How to filter NTP Client in NTP Master ?
假設R1為NTP Server,只開放給R2,R3當成NTP Client,同時設定密碼為CISCO,R1,R2,R3皆使用loopback interface當source去進行NTP synchronization:
R1
R2
R3
R1
interface loopback 0
ip address 1.1.1.1 255.255.255.255
!
access-list 1 permit 2.2.2.2 0.0.0.0
access-list 1 permit 3.3.3.3 0.0.0.0
!
ntp source loopback0
ntp master
ntp authentication-key 1 md5 CISCO
ntp access-group peer 1
R2
interface loopback 0
ip address 2.2.2.2 255.255.255.255
!
ntp source loopback0
ntp authentication-key 1 md5 CISCO
ntp authenticate
ntp trust-key 1
ntp server 1.1.1.1 key 1
R3
interface loopback 0
ip address 3.3.3.3 255.255.255.255
!
ntp source loopback0
ntp authentication-key 1 md5 CISCO
ntp authenticate
ntp trust-key 1
ntp server 1.1.1.1 key 1
Comments