Implementing NTP on Cisco IOS XR Software
Configuration Examples for Implementing NTP on Cisco IOS XR Software
SMC-189
Cisco IOS XR System Management Configuration Guide
Configuring NTP Access Groups: Example
The following example shows a NTP access group configuration where the following access group
restrictions are applied:
• Peer restrictions are applied to IP addresses that pass the criteria of the access list named peer-acl.
• Serve restrictions are applied to IP addresses that pass the criteria of access list named serve-acl.
• Serve-only restrictions are applied to IP addresses that pass the criteria of the access list named
serve-only-acl.
• Query-only restrictions are applied to IP addresses that pass the criteria of the access list named
query-only-acl.
!
ntp
peer 10.1.1.1
peer 10.2.2.2
peer 10.3.3.3
peer 10.4.4.4
peer 10.5.5.5
peer 10.6.6.6
peer 10.7.7.7
peer 10.8.8.8
access-group peer peer-acl
access-group serve serve-acl
access-group serve-only serve-only-acl
access-group query-only query-only-acl
!
ipv4 access-list peer-acl
10 permit ip host 10.1.1.1 any
20 permit ip host 10.8.8.8 any
!
ipv4 access-list serve-acl
10 permit ip host 10.4.4.4 any
20 permit ip host 10.5.5.5 any
!
ipv4 access-list query-only-acl
10 permit ip host 10.2.2.2 any
20 permit ip host 10.3.3.3 any
!
ipv4 access-list serve-only-acl
10 permit ip host 10.6.6.6 any
20 permit ip host 10.7.7.7 any
!
Configuring NTP Authentication: Example
The following example shows an NTP authentication configuration. In this example, the following is
configured:
• NTP authentication is enabled.
• Two authentication keys are configured (key 2 and key 3).
• The router is configured to allow its software clock to be synchronized with the clock of the peer (or
vice versa) at IP address 10.3.32.154 using authentication key 2.
• The router is configured to allow its software clock to be synchronized with the clock by the device
at IP address 10.32.154.145 using authentication key 3.
