Hi guys,
I had a mock task recently that called into question my knowledge of NTP
authentication. Hope you can help me as I've been unable to settle the
matter through Google.
My understanding of NTP authentication is that only the side that you type
NTP AUTHENTICATE on will be required to authenticate it's SOURCEs. However I
recently came across a task that required a router (RTR1) to be setup as an
authoritative time source to 3 other routers (RTR2,3 & 4). This was easy to
setup using the NTP MASTER command on RTR1 and naming it as NTP SERVER on
the other routers. The task then required that the time source RTR1 and one
of the routers (RTR2) should be setup to authenticate *eachother** *but the
other two routers (RTR3 & 4) having no authentication of any sort.
So question is, how is it possible for a time source to authenticate a
client bi-directionally? The only way I can think of is to setup the two as
peers, in which case - is there a mechanism by which you can authenticate
them as peers BUT keep RTR1 as the authoritative time source?
Thanks in advance :)
Blogs and organic groups at http://www.ccie.net
Received on Wed Jun 30 2010 - 11:51:57 ART
This archive was generated by hypermail 2.2.0 : Sun Aug 01 2010 - 09:11:38 ART