Command Manual – NTP

Quidway S3500-EA Series Ethernet Switches Table of Contents

Table of Contents

Chapter 1 NTP Configuration Commands .................................................................................. 1-1

1.1 NTP Configuration Commands.......................................................................................... 1-1
1.1.1 display ntp-service sessions ................................................................................... 1-1
1.1.2 display ntp-service status........................................................................................ 1-2
1.1.3 display ntp-service trace ......................................................................................... 1-4
1.1.4 ntp-service access .................................................................................................. 1-5
1.1.5 ntp-service authentication enable ........................................................................... 1-6
1.1.6 ntp-service authentication-keyid.............................................................................. 1-7
1.1.7 ntp-service broadcast-client .................................................................................... 1-7
1.1.8 ntp-service broadcast-server................................................................................... 1-8
1.1.9 ntp-service max-dynamic-sessions ......................................................................... 1-9
1.1.10 ntp-service multicast-client.................................................................................... 1-9
1.1.11 ntp-service multicast-server ................................................................................ 1-10
1.1.12 ntp-service reliable authentication-keyid............................................................. 1-11
1.1.13 ntp-service source-interface................................................................................ 1-12
1.1.14 ntp-service in-interface disable ........................................................................... 1-12
1.1.15 ntp-service unicast-peer...................................................................................... 1-13
1.1.16 ntp-service unicast-server ................................................................................... 1-14

Huawei Proprietary and Confidential i

Copyright (c) Huawei Technologies Co., Ltd
Command Manual – NTP
Quidway S3500-EA Series Ethernet Switches Chapter 1 NTP Configuration Commands

Chapter 1 NTP Configuration Commands

1.1 NTP Configuration Commands

1.1.1 display ntp-service sessions

Syntax

display ntp-service sessions [ verbose ]

View

Any view

Parameter

verbose: Displays the detailed information of all NTP sessions.

Description

Use the display ntp-service sessions command to view the information of all NTP
sessions. Without the verbose keyword, this command will display only the brief
information of all NTP service sessions.

Example

# View the brief information of NTP service sessions

<Sysname> display ntp-service sessions
source reference stra reach poll now offset delay disper
**************************************************************************
[12345] 10.1.1.2 127.127.1.0 3 377 64 178 0.0 40.1 22.8
note: 1 source(master),2 source(peer),3 selected,4 candidate,5 configured
Total associations : 1

Table 1-1 Description on the fields of the display ntp-service sessions command

Field Description
source IP address of the clock source
Reference clock ID of the clock source
If the reference clock is the local clock, the value of this field is
related to the value of the stra field: When the value of the stra field
reference is 0 or 1, this field will be “LOCL”; when the stra field has another
value, this filed will be the IP address of the local clock
If the reference clock is the clock of another device on the network,
the value of this field will be the IP address of that device.

Huawei Proprietary and Confidential 1-1

Copyright (c) Huawei Technologies Co., Ltd
 Command Manual – NTP
Chapter 1 NTP Configuration Commands Quidway S3500-EA Series Ethernet Switches

Field Description
stra Stratum level of the clock source
Reachability count of the clock source. 0 indicates that the clock
reach
source in unreachable
Poll interval, namely the maximum interval between successive NTP
poll
messages.
The length of time in minutes from when the last NTP message was
now
received or when the local clock was last updated to the current time
The offset of the system clock relative to the reference clock, in
offset
milliseconds
the roundtrip delay from the local device to the clock source, in
delay
milliseconds
The maximum error of the system clock relative to the reference
disper
source.
1: Clock source selected by the system, namely the current
reference source, with a system clock stratum level less than or
equal to 15.
[12345] 2: Stratum level of this system source is less than or equal to 15
3: This clock source has passed the clock selection process
4: This clock source is a candidate clock source
5: This clock source was created by a configuration command
Total
Total number of associations
associations

Note:
When a device is working in the NTP broadcast/multicast server mode, the display
ntp-service sessions command executed on the device will not display the NTP
session information corresponding to the broadcast/multicast server, but the sessions
will be counted in the total number of associations.

1.1.2 display ntp-service status

Syntax

display ntp-service status

View

Any view

1-2 Huawei Proprietary and Confidential

Copyright (c) Huawei Technologies Co., Ltd
Command Manual – NTP
Quidway S3500-EA Series Ethernet Switches Chapter 1 NTP Configuration Commands

Parameter

None

Description

Use the display ntp-service status command to view the NTP service status
information.

Example

# View the NTP service status information.

<Sysname> display ntp-service status
Clock status: unsynchronized
Clock stratum: 16
Reference clock ID: none
Nominal frequency: 100.0000 Hz
Actual frequency: 100.0000 Hz
Clock precision: 2^17
Clock offset: 0.0000 ms
Root delay: 0.00 ms
Root dispersion: 0.00 ms
Peer dispersion: 0.00 ms
Reference time: 00:00:00.000 UTC Jan 1 1900(00000000.00000000)

Table 1-2 Description on the fields of the display ntp-service status command

Field Description
Clock status Status of the system clock
Clock stratum Stratum level of the local clock
After the system clock is synchronized to a remote time
server or a local reference source, this field indicates the
address of the remote time server or the identifier of the local
Reference clock ID clock source (when the local clock has a stratum level of 1,
the value of this field is “LOCL”; when the local clock has
another value, the value of this filed is the IP address of the
local clock)

Nominal frequency The nominal frequency of the local system hardware clock
Actual frequency The actual frequency of the local system hardware clock
Clock precision The precision of the system clock.
Clock offset The offset of the system clock relative to the reference source
The roundtrip delay from the local device to the primary
Root delay
reference source

The maximum error of the system clock relative to the

Root dispersion
primary reference source.

Huawei Proprietary and Confidential 1-3

Copyright (c) Huawei Technologies Co., Ltd
 Command Manual – NTP
Chapter 1 NTP Configuration Commands Quidway S3500-EA Series Ethernet Switches

Field Description
The maximum error of the system clock relative to the
Peer dispersion
reference source
Reference time Reference timestamp

1.1.3 display ntp-service trace

Syntax

display ntp-service trace

View

Any view

Parameter

None

Description

Use the display ntp-service trace command view the brief information of each NTP
server along the NTP server chain from the local device back to the primary reference
source.
The display ntp-service trace command is available only if the local device can ping
through all the devices on the NTP server chain; otherwise, this command will fail to
display all the NTP servers on the NTP chain due to timeout.

Example

# View the brief information of each NTP server from the local device back to the
primary reference source.
<Sysname> display ntp-service trace
server 127.0.0.1,stratum 2, offset -0.013500, synch distance 0.03154
server 133.1.1.1,stratum 1, offset -0.506500, synch distance 0.03429
refid LOCL

The information above shows an NTP server chain for the server 127.0.0.1: The server
127.0.0.1 is synchronized to the server 133.1.1.1 and the server 133.1.1.1 is
synchronized to the local clock source.

Table 1-3 Description on the fields of the display ntp-service trace command

Field Description
server IP address of the NTP server
stratum The stratum level of the corresponding system clock

1-4 Huawei Proprietary and Confidential

Copyright (c) Huawei Technologies Co., Ltd
Command Manual – NTP
Quidway S3500-EA Series Ethernet Switches Chapter 1 NTP Configuration Commands

Field Description
offset The clock offset relative to the upper-level clock
synch distance The synchronization distance relative to the upper-level clock
Identifier of the primary reference source. When the stratum
level of the primary reference clock is 0, it is displayed as LOCL;
refid
otherwise, it is displayed as the IP address of the primary
reference clock.

1.1.4 ntp-service access

Syntax

ntp-service access { peer | query | server | synchronization } acl-number

undo ntp-service access { peer | query | server | synchronization }

View

System view

Parameter

peer: Specifies to permit full access.

query: Specifies to permit control query.
server: Specifies to permit server access and query.
synchronization: Specifies to permit server access only.
acl-number: ACL number, in the range of 2000 to 2999

Description

Use the ntp-service access command to configure the NTP service access-control
right to the local device.
Use the undo ntp-service access command to remove the configured NTP service
access-control right to the local device.
By default, the local NTP service access-control right is set to peer.
From the highest NTP service access-control right to the lowest one are peer, server,
synchronization, and query. When a device receives an NTP request, it will perform
an access-control right match and will use the first matched right.

Huawei Proprietary and Confidential 1-5

Copyright (c) Huawei Technologies Co., Ltd
 Command Manual – NTP
Chapter 1 NTP Configuration Commands Quidway S3500-EA Series Ethernet Switches

Note:
z The ntp-service access command provides only a minimum degree of security
protection. A more secure method is identity authentication.
z Before specifying an ACL number in the ntp-service access command, make sure
you have already created and configured this ACL.

Example

# Configure devices on the subnet 10.10.0.0/16 to have the full access right to the local
device.
<Sysname> system-view
[Sysname] acl number 2001
[Sysname-acl-basic-2001] rule permit source 10.10.0.0 0.0.255.255
[Sysname-acl-basic-2001] quit
[Sysname] ntp-service access peer 2001

1.1.5 ntp-service authentication enable

Syntax

ntp-service authentication enable

undo ntp-service authentication enable

View

System view

Parameter

None

Description

Use the ntp-service authentication enable command to enable NTP authentication.

Use the undo ntp-service authentication enable command to disable NTP
authentication.
By default, NTP authentication is disabled.

Example

# Enable NTP authentication.

<Sysname> system-view
[Sysname] ntp-service authentication enable

1-6 Huawei Proprietary and Confidential

Copyright (c) Huawei Technologies Co., Ltd
Command Manual – NTP
Quidway S3500-EA Series Ethernet Switches Chapter 1 NTP Configuration Commands

1.1.6 ntp-service authentication-keyid

Syntax

ntp-service authentication-keyid keyid authentication-mode md5 value

undo ntp-service authentication-keyid keyid

View

System view

Parameter

keyid: Authentication key ID, in the range of 1 to 4294967295.

authentication-mode md5: Specifies to use the MD5 algorithm for key authentication.
value: Authentication key, a string of up to 32 characters.

Description

Use the ntp-service authentication-keyid command to set the NTP authentication

key.
Use the undo ntp-service authentication-keyid command to remove the set NTP
authentication key.
By default, no NTP authentication key is set.

Caution:

Presently the system supports only the MD5 algorithm for key authentication.

Example

# Set an MD5 authentication key, with the key ID of 10 and key value of “BetterKey”.
<Sysname> system-view
[Sysname] ntp-service authentication-keyid 10 authentication-mode md5
BetterKey

1.1.7 ntp-service broadcast-client

Syntax

ntp-service broadcast-client
undo ntp-service broadcast-client

Huawei Proprietary and Confidential 1-7

Copyright (c) Huawei Technologies Co., Ltd
 Command Manual – NTP
Chapter 1 NTP Configuration Commands Quidway S3500-EA Series Ethernet Switches

View

Interface view

Parameter

None

Description

Use the ntp-service broadcast-client command to configure the device to work in the
NTP broadcast client mode.
Use the undo ntp-service broadcast-client command to remove the device as an
NTP broadcast client.

Example

# Configure the device to work in the broadcast client mode and receive NTP broadcast
messages on VLAN interface 1.
<Sysname> system-view
[Sysname] interface Vlan-interface 1
[Sysname-Vlan-interface1] ntp-service broadcast-client

1.1.8 ntp-service broadcast-server

Syntax

ntp-service broadcast-server [ authentication-keyid keyid | version number ] *

undo ntp-service broadcast-server

View

Interface view

Parameter

authentication-keyid keyid: Specifies the key ID to be used for sending broadcast

messages to broadcast clients, where keyid is in the range of 1 to 4294967295. This
parameter is not meaningful if authentication is not required.
version number: Specifies the NTP version, where number is in the range of 1 to 3 and
defaults to 3.

Description

Use the ntp-service broadcast-server command to configure the device to work in

the NTP broadcast server mode.
Use the undo ntp-service broadcast-server command to remove the device as an
NTP broadcast server.

1-8 Huawei Proprietary and Confidential

Copyright (c) Huawei Technologies Co., Ltd
Command Manual – NTP
Quidway S3500-EA Series Ethernet Switches Chapter 1 NTP Configuration Commands

Example

# Configure the device to work in the broadcast server mode and send NTP broadcast
messages on VLAN interface 1, using key 4 for encryption, and set the NTP version to
3.
<Sysname> system-view
[Sysname] interface Vlan-interface 1
[Sysname-Vlan-interface1] ntp-service broadcast-server authentication-keyid
4 version 3

1.1.9 ntp-service max-dynamic-sessions

Syntax

ntp-service max-dynamic-sessions number

undo ntp-service max-dynamic-sessions

View

System view

Parameter

number: Maximum number of dynamic NTP sessions to be set up, in the range of 0 to
100.

Description

Use the ntp-service max-dynamic-sessions command to set the maximum number

of dynamic NTP sessions.
Use the undo ntp-service max-dynamic-sessions command to restore the
maximum number of dynamic NTP sessions to the system default.
By default, the number is 100.

Example

# Set the maximum number of dynamic NTP sessions to 50.

<Sysname> system-view
[Sysname] ntp-service max-dynamic-sessions 50

1.1.10 ntp-service multicast-client

Syntax

ntp-service multicast-client [ ip-address ]

undo ntp-service multicast-client [ ip-address ]

Huawei Proprietary and Confidential 1-9

Copyright (c) Huawei Technologies Co., Ltd
 Command Manual – NTP
Chapter 1 NTP Configuration Commands Quidway S3500-EA Series Ethernet Switches

View

Interface view

Parameter

ip-address: Multicast IP address, ranging from 224.0.1.0 to 224.0.1.255.

Description

Use the ntp-service multicast-client command to configure the device to work in the
NTP multicast client mode.
Use the undo ntp-service multicast-client command to remove the device as an NTP
multicast client.
The multicast address defaults to 224.0.1.1.

Example

# Configure the device to work in the multicast client mode and receive NTP multicast
messages on VLAN 1, and set the multicast address to 224.0.1.1.
<Sysname> system-view
[Sysname] interface Vlan-interface 1
[Sysname-Vlan-interface1] ntp-service multicast-client 224.0.1.1

1.1.11 ntp-service multicast-server

Syntax

ntp-service multicast-server [ ip-address ] [ authentication-keyid keyid | ttl

ttl-number | version number ] *
undo ntp-service multicast-server [ ip-address ]

View

Interface view

Parameter

ip-address: Multicast IP address, ranging from 224.0.1.0 to 224.0.1.255, defaulting to

224.0.1.1.
authentication-keyid keyid: Specifies the key ID to be used for sending multicast
messages to multicast clients, where keyid is in the range of 1 to 4294967295. This
parameter is not meaningful if authentication is not required.
ttl ttl-number: Specifies the TTL of NTP multicast messages, where ttl-number is in the
range of 1 to 255 and defaults to 16.
version number: Specifies the NTP version, where number is in the range of 1 to 3 and
defaults to 3.

1-10 Huawei Proprietary and Confidential

Copyright (c) Huawei Technologies Co., Ltd
Command Manual – NTP
Quidway S3500-EA Series Ethernet Switches Chapter 1 NTP Configuration Commands

Description

Use the ntp-service multicast-server command to configure the device to work in the
NTP multicast server mode.
Use the undo ntp-service multicast-server command to remove the device as an
NTP multicast server.

Example

# Configure the device to work in the multicast server mode and send NTP multicast
messages on VLAN interface 1 to the multicast address 224.0.1.1, using key 4 for
encryption, and set the NTP version to 3.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] ntp-service multicast-server 224.0.1.1 version 3
authentication-keyid 4

1.1.12 ntp-service reliable authentication-keyid

Syntax

ntp-service reliable authentication-keyid keyid

undo ntp-service reliable authentication-keyid keyid

View

System view

Parameter

keyid: Authentication key number, in the range of 1 to 4294967295.

Description

Use the ntp-service reliable authentication-keyid command to specify that the

created authentication key is a trusted key. When NTP authentication enabled, a client
can be synchronized only to a server that can provide a trusted authentication key.
Use the ntp-service reliable authentication-keyid command to remove an
authentication key as a trusted key.
No authentication key is configured to be trusted by default.

Example

# Enable NTP authentication, specify to use MD5 encryption algorithm, with the key ID
of 37 and key value of “BetterKey”, and specify that this key is a trusted key.
<Sysname> system-view
[Sysname] ntp-service authentication enable

Huawei Proprietary and Confidential 1-11

Copyright (c) Huawei Technologies Co., Ltd
 Command Manual – NTP
Chapter 1 NTP Configuration Commands Quidway S3500-EA Series Ethernet Switches

[Sysname] ntp-service authentication-keyid 37 authentication-mode md5

BetterKey
[Sysname] ntp-service reliable authentication-keyid 37

1.1.13 ntp-service source-interface

Syntax

ntp-service source-interface interface-type interface-number

undo ntp-service source-interface

View

System view

Parameter

interface-type interface-number: Type and number of the interface to be used for

sending NTP messages.

Description

Use the ntp-service source-interface command to specify an interface for sending

NTP messages.
Use the undo ntp-service source-interface command to remove the configured
interface for sending NTP messages.
If you do not wish the IP address of a certain interface on the local device to become the
destination address of response messages, you can use this command to specify a
particular interface for sending all NTP messages, so that the source address in all NTP
messages is the IP address of this interface.

Example

# Specify that all NTP messages are to be sent out from VLAN interface 1.
<Sysname> system-view
[Sysname] ntp-service source-interface vlan-interface 1

1.1.14 ntp-service in-interface disable

Syntax

ntp-service in-interface disable

undo ntp-service in-interface disable

View

Interface view

1-12 Huawei Proprietary and Confidential

Copyright (c) Huawei Technologies Co., Ltd
Command Manual – NTP
Quidway S3500-EA Series Ethernet Switches Chapter 1 NTP Configuration Commands

Parameter

None

Description

Use the ntp-service in-interface disable command to disable an interface from

receiving NTP messages.
Use the undo ntp-service in-interface disable command to enable an interface to
receive NTP messages.
By default, all interfaces are enabled to receive NTP messages.

Example

# Disable VLAN interface 1 from receiving NTP messages.

<Sysname> system-view
[Sysname] interface Vlan-interface 1
[Sysname-Vlan-interface1] ntp-service in-interface disable

1.1.15 ntp-service unicast-peer

Syntax

ntp-service unicast-peer { ip-address | peer-name } [ authentication-keyid keyid |

priority | source-interface interface-type interface-number | version number ] *
undo ntp-service unicast-peer { ip-address | peer-name }

View

System view

Parameter

ip-address: IP address of the symmetric-passive peer. It must be a host address, rather

than a broadcast address, a multicast address or the IP address of the local clock.
peer-name: Host name of the symmetric-passive peer, a string of up to 20 characters.
authentication-keyid keyid: Specifies the key ID to be used for sending NTP
messages to the peer, where keyid is in the range of 1 to 4294967295.
priority: Specifies the peer designated by ip-address or peer-name as the first choice.
source-interface interface-type interface-number: Specifies an interface for sending
NTP messages. In an NTP message the local device sends to its peer, the source IP
address is the IP address of this interface.
version number: Specifies the NTP version, where number is in the range of 1 to 3 and
defaults to 3.

Huawei Proprietary and Confidential 1-13

Copyright (c) Huawei Technologies Co., Ltd
 Command Manual – NTP
Chapter 1 NTP Configuration Commands Quidway S3500-EA Series Ethernet Switches

Description

Use the ntp-service unicast-peer command to designate a symmetric-passive peer

for the device.
Use the undo ntp-service unicast-peer command to remove the symmetric-passive
peer designated for the device.
No symmetric-passive peer is designated for the device by default.

Example

# Designate the device with the IP address of 10.1.1.1 as the symmetric-passive peer
of the device, and configure the device to run NTP version 3, and send NTP messages
through VLAN interface 1.
<Sysname> system-view
[Sysname] ntp-service unicast-peer 10.1.1.1 version 3 source-interface
vlan-interface 1

1.1.16 ntp-service unicast-server

Syntax

ntp-service unicast-server { ip-address | server-name } [ authentication-keyid keyid

| priority | source-interface interface-type interface-number | version number ] *
undo ntp-service unicast-server { ip-address | server-name }

View

System view

Parameter

ip-address: IP address of the NTP server. It must be a host address, rather than a
broadcast address, a multicast address or the IP address of the local clock.
server-name: Host name of the NTP server, a string of up to 20 characters.
authentication-keyid keyid: Specifies the key ID to be used for sending NTP
messages to the NTP server, where keyid is in the range of 1 to 4294967295.
priority: Specifies this NTP server as the first choice.
source-interface interface-type interface-number: Specifies an interface for sending
NTP messages. In an NTP message the local device sends to the NTP server, the
source IP address is the IP address of this interface.
version number: Specifies the NTP version, where number is in the range of 1 to 3 and
defaults to 3.

1-14 Huawei Proprietary and Confidential

Copyright (c) Huawei Technologies Co., Ltd
Command Manual – NTP
Quidway S3500-EA Series Ethernet Switches Chapter 1 NTP Configuration Commands

Description

Use the ntp-service unicast-server command to designate an NTP server for the
device.
Use the undo ntp-service unicast-server command to remove an NTP server
designated for the device.
No NTP server is designated for the device by default.

Note:
The client and server must run the same version of NTP; otherwise, time
synchronization may fail.

Example

# Designate the device with the IP address of as 10.1.1.1 an NTP server for the device.
<Sysname> system-view
[Sysname] ntp-service unicast-server 10.1.1.1 version 3

Huawei Proprietary and Confidential 1-15

Copyright (c) Huawei Technologies Co., Ltd