mirror of
https://gitlab.com/netravnen/NetworkLabNotes.git
synced 2024-12-23 20:57:53 +00:00
ntp.tex
This commit is contained in:
parent
a25f5b021c
commit
80403e1531
|
@ -61,9 +61,10 @@ A select number of Cisco switches support synchronization with the hardware cloc
|
|||
access-list 20 remark Hosts/Networks we allow to get time from us
|
||||
access-list 20 permit 192.0.2.0 0.0.0.255
|
||||
access-list 20 deny any
|
||||
|
||||
\end{cisco}
|
||||
|
||||
\textbf{Beware} when running a cisco node as \gls{ntp} master and are using access-list to restrict possible clients/peers. You need to allow 127.127.[0-255].1 in the access-list\footnote{The 3rd octet will vary depending on the node.}. This because the master NTP node in the network uses this \gls{ipv4} address as internal master.
|
||||
|
||||
\section{Secure NTP}
|
||||
|
||||
\subsection{Characteristics}
|
||||
|
@ -92,5 +93,5 @@ Generally today \gls{ntp}v3 or v4 is found. The difference to v4 \textit{(amongs
|
|||
\item support for \gls{ipv6}.
|
||||
\item The security in the protocol is upped to with support for X509 certs.
|
||||
\item Automatic calculation of time-distribution\footnote{to archive high time accuracy against lowest bandwidth cost} in a network based upon specific multicast groups leveraging v6 site-local multicast addresses.
|
||||
\item \cliline{network-node(config)# ntp-server \textit{\gls{ipv6}-addr} version 4}
|
||||
\end{itemize}
|
||||
|
||||
|
|
Loading…
Reference in a new issue