H3C S5500-EI Series Command Manual

H3C
Brand
H3C
Model
S5500-EI Series
Type
Command Manual
Command Manual – NTP
H3C S5500-EI Series Ethernet Switches Table of Contents
i
Table of Contents
Chapter 1 NTP Configuration Commands..................................................................................1-1
1.1 NTP Configuration Commands.......................................................................................... 1-1
1.1.1 display ntp-service sessions ................................................................................... 1-1
1.1.2 display ntp-service status........................................................................................ 1-3
1.1.3 display ntp-service trace ......................................................................................... 1-4
1.1.4 ntp-service access .................................................................................................. 1-5
1.1.5 ntp-service authentication enable ........................................................................... 1-6
1.1.6 ntp-service authentication-keyid.............................................................................. 1-7
1.1.7 ntp-service broadcast-client .................................................................................... 1-8
1.1.8 ntp-service broadcast-server................................................................................... 1-9
1.1.9 ntp-service in-interface disable ............................................................................... 1-9
1.1.10 ntp-service max-dynamic-sessions ..................................................................... 1-10
1.1.11 ntp-service multicast-client.................................................................................. 1-11
1.1.12 ntp-service multicast-server ................................................................................ 1-11
1.1.13 ntp-service reliable authentication-keyid............................................................. 1-12
1.1.14 ntp-service source-interface................................................................................ 1-13
1.1.15 ntp-service unicast-peer...................................................................................... 1-14
1.1.16 ntp-service unicast-server ................................................................................... 1-15
Command Manual – NTP
H3C S5500-EI Series Ethernet Switches Chapter 1 NTP Configuration Commands
1-1
Chapter 1 NTP Configuration Commands
Note:
The local clock of an S5500-EI Ethernet switch cannot be set as a reference clock. It
can serve as a reference clock source to synchronize the clock of other devices only
after it is synchronized.
1.1 NTP Configuration Commands
1.1.1 display ntp-service sessions
Syntax
display ntp-service sessions [ verbose ]
View
Any view
Parameters
verbose: Displays the detailed information of all NTP sessions.
Description
Use the display ntp-service sessions command to view the information of all NTP
sessions. Without the verbose keyword, this command will display only the brief
information of all NTP service sessions.
Examples
# View the brief information of NTP service sessions.
<Sysname> display ntp-service sessions
source reference stra reach poll now offset delay disper
**************************************************************************
[12345]192.168.0.28 127.127.1.0 2 1 64 1 31.1 9.0 0.0
note: 1 source(master),2 source(peer),3 selected,4 candidate,5 configured
Total associations : 1
Command Manual – NTP
H3C S5500-EI Series Ethernet Switches Chapter 1 NTP Configuration Commands
1-2
Table 1-1 Description on the fields of the display ntp-service sessions command
Field Description
source IP address of the clock source
reference
Reference clock ID of the clock source
1) If the reference clock is the local clock, the value of this field is
related to the value of the stra field:
z When the value of the stra field is 0 or 1, this field will be
“LOCL”;
z When the stra field has another value, this filed will be the IP
address of the local clock
2) If the reference clock is the clock of another device on the
network, the value of this field will be the IP address of that
device.
stra Stratum level of the clock source
reach
Reachability count of the clock source. 0 indicates that the clock
source in unreachable
poll
Poll interval, namely the maximum interval between successive
NTP messages.
now
The length of time in minutes from when the last NTP message was
received or when the local clock was last updated to the current time
The time is in second by default. If the time length is greater than
2048 seconds, it is displayed in minute; if greater than 300 minutes,
in hour; if greater than 96 hours, in day.
offset
The offset of the system clock relative to the reference clock, in
milliseconds
delay
the roundtrip delay from the local device to the clock source, in
milliseconds
disper
The maximum error of the system clock relative to the reference
source.
[12345]
1: Clock source selected by the system, namely the current
reference source, with a system clock stratum level of 15
2: Stratum level of this system source is 15
3: This clock source has passed the clock selection process
4: This clock source is a candidate clock source
5: This clock source was created by a configuration command
Total
associations
Total number of associations
Command Manual – NTP
H3C S5500-EI Series Ethernet Switches Chapter 1 NTP Configuration Commands
1-3
Note:
When a device is working in the NTP broadcast/multicast server mode, the display
ntp-service sessions command executed on the device will not display the NTP
session information corresponding to the broadcast/multicast server, but the sessions
will be counted in the total number of associations.
1.1.2 display ntp-service status
Syntax
display ntp-service status
View
Any view
Parameters
None
Description
Use the display ntp-service status command to view the NTP service status
information.
Examples
# View the NTP service status information.
<Sysname> display ntp-service status
Clock status: unsynchronized
Clock stratum: 16
Reference clock ID: none
Nominal frequency: 100.0000 Hz
Actual frequency: 100.0000 Hz
Clock precision: 2^18
Clock offset: 0.0000 ms
Root delay: 0.00 ms
Root dispersion: 0.00 ms
Peer dispersion: 0.00 ms
Reference time: 00:00:00.000 UTC Jan 1 1900(00000000.00000000)
Command Manual – NTP
H3C S5500-EI Series Ethernet Switches Chapter 1 NTP Configuration Commands
1-4
Table 1-2 Description on the fields of the display ntp-service status command
Field Description
Clock status Status of the system clock
Clock stratum Stratum level of the local clock
Reference clock
ID
After the system clock is synchronized to a remote time server
or a local reference source, this field indicates the address of
the remote time server or the identifier of the local clock source:
z When the local clock has a stratum level of 1, the value of
this field is “LOCL”;
z When the local clock has another value, the value of this
filed is the IP address of the local clock).
Nominal
frequency
The nominal frequency of the local system hardware clock
Actual frequency The actual frequency of the local system hardware clock
Clock precision The precision of the system clock
Clock offset The offset of the system clock relative to the reference source
Root delay
The roundtrip delay from the local device to the primary
reference source
Root dispersion
The maximum error of the system clock relative to the primary
reference source
Peer dispersion
The maximum error of the system clock relative to the reference
source
Reference time Reference timestamp
1.1.3 display ntp-service trace
Syntax
display ntp-service trace
View
Any view
Parameters
None
Description
Use the display ntp-service trace command view the brief information of each NTP
server along the NTP server chain from the local device back to the primary reference
source.
Command Manual – NTP
H3C S5500-EI Series Ethernet Switches Chapter 1 NTP Configuration Commands
1-5
The display ntp-service trace command is available only if the local device can ping
through all the devices on the NTP server chain; otherwise, this command will fail to
display all the NTP servers on the NTP chain due to timeout.
Examples
# View the brief information of each NTP server from the local device back to the
primary reference source.
<Sysname> display ntp-service trace
server 127.0.0.1,stratum 2, offset -0.013500, synch distance 0.03154
server 133.1.1.1,stratum 1, offset -0.506500, synch distance 0.03429
refid LOCL
The information above shows an NTP server chain for the server 127.0.0.1: The server
127.0.0.1 is synchronized to the server 133.1.1.1, and the server 133.1.1.1 is
synchronized to the local clock source.
Table 1-3 Description on the fields of the display ntp-service trace command
Field Description
server IP address of the NTP server
stratum The stratum level of the corresponding system clock
offset The clock offset relative to the upper-level clock
synch distance The synchronization distance relative to the upper-level clock
refid
Identifier of the primary reference source. When the stratum level
of the primary reference clock is 0, it is displayed as LOCL;
otherwise, it is displayed as the IP address of the primary
reference clock.
1.1.4 ntp-service access
Syntax
ntp-service access { peer | query | server | synchronization } acl-number
undo ntp-service access { peer | query | server | synchronization }
View
System view
Parameters
peer: Specifies to permit full access.
query: Specifies to permit control query.
server: Specifies to permit server access and query.
Command Manual – NTP
H3C S5500-EI Series Ethernet Switches Chapter 1 NTP Configuration Commands
1-6
synchronization: Specifies to permit server access only.
acl-number: Basic ACL number, in the range of 2000 to 2999
Description
Use the ntp-service access command to configure the NTP service access-control
right to the local device.
Use the undo ntp-service access command to remove the configured NTP service
access-control right to the local device.
By default, the local NTP service access-control right is set to peer.
From the highest NTP service access-control right to the lowest one are peer, server,
synchronization, and query. When a device receives an NTP request, it will perform
an access-control right match and will use the first matched right.
Note:
z The ntp-service access command provides only a minimum degree of security
protection. A more secure method is identity authentication.
z Before specifying an ACL number in the ntp-service access command, make sure
you have already created and configured this ACL.
Examples
# Configure devices on the subnet 10.10.0.0/16 to have the full access right to the local
device.
<Sysname> system-view
[Sysname] acl number 2001
[Sysname-acl-basic-2001] rule permit source 10.10.0.0 0.0.255.255
[Sysname-acl-basic-2001] quit
[Sysname] ntp-service access peer 2001
1.1.5 ntp-service authentication enable
Syntax
ntp-service authentication enable
undo ntp-service authentication enable
View
System view
Command Manual – NTP
H3C S5500-EI Series Ethernet Switches Chapter 1 NTP Configuration Commands
1-7
Parameters
None
Description
Use the ntp-service authentication enable command to enable NTP authentication.
Use the undo ntp-service authentication enable command to disable NTP
authentication.
By default, NTP authentication is disabled.
Examples
# Enable NTP authentication.
<Sysname> system-view
[Sysname] ntp-service authentication enable
1.1.6 ntp-service authentication-keyid
Syntax
ntp-service authentication-keyid keyid authentication-mode md5 value
undo ntp-service authentication-keyid keyid
View
System view
Parameters
keyid: Authentication key ID, in the range of 1 to 4294967295.
authentication-mode md5 value: Specifies to use the MD5 algorithm for key
authentication, where value represents authentication key and is a string of 1 to 32
characters.
Description
Use the ntp-service authentication-keyid command to set the NTP authentication
key.
Use the undo ntp-service authentication-keyid command to remove the set NTP
authentication key.
By default, no NTP authentication key is set.
Command Manual – NTP
H3C S5500-EI Series Ethernet Switches Chapter 1 NTP Configuration Commands
1-8
Caution:
z Presently the system supports only the MD5 algorithm for key authentication.
z You can set a maximum of 1,024 keys for each device.
z If an NTP authentication key is specified as a trusted key, the key automatically
changes to not trusted after you delete the key. In this case, you do not need to
execute the undo ntp-service reliable authentication-keyid command.
Examples
# Set an MD5 authentication key, with the key ID of 10 and key value of BetterKey.
<Sysname> system-view
[Sysname] ntp-service authentication-keyid 10 authentication-mode md5
BetterKey
1.1.7 ntp-service broadcast-client
Syntax
ntp-service broadcast-client
undo ntp-service broadcast-client
View
VLAN interface view
Parameters
None
Description
Use the ntp-service broadcast-client command to configure the device to work in the
NTP broadcast client mode.
Use the undo ntp-service broadcast-client command to remove the device as an
NTP broadcast client.
Examples
# Configure the device to work in the broadcast client mode and receive NTP broadcast
messages on VLAN-interface 1.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] ntp-service broadcast-client
Command Manual – NTP
H3C S5500-EI Series Ethernet Switches Chapter 1 NTP Configuration Commands
1-9
1.1.8 ntp-service broadcast-server
Syntax
ntp-service broadcast-server [ authentication-keyid keyid | version number ] *
undo ntp-service broadcast-server
View
VLAN interface view
Parameters
authentication-keyid keyid: Specifies the key ID to be used for sending broadcast
messages to broadcast clients, where keyid is in the range of 1 to 4294967295. This
parameter is not meaningful if authentication is not required.
version number: Specifies the NTP version, where number is in the range of 1 to 3 and
defaults to 3.
Description
Use the ntp-service broadcast-server command to configure the device to work in
the NTP broadcast server mode.
Use the undo ntp-service broadcast-server command to remove the device as an
NTP broadcast server.
Examples
# Configure the device to work in the broadcast server mode and send NTP broadcast
messages on VLAN-interface 1, using key 4 for encryption, and set the NTP version to
3.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] ntp-service broadcast-server authentication-keyid
4 version 3
1.1.9 ntp-service in-interface disable
Syntax
ntp-service in-interface disable
undo ntp-service in-interface disable
View
VLAN interface view
Command Manual – NTP
H3C S5500-EI Series Ethernet Switches Chapter 1 NTP Configuration Commands
1-10
Parameters
None
Description
Use the ntp-service in-interface disable command to disable an interface from
receiving NTP messages.
Use the undo ntp-service in-interface disable command to restore the default.
By default, all interfaces are enabled to receive NTP messages.
Examples
# Disable VLAN-interface 1 from receiving NTP messages.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] ntp-service in-interface disable
1.1.10 ntp-service max-dynamic-sessions
Syntax
ntp-service max-dynamic-sessions number
undo ntp-service max-dynamic-sessions
View
System view
Parameters
number: Maximum number of dynamic NTP sessions that allowed to be established, in
the range of 0 to 100.
Description
Use the ntp-service max-dynamic-sessions command to set the maximum number
of dynamic NTP sessions that allowed to be established locally.
Use the undo ntp-service max-dynamic-sessions command to restore the
maximum number of dynamic NTP sessions to the system default.
By default, the number is 100.
Examples
# Set the maximum number of dynamic NTP sessions allowed to be established to 50.
<Sysname> system-view
[Sysname] ntp-service max-dynamic-sessions 50
Command Manual – NTP
H3C S5500-EI Series Ethernet Switches Chapter 1 NTP Configuration Commands
1-11
1.1.11 ntp-service multicast-client
Syntax
ntp-service multicast-client [ ip-address ]
undo ntp-service multicast-client [ ip-address ]
View
VLAN interface view
Parameters
ip-address: Multicast IP address, defaulting to 224.0.1.1. The value ranges from
224.0.1.0 to 224.0.1.255.
Description
Use the ntp-service multicast-client command to configure the device to work in the
NTP multicast client mode.
Use the undo ntp-service multicast-client command to remove the device as an NTP
multicast client.
Examples
# Configure the device to work in the multicast client mode and receive NTP multicast
messages on VLAN 1, and set the multicast address to 224.0.1.1.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] ntp-service multicast-client 224.0.1.1
1.1.12 ntp-service multicast-server
Syntax
ntp-service multicast-server [ ip-address ] [ authentication-keyid keyid | ttl
ttl-number | version number ] *
undo ntp-service multicast-server [ ip-address ]
View
VLAN interface view
Parameters
ip-address: Multicast IP address, defaulting to 224.0.1.1. The value ranges from
224.0.1.0 to 224.0.1.255.
Command Manual – NTP
H3C S5500-EI Series Ethernet Switches Chapter 1 NTP Configuration Commands
1-12
authentication-keyid keyid: Specifies the key ID to be used for sending multicast
messages to multicast clients, where keyid is in the range of 1 to 4294967295. This
parameter is not meaningful if authentication is not required.
ttl ttl-number: Specifies the TTL of NTP multicast messages, where ttl-number is in the
range of 1 to 255 and defaults to 16.
version number: Specifies the NTP version, where number is in the range of 1 to 3 and
defaults to 3.
Description
Use the ntp-service multicast-server command to configure the device to work in the
NTP multicast server mode.
Use the undo ntp-service multicast-server command to remove the device as an
NTP multicast server.
Examples
# Configure the device to work in the multicast server mode and send NTP multicast
messages on VLAN-interface 1 to the multicast address 224.0.1.1, using key 4 for
encryption, and set the NTP version to 3.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] ntp-service multicast-server 224.0.1.1 version 3
authentication-keyid 4
1.1.13 ntp-service reliable authentication-keyid
Syntax
ntp-service reliable authentication-keyid keyid
undo ntp-service reliable authentication-keyid keyid
View
System view
Parameters
keyid: Authentication key number, in the range of 1 to 4294967295.
Description
Use the ntp-service reliable authentication-keyid command to specify that the
created authentication key is a trusted key. When NTP authentication enabled, a client
can be synchronized only to a server that can provide a trusted authentication key.
Use the ntp-service reliable authentication-keyid command to remove an
authentication key as a trusted key.
Command Manual – NTP
H3C S5500-EI Series Ethernet Switches Chapter 1 NTP Configuration Commands
1-13
No authentication key is configured to be trusted by default.
Examples
# Enable NTP authentication, specify to use MD5 encryption algorithm, with the key ID
of 37 and key value of BetterKey, and specify that this key is a trusted key.
<Sysname> system-view
[Sysname] ntp-service authentication enable
[Sysname] ntp-service authentication-keyid 37 authentication-mode md5
BetterKey
[Sysname] ntp-service reliable authentication-keyid 37
1.1.14 ntp-service source-interface
Syntax
ntp-service source-interface interface-type interface-number
undo ntp-service source-interface
View
System view
Parameters
interface-type interface-number: Specifies an interface by its interface type and
interface number.
Description
Use the ntp-service source-interface command to specify an interface for sending
NTP messages.
Use the undo ntp-service source-interface command to remove the configured
interface for sending NTP messages.
If you do not wish the IP address of a certain interface on the local device to become the
destination address of response messages, you can use this command to specify a
particular interface for sending all NTP messages, so that the source address in all NTP
messages is the primary IP address of this interface.
Examples
# Specify that all NTP messages are to be sent out from VLAN-interface 1.
<Sysname> system-view
[Sysname] ntp-service source-interface vlan-interface 1
Command Manual – NTP
H3C S5500-EI Series Ethernet Switches Chapter 1 NTP Configuration Commands
1-14
1.1.15 ntp-service unicast-peer
Syntax
ntp-service unicast-peer { ip-address | peer-name } [ authentication-keyid keyid |
priority | source-interface interface-type interface-number | version number ] *
undo ntp-service unicast-peer { ip-address | peer-name }
View
System view
Parameters
ip-address: IP address of the symmetric-passive peer. It must be a host address, rather
than a broadcast address, a multicast address or the IP address of the local clock.
peer-name: Host name of the symmetric-passive peer, a string of 1 to 20 characters.
authentication-keyid keyid: Specifies the key ID to be used for sending NTP
messages to the peer, where keyid is in the range of 1 to 4294967295.
priority: Specifies the peer designated by ip-address or peer-name as the first choice
under the same condition.
source-interface interface-type interface-number: Specifies an interface for sending
NTP messages. In an NTP message the local device sends to its peer, the source IP
address is the primary IP address of this interface. interface-type interface-number
represents the interface type and number.
version number: Specifies the NTP version, where number is in the range of 1 to 3 and
defaults to 3.
Description
Use the ntp-service unicast-peer command to designate a symmetric-passive peer
for the device.
Use the undo ntp-service unicast-peer command to remove the symmetric-passive
peer designated for the device.
No symmetric-passive peer is designated for the device by default.
Examples
# Designate the device with the IP address of 10.1.1.1 as the symmetric-passive peer
of the device, and configure the device to run NTP version 3, and send NTP messages
through VLAN-interface 1.
<Sysname> system-view
[Sysname] ntp-service unicast-peer 10.1.1.1 version 3 source-interface
vlan-interface 1
Command Manual – NTP
H3C S5500-EI Series Ethernet Switches Chapter 1 NTP Configuration Commands
1-15
1.1.16 ntp-service unicast-server
Syntax
ntp-service unicast-server { ip-address | server-name } [ authentication-keyid keyid
| priority | source-interface interface-type interface-number | version number ] *
undo ntp-service unicast-server { ip-address | server-name }
View
System view
Parameters
ip-address: IP address of the NTP server. It must be a host address, rather than a
broadcast address, a multicast address or the IP address of the local clock.
server-name: Host name of the NTP server, a string of 1 to 20 characters.
authentication-keyid keyid: Specifies the key ID to be used for sending NTP
messages to the NTP server, where keyid is in the range of 1 to 4294967295.
priority: Specifies this NTP server as the first choice under the same condition.
source-interface interface-type interface-number: Specifies an interface for sending
NTP messages. In an NTP message the local device sends to the NTP server, the
source IP address is the primary IP address of this interface. interface-type
interface-number represents the interface type and number.
version number: Specifies the NTP version, where number is in the range of 1 to 3 and
defaults to 3.
Description
Use the ntp-service unicast-server command to designate an NTP server for the
device.
Use the undo ntp-service unicast-server command to remove an NTP server
designated for the device.
No NTP server is designated for the device by default.
Examples
# Designate the device with the IP address of as 10.1.1.1 an NTP server for the device.
<Sysname> system-view
[Sysname] ntp-service unicast-server 10.1.1.1 version 3
  • Page 1 1
  • Page 2 2
  • Page 3 3
  • Page 4 4
  • Page 5 5
  • Page 6 6
  • Page 7 7
  • Page 8 8
  • Page 9 9
  • Page 10 10
  • Page 11 11
  • Page 12 12
  • Page 13 13
  • Page 14 14
  • Page 15 15
  • Page 16 16

H3C S5500-EI Series Command Manual

H3C
Brand
H3C
Model
S5500-EI Series
Type
Command Manual
Download PDF
report

Ask a question and I''ll find the answer in the document

Finding information in a document is now easier with AI

Related papers

Other documents