Professional Documents
Culture Documents
Table of Contents
Syntax
View
Any view
Parameter
Description
Use the display ntp-service sessions command to view the information of all NTP
sessions. Without the verbose keyword, this command will display only the brief
information of all NTP service sessions.
Example
Table 1-1 Description on the fields of the display ntp-service sessions command
Field Description
source IP address of the clock source
Reference clock ID of the clock source
If the reference clock is the local clock, the value of this field is
related to the value of the stra field: When the value of the stra field
reference is 0 or 1, this field will be “LOCL”; when the stra field has another
value, this filed will be the IP address of the local clock
If the reference clock is the clock of another device on the network,
the value of this field will be the IP address of that device.
Field Description
stra Stratum level of the clock source
Reachability count of the clock source. 0 indicates that the clock
reach
source in unreachable
Poll interval, namely the maximum interval between successive NTP
poll
messages.
The length of time in minutes from when the last NTP message was
now
received or when the local clock was last updated to the current time
The offset of the system clock relative to the reference clock, in
offset
milliseconds
the roundtrip delay from the local device to the clock source, in
delay
milliseconds
The maximum error of the system clock relative to the reference
disper
source.
1: Clock source selected by the system, namely the current
reference source, with a system clock stratum level less than or
equal to 15.
[12345] 2: Stratum level of this system source is less than or equal to 15
3: This clock source has passed the clock selection process
4: This clock source is a candidate clock source
5: This clock source was created by a configuration command
Total
Total number of associations
associations
Note:
When a device is working in the NTP broadcast/multicast server mode, the display
ntp-service sessions command executed on the device will not display the NTP
session information corresponding to the broadcast/multicast server, but the sessions
will be counted in the total number of associations.
Syntax
View
Any view
Parameter
None
Description
Use the display ntp-service status command to view the NTP service status
information.
Example
Table 1-2 Description on the fields of the display ntp-service status command
Field Description
Clock status Status of the system clock
Clock stratum Stratum level of the local clock
After the system clock is synchronized to a remote time
server or a local reference source, this field indicates the
address of the remote time server or the identifier of the local
Reference clock ID clock source (when the local clock has a stratum level of 1,
the value of this field is “LOCL”; when the local clock has
another value, the value of this filed is the IP address of the
local clock)
Nominal frequency The nominal frequency of the local system hardware clock
Actual frequency The actual frequency of the local system hardware clock
Clock precision The precision of the system clock.
Clock offset The offset of the system clock relative to the reference source
The roundtrip delay from the local device to the primary
Root delay
reference source
Field Description
The maximum error of the system clock relative to the
Peer dispersion
reference source
Reference time Reference timestamp
Syntax
View
Any view
Parameter
None
Description
Use the display ntp-service trace command view the brief information of each NTP
server along the NTP server chain from the local device back to the primary reference
source.
The display ntp-service trace command is available only if the local device can ping
through all the devices on the NTP server chain; otherwise, this command will fail to
display all the NTP servers on the NTP chain due to timeout.
Example
# View the brief information of each NTP server from the local device back to the
primary reference source.
<Sysname> display ntp-service trace
server 127.0.0.1,stratum 2, offset -0.013500, synch distance 0.03154
server 133.1.1.1,stratum 1, offset -0.506500, synch distance 0.03429
refid LOCL
The information above shows an NTP server chain for the server 127.0.0.1: The server
127.0.0.1 is synchronized to the server 133.1.1.1 and the server 133.1.1.1 is
synchronized to the local clock source.
Table 1-3 Description on the fields of the display ntp-service trace command
Field Description
server IP address of the NTP server
stratum The stratum level of the corresponding system clock
Field Description
offset The clock offset relative to the upper-level clock
synch distance The synchronization distance relative to the upper-level clock
Identifier of the primary reference source. When the stratum
level of the primary reference clock is 0, it is displayed as LOCL;
refid
otherwise, it is displayed as the IP address of the primary
reference clock.
Syntax
View
System view
Parameter
Description
Use the ntp-service access command to configure the NTP service access-control
right to the local device.
Use the undo ntp-service access command to remove the configured NTP service
access-control right to the local device.
By default, the local NTP service access-control right is set to peer.
From the highest NTP service access-control right to the lowest one are peer, server,
synchronization, and query. When a device receives an NTP request, it will perform
an access-control right match and will use the first matched right.
Note:
z The ntp-service access command provides only a minimum degree of security
protection. A more secure method is identity authentication.
z Before specifying an ACL number in the ntp-service access command, make sure
you have already created and configured this ACL.
Example
# Configure devices on the subnet 10.10.0.0/16 to have the full access right to the local
device.
<Sysname> system-view
[Sysname] acl number 2001
[Sysname-acl-basic-2001] rule permit source 10.10.0.0 0.0.255.255
[Sysname-acl-basic-2001] quit
[Sysname] ntp-service access peer 2001
Syntax
View
System view
Parameter
None
Description
Example
Syntax
View
System view
Parameter
Description
Caution:
Presently the system supports only the MD5 algorithm for key authentication.
Example
# Set an MD5 authentication key, with the key ID of 10 and key value of “BetterKey”.
<Sysname> system-view
[Sysname] ntp-service authentication-keyid 10 authentication-mode md5
BetterKey
Syntax
ntp-service broadcast-client
undo ntp-service broadcast-client
View
Interface view
Parameter
None
Description
Use the ntp-service broadcast-client command to configure the device to work in the
NTP broadcast client mode.
Use the undo ntp-service broadcast-client command to remove the device as an
NTP broadcast client.
Example
# Configure the device to work in the broadcast client mode and receive NTP broadcast
messages on VLAN interface 1.
<Sysname> system-view
[Sysname] interface Vlan-interface 1
[Sysname-Vlan-interface1] ntp-service broadcast-client
Syntax
View
Interface view
Parameter
Description
Example
# Configure the device to work in the broadcast server mode and send NTP broadcast
messages on VLAN interface 1, using key 4 for encryption, and set the NTP version to
3.
<Sysname> system-view
[Sysname] interface Vlan-interface 1
[Sysname-Vlan-interface1] ntp-service broadcast-server authentication-keyid
4 version 3
Syntax
View
System view
Parameter
number: Maximum number of dynamic NTP sessions to be set up, in the range of 0 to
100.
Description
Example
Syntax
View
Interface view
Parameter
Description
Use the ntp-service multicast-client command to configure the device to work in the
NTP multicast client mode.
Use the undo ntp-service multicast-client command to remove the device as an NTP
multicast client.
The multicast address defaults to 224.0.1.1.
Example
# Configure the device to work in the multicast client mode and receive NTP multicast
messages on VLAN 1, and set the multicast address to 224.0.1.1.
<Sysname> system-view
[Sysname] interface Vlan-interface 1
[Sysname-Vlan-interface1] ntp-service multicast-client 224.0.1.1
Syntax
View
Interface view
Parameter
Description
Use the ntp-service multicast-server command to configure the device to work in the
NTP multicast server mode.
Use the undo ntp-service multicast-server command to remove the device as an
NTP multicast server.
Example
# Configure the device to work in the multicast server mode and send NTP multicast
messages on VLAN interface 1 to the multicast address 224.0.1.1, using key 4 for
encryption, and set the NTP version to 3.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] ntp-service multicast-server 224.0.1.1 version 3
authentication-keyid 4
Syntax
View
System view
Parameter
Description
Example
# Enable NTP authentication, specify to use MD5 encryption algorithm, with the key ID
of 37 and key value of “BetterKey”, and specify that this key is a trusted key.
<Sysname> system-view
[Sysname] ntp-service authentication enable
Syntax
View
System view
Parameter
Description
Example
# Specify that all NTP messages are to be sent out from VLAN interface 1.
<Sysname> system-view
[Sysname] ntp-service source-interface vlan-interface 1
Syntax
View
Interface view
Parameter
None
Description
Example
Syntax
View
System view
Parameter
Description
Example
# Designate the device with the IP address of 10.1.1.1 as the symmetric-passive peer
of the device, and configure the device to run NTP version 3, and send NTP messages
through VLAN interface 1.
<Sysname> system-view
[Sysname] ntp-service unicast-peer 10.1.1.1 version 3 source-interface
vlan-interface 1
Syntax
View
System view
Parameter
ip-address: IP address of the NTP server. It must be a host address, rather than a
broadcast address, a multicast address or the IP address of the local clock.
server-name: Host name of the NTP server, a string of up to 20 characters.
authentication-keyid keyid: Specifies the key ID to be used for sending NTP
messages to the NTP server, where keyid is in the range of 1 to 4294967295.
priority: Specifies this NTP server as the first choice.
source-interface interface-type interface-number: Specifies an interface for sending
NTP messages. In an NTP message the local device sends to the NTP server, the
source IP address is the IP address of this interface.
version number: Specifies the NTP version, where number is in the range of 1 to 3 and
defaults to 3.
Description
Use the ntp-service unicast-server command to designate an NTP server for the
device.
Use the undo ntp-service unicast-server command to remove an NTP server
designated for the device.
No NTP server is designated for the device by default.
Note:
The client and server must run the same version of NTP; otherwise, time
synchronization may fail.
Example
# Designate the device with the IP address of as 10.1.1.1 an NTP server for the device.
<Sysname> system-view
[Sysname] ntp-service unicast-server 10.1.1.1 version 3