From: Ramil (Ramil@xxxxxxxxxxx)
Date: Thu Nov 16 2000 - 11:08:03 GMT-3
You guys confused me.
So let me get this straight. Based on your conversations:
1 -- Client(with key) gets the time only from Master(with matching key).
2 -- Client(without key) gets time from anyone running NTP service including
the Master(with key).
3 -- Peer mode? Did I miss something? Can you provide configs?
4 -- Is this on the Documentation CD and can be easily figured out?
Hey Sam? You're up at bat sometime soon, right? I'm going to miss your
posts WHEN you get your numbers! I'd wish you luck but I don't think you'll
need it. Like was there any doubt Jack Heney was going to have any problems
judging from his multitude of posts.>:-[
----- Original Message -----
From: "Sam Munzani" <sam@munzani.com>
To: "Tracy Blackmore" <TracyB@TSLAD.com>
Cc: <ccielab@groupstudy.com>
Sent: Wednesday, November 15, 2000 9:24 AM
Subject: Re: NTP Authentications
> Thanks Tracy,
>
> Now I understand how it works. I always though in order to get time from
> master, client has to authenticate. Otherwise it will not get it's time.
> It's not like that. However in peer mode both peers have to authenticate
in
> order to adjust each other's time.
>
> Regards,
> Sam
>
>
> > Ok, I'll eat some crow! If you have a master coded, it will provide
time
> to
> > any client. When you add in the key values to the client, it will ONLY
> > accept the time from a master (or peer) that has the key as well. In
> normal
> > NTP servers, you can also require that the clients authenticate to the
> > master but it doesn't look like Cisco's implementation has that ability.
> > Sorry for the confusion.
> >
> > The master should read:
> >
> > Ntp authentication
> > Ntp authentication-key 1 md5 keyname
> > Ntp master
> >
> > The client will be:
> >
> > Ntp authentication
> > Ntp authentication-key 1 md5 keyname
> > Ntp server x.x.x.x key 1
> >
> > Tracy W. Blackmore
> > T.S. Lad Consulting
> > 1026 E Stanford Ave.
> > Gilbert, AZ., 85234
> > (480)558-0472
> >
> > -----Original Message-----
> > From: Sam Munzani [mailto:sam@munzani.com]
> > Sent: Tuesday, November 14, 2000 10:51 AM
> > To: Tracy Blackmore
> > Subject: Re: NTP Authentications
> >
> > << File: r6.TXT >> << File: r3.TXT >> << File: r2.TXT >>
> > O.K. Here it comes.
> > R6 is NTP master, I am using authentication on R2 with R6
> > and not using any
> > authentication on R3 to get time from R6.
> >
> > R3 still gets time without any authentication keys.
> >
> > Sam
> > ----- Original Message -----
> > From: "Tracy Blackmore" <TracyB@TSLAD.com>
> > To: "'Sam Munzani'" <sam@munzani.com>
> > Sent: Monday, November 13, 2000 4:01 AM
> > Subject: RE: NTP Authentications
> >
> >
> > > Without seeing your config, it's hard to say. If you have
> > the following,
> > it
> > > should work (I have 11.2(23)).
> > >
> > > NTP AUTHENTICATE
> > > NTP AUTHENTICATION-KEY xx MD5 key
> > > NTP TRUSTED-KEY xx
> > >
> > > Once I configured the client, I had to reload it but it
> > didn't work
> > without
> > > the lines above.
> > >
> > > -----Original Message-----
> > > From: Sam Munzani [mailto:sam@munzani.com]
> > > Sent: Monday, November 13, 2000 2:18 PM
> > > To: ccielab@groupstudy.com
> > > Subject: NTP Authentications
> > >
> > >
> > > Hi Guys,
> > >
> > > This is discussed on group so many time but there is no
> > definate answer on
> > > archives.
> > >
> > > 1. NTP master serves time to authenticated clients only.
> > All non
> > > authenticated clients should not get time from master.
> > >
> > > I tried and it gets time even if you have wrong
> > authentication key on
> > > client. Any catch in this one?
> > >
> > > Sam
>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:25:45 GMT-3