From: Dale Shaw (dale.shaw@gmail.com)
Date: Sun Jan 04 2009 - 05:59:10 ARST
Hi,
On Sun, Jan 4, 2009 at 1:38 PM, Jared Scrivener <jscrivener@ipexpert.com> wrote:
> Nope. For what you want to do, you need:
>
*snip*
Hmm.. At first, I interpreted this description of 'ntp trusted-key' (a
NTP-process level command, not per-peer/server) to mean that an IOS
NTP client configured for authentication requires that all of its time
sources present the same key -- i.e. every time source must be
configured with the same key as the client, and that once client-side
authentication enabled, all time sources must offer up a key.
Then I realised you can enter multiple "trusted-key" commands.
*phew*
What's not clear to me, is why the 'trusted-key' command is required
at all. Surely, like routing protocol authentication, as long as the
NTP peers (client, server, peer, whatever) have matching keys, the
light should turn green. I don't see what value 'trusted-key' provdes.
Anyone?
Lastly, am I the only one that thinks the documentation of the NTP
implementation in IOS leaves a LOT to be desired?
cheers,
Dale
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:43:36 ARST