authentication

From: Anthony Sequeira (terry.francona@gmail.com)
Date: Wed Jan 05 2005 - 15:36:26 GMT-3

• Next message: Sean C: "Re: Real NTP scenario"
• Previous message: Church, Chuck: "RE: Real NTP scenario"
• Maybe in reply to: Anthony Sequeira: "NTP Authentication"
• Next in thread: Edwards, Andrew M: "RE: NTP Authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Well - I am thinking that mine is not working.....
Trying for a simple config between lab routers R1 and R2....

R1 CONFIG
clock timezone EST -5
clock calendar-valid
!
!
ntp authentication-key 1 md5 060506324F41 7
ntp authenticate
ntp trusted-key 1
ntp master 6

R2 CONFIG
clock timezone EST -5
!
!
ntp authentication-key 1 md5 121A0C041104 7
ntp authenticate
ntp trusted-key 1
ntp clock-period 17179851
ntp peer 160.10.1.1 prefer

Here is show output from R2:
R2#show ntp assoc detail
160.10.1.1 configured, our_master, sane, valid, stratum 6
ref ID 127.127.7.1, time C585606D.6FB18839 (13:35:25.436 EST Tue Jan 4 2005)
our mode active, peer mode passive, our poll intvl 64, peer poll intvl 64
root delay 0.00 msec, root disp 0.03, reach 377, sync dist 4.395
delay 8.61 msec, offset -0.1788 msec, dispersion 0.06
precision 2**24, version 3
org time C5856074.F65D2D6C (13:35:32.962 EST Tue Jan 4 2005)
rcv time C5856074.F7832435 (13:35:32.966 EST Tue Jan 4 2005)
xmt time C5856074.F541CB0C (13:35:32.958 EST Tue Jan 4 2005)
filtdelay = 8.61 8.45 8.44 8.45 8.47 8.51 8.54 8.45
filtoffset = -0.18 -0.17 -0.28 -0.34 -0.27 -0.23 -0.20 -0.17
filterror = 0.02 0.99 2.94 4.90 6.85 8.80 9.78 10.33

On Wed, 5 Jan 2005 10:01:33 -0800, Edwards, Andrew M
<andrew.m.edwards@boeing.com> wrote:
> Anthony,
>
> Using Tims command below will show "authenticated".
>
> Also, you can do "debug ntp authentication"
>
> HTH,
>
> andy
>
> -----Original Message-----
> From: ccie2be [mailto:ccie2be@nyc.rr.com]
> Sent: Wednesday, January 05, 2005 4:47 AM
> To: Anthony Sequeira; Cisco certification
> Subject: Re: NTP Authentication
>
> Use the show ntp asso det and/or show ntp staus
>
> If authentication is not working, you wont be in sync.
>
> ----- Original Message -----
> From: "Anthony Sequeira" <terry.francona@gmail.com>
> To: "Cisco certification" <ccielab@groupstudy.com>
> Sent: Tuesday, January 04, 2005 11:44 PM
> Subject: NTP Authentication
>
> > NTP authentication sure seems simple to implement - but how in the
> > world would you verify that it is actually working?
> >
> > ______________________________________________________________________
> > _
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Sean C: "Re: Real NTP scenario"
• Previous message: Church, Chuck: "RE: Real NTP scenario"
• Maybe in reply to: Anthony Sequeira: "NTP Authentication"
• Next in thread: Edwards, Andrew M: "RE: NTP Authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Wed Feb 02 2005 - 22:10:18 GMT-3