From: mushtaq A. Khan (mak.ccie2b@gmail.com)
Date: Mon Aug 15 2005 - 07:54:54 GMT-3
Thomwin,
No, the "ntp authentication-key 1 md5 groupstudy" was needed to
authenticate the client or else it was failing.
However, ntp trusted-key 1 was not needed as the client was able to
synchronized by master without this command. It was only configured
for the Client.
Mushtaq
Mushtaq
On 8/15/05, Thomwin Chen <thomwin_chen@yahoo.com> wrote:
> Mushtaq,
>
> my guess for your NTP master config is like this :
>
> ntp master
> ntp authenticate
> ntp trusted-key 1
> ntp authentication-key 1 md5 groupstudy
> Correct, it's working, because the ntp authentication-key 1 md5 groupstudy
> exist.
>
> ============================================
> try this one (without ntp authentication-key 1 md5 groupstudy):
>
> ntp master
> ntp authenticate
> ntp trusted-key 1
>
> wait for a moment, show ntp status and debug ntp authentication, is it still
> syncrhonized ?
>
> Rgds,
> Thomwin
>
>
>
> "mushtaq A. Khan" <mak.ccie2b@gmail.com> wrote:
> Thomwin,
>
> Thanks for you advise. Do you think that we need the following command
> to enable ntp authentication and generate ntp keys on NTP master. Here
> is the url for your reference. My configuration works fine after I
> used these two commands.
>
> ntp authenticate
> ntp trusted-key 1
>
> http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/fun_c/fcprt3/fcd303.htm#wp1001202
>
> Mushtaq
>
> On 8/14/05, Thomwin Chen wrote:
> > Mushtaq,
> >
> > CMIIW,
> >
> > I think the correct NTP authentication configuration is like this :
> > at NTP client :
> >
> > ntp authenticate
> > ntp authentication-key 1 md5 groupstudy
> > ntp trusted-key 1
> > ntp server 172.16.1.1 key 1
> >
> > at NTP master :
> >
> > ntp authentication-key 1 md5 groupstudy
> > ntp master
> >
> > NTP authentication is used to authenticate the time source, not the
> > recipient...
> > and also NTP synchronization will synchronize gradually not instaneously
> >
> > Rgds,
> > Thomwin
> >
> >
> > "mushtaq A. Khan" wrote:
> > All,
> >
> > Can anyone help in troubleshooting NTP synchronization? I'm trying to
> > test NTP to see if NTP client synchronizes correctly with NTP server.
> >
> > I noticed that it works only when I try to change clock in client.
> > The client correctly synchornizes with server. It does not work, when
> > I change clock in Server. Can someone explain me the reason. Here is
> > the configuration I'm used:
> >
> > Router(NTP Server):
> > clock timezone CST -6
> > clock summer-time CDT recurring
> >
> > ntp authentication-key 1 md5 01100F175804 7
> > ntp authenticate
> > ntp trusted-key 1
> > ntp source Loopback0
> > ntp master 3
> >
> >
> > SW(NTP Client):
> > clock timezone EST -5
> > clock summer-time EDT recurring
> > ntp authentication-key 1 md5 05080F1C2243 7
> > ntp authenticate
> > ntp trusted-key 1
> > ntp clock-period 17179903
> > ntp source Loopback0
> > ntp server 132.1.4.4
> >
> > Thanks,
> > M. A. Khan
> >
> >
> _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> > ________________________________
> > Yahoo! Mail for Mobile
> > Take Yahoo! Mail with you! Check email on your mobile phone.
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
This archive was generated by hypermail 2.1.4 : Sun Sep 04 2005 - 17:01:19 GMT-3