Home » HP Manuals » Servers » HP 6125G » Manual Viewer

HP 6125G HP 6125G & 6125G/XG Blade Switches Network Management and Mon - Page 27

Configuration prerequisites, Configuring NTP authentication

Add to My Manuals
Save this manual to your list of manuals

Page 27 highlights

Configuration prerequisites Before you configure the NTP service access-control right to the local device, create and configure an ACL associated with the access-control right. For more information about ACLs, see ACL and QoS Configuration Guide. Configuration procedure To configure the NTP service access-control right to the local device: Step Command Remarks 1. Enter system view. system-view N/A 2. Configure the NTP service access-control right for a peer device to access the local device. ntp-service access { peer | query | server | synchronization } acl-number The default is peer. Configuring NTP authentication Enable NTP authentication for a system running NTP in a network where there is a high security demand. NTP authentication enhances network security by using client-server key authentication, which prohibits a client from synchronizing with a device that fails authentication. To configure NTP authentication, do the following: • Enable NTP authentication • Configure an authentication key • Configure the key as a trusted key • Associate the specified key with an NTP server or a symmetric peer These tasks are required. If any task is omitted, NTP authentication cannot function. Configuring NTP authentication in client/server mode Follow these instructions to configure NTP authentication in client/server mode: • A client can synchronize to the server only when you configure all the required tasks on both the client and server. • On the client, if NTP authentication is not enabled or no key is specified to associate with the NTP server, the client is not authenticated. No matter whether NTP authentication is enabled or not on the server, the clock synchronization between the server and client can be performed. • On the client, if NTP authentication is enabled and a key is specified to associate with the NTP server, but the key is not a trusted key, the client does not synchronize to the server no matter whether NTP authentication is enabled or not on the server. Configuring NTP authentication for client Step 1. Enter system view. Command system-view Remarks N/A 20

Section	Page
Title Page	1
Network Management and Monitoring Configuration Guide	3
Using ping, tracert, and system debugging	8
Ping	8
Using a ping command to test network connectivity	8
Ping example	8
Network requirements	8
Test procedure	9
Tracert	10
Prerequisites	11
Using a tracert command to identify failed or all nodes in a path	12
System debugging	12
Debugging information control switches	12
Debugging a feature module	13
Ping and tracert example	14
Network requirements	14
Test procedure	14
Configuring NTP	16
Overview	16
NTP application	16
NTP advantages	16
How NTP works	16
NTP message format	17
Operation modes	19
Client/server mode	19
Symmetric peers mode	20
Broadcast mode	20
Multicast mode	21
NTP configuration task list	21
Configuring NTP operation modes	21
Configuring the client/server mode	22
Configuring the symmetric peers mode	22
Configuring the broadcast mode	23
Configuring a broadcast client	23
Configuring the broadcast server	23
Configuring the multicast mode	24
Configuring a multicast client	24
Configuring the multicast server	24
Configuring optional parameters	24
Specifying the source interface for NTP messages	24
Configuration guidelines	25
Configuration procedure	25
Disabling an interface from receiving NTP messages	25
Configuring the allowed maximum number of dynamic sessions	25
Configuring the DSCP value for NTP messages	26
Configuring access-control rights	26
Configuration prerequisites	27
Configuration procedure	27
Configuring NTP authentication	27
Configuring NTP authentication in client/server mode	27
Configuring NTP authentication for client	27
Configuring NTP authentication for a server	28
Displaying and maintaining NTP	28
NTP configuration examples	29
Configuring the client/server mode	29
Network requirements	29
Configuration procedure	29
Configuring the NTP symmetric mode	30
Network requirements	30
Configuration procedure	30
Configuring NTP broadcast mode	32
Network requirements	32
Configuration procedure	32
Configuring NTP multicast mode	33
Network requirements	33
Configuration procedure	34
Configuring NTP client/server mode with authentication	35
Network requirements	35
Configuration procedure	36
Configuring NTP broadcast mode with authentication	37
Network requirements	37
Configuration procedure	37
Configuring the information center	41
Overview	41
Classification of system information	42
System information levels	42
Output channels and destinations	42
Outputting system information by source module	43
Default output rules of system information	43
System information format	44
Formats	44
PRI (priority)	45
timestamp	45
Sysname (host name or host IP address)	46
%% (vendor ID)	46
vv	46
module	46
level (severity)	46
digest	46
serial number	46
source	46
content	47
Information center configuration task list	47
Outputting system information to the console	47
Configuring a system information output rule for the console	47
Enabling system information output to the console	48
Outputting system information to the monitor terminal	48
Configuring a system information output rule for the monitor terminal	48
Enabling system information output to the monitor terminal	49
Outputting system information to a log host	49
Outputting system information to the trap buffer	50
Outputting system information to the log buffer	51
Outputting system information to the SNMP module	51
Outputting system information to the Web interface	52
Configuring synchronous information output	53
Disabling an interface from generating link up/down logging information	53
Displaying and maintaining information center	54
Information center configuration examples	54
Outputting log information to a UNIX log host	54
Network requirements	54
Configuration procedure	55
Outputting log information to a Linux log host	56
Network requirements	56
Configuration procedure	56
Outputting log information to the console	57
Network requirements	57
Configuration procedure	57
Configuring SNMP	59
Overview	59
SNMP framework	59
MIB and view-based MIB access control	59
SNMP operations	60
SNMP protocol versions	60
SNMP configuration task list	60
Configuring SNMP basic parameters	60
Configuring SNMPv3 basic parameters	60
Configuring SNMPv1 or SNMPv2c basic parameters	62
Switching the NM-specific interface index format	64
Configuration guidelines	64
Configuration procedure	64
Configuring SNMP logging	65
Configuring SNMP traps	65
Enabling SNMP traps	65
Configuring the SNMP agent to send traps to a host	66
Displaying and maintaining SNMP	67
SNMP configuration examples	68
SNMPv1/SNMPv2c configuration example	68
Network requirements	68
Configuration procedure	68
SNMPv3 configuration example	69
Network requirements	69
Configuration procedure	70
SNMP logging configuration example	71
Network requirements	71
Configuration procedure	71
Configuring RMON	73
Overview	73
Working mechanism	73
RMON groups	73
Ethernet statistics group	73
History group	74
Event group	74
Alarm group	74
Private alarm group	75
Configuring the RMON statistics function	75
Configuring the RMON Ethernet statistics function	75
Configuring the RMON history statistics function	75
Configuring the RMON alarm function	76
Displaying and maintaining RMON	77
Ethernet statistics group configuration example	78
Network requirements	78
Configuration procedure	78
History group configuration example	78
Network requirements	78
Configuration procedure	79
Alarm group configuration example	80
Network requirements	80
Configuration procedure	81
Configuring port mirroring	83
Introduction to port mirroring	83
Terminologies of port mirroring	83
Mirroring source	83
Mirroring destination	83
Mirroring direction	83
Mirroring group	83
Egress port, and remote probe VLAN	83
Port mirroring classification and implementation	84
Local port mirroring	84
Remote port mirroring	84
Configuring local port mirroring	86
Local port mirroring configuration task list	86
Creating a local mirroring group	86
Configuring source ports for the local mirroring group	86
Configuration restrictions and guidelines	86
Configuring source ports in system view	86
Configuring a source port in interface view	86
Configuring the monitor port for the local mirroring group	87
Configuration restrictions and guidelines	87
Configuring the monitor port in system view	87
Configuring the monitor port in interface view	87
Configuring Layer 2 remote port mirroring	88
Layer 2 remote port mirroring configuration task list	88
Configuring a remote source group (on the source device)	88
Creating a remote source group	88
Configuring source ports for the remote source group	89
Configuring the egress port for the remote source group	89
Configuring the remote probe VLAN for the remote source group	90
Configuring a remote destination group (on the destination device)	90
Creating a remote destination group	90
Configuring the monitor port for the remote destination group	91
Configuring the remote probe VLAN for the remote destination group	91
Assigning the monitor port to the remote probe VLAN	92
Displaying and maintaining port mirroring	92
Port mirroring configuration examples	92
Local port mirroring configuration example	92
Network requirements	92
Configuration procedure	93
Layer 2 remote port mirroring configuration example	94
Network requirements	94
Configuration procedure	94
Configuring traffic mirroring	97
Introduction to traffic mirroring	97
Traffic mirroring configuration task list	97
Configuring match criteria	97
Configuring traffic mirroring of different types	98
Mirroring traffic to a port	98
Mirroring traffic to the CPU	98
Configuring a QoS policy	98
Applying a QoS policy	99
Apply a QoS policy to a port	99
Apply a QoS policy to a VLAN	99
Apply a QoS policy globally	99
Displaying and maintaining traffic mirroring	100
Traffic mirroring configuration example	100
Traffic mirroring configuration example	100
Network requirements	100
Configuration procedure	101
Configuring NQA	103
Overview	103
NQA features	103
Supporting multiple test types	103
Supporting the collaboration function	103
Supporting threshold monitoring	104
NQA concepts	105
Test group	105
Test and probe	105
NQA client and server	106
NQA probe operation procedure	106
NQA configuration task list	106
Configuring the NQA server	107
Enabling the NQA client	107
Creating an NQA test group	108
Configuring an NQA test group	108
Configuring ICMP echo tests	108
Configuring DHCP tests	109
Configuring DNS tests	110
Configuring FTP tests	110
Configuring HTTP tests	112
Configuring UDP jitter tests	112
Configuration prerequisites	113
Configuration procedure	113
Configuring SNMP tests	114
Configuring TCP tests	115
Configuring UDP echo tests	116
Configuring voice tests	116
Configuration prerequisites	117
Configuration procedure	117
Configuring DLSw tests	118
Configuring the collaboration function	119
Configuring threshold monitoring	120
Configuration prerequisites	120
Configuration guidelines	120
Configuration procedure	120
Configuring the NQA statistics collection function	122
Configuring the history records saving function	122
Configuring optional parameters for an NQA test group	123
Configuring a schedule for an NQA test group	124
Configuration prerequisites	124
Configuration guidelines	125
Configuration procedure	125
Displaying and maintaining NQA	125
NQA configuration examples	126
ICMP echo test configuration example	126
Network requirements	126
Configuration procedure	126
DHCP test configuration example	127
Network requirements	127
Configuration procedure	128
DNS test configuration example	129
Network requirements	129
Configuration procedure	129
FTP test configuration example	130
Network requirements	130
Configuration procedure	130
HTTP test configuration example	131
Network requirements	131
Configuration procedure	131
UDP jitter test configuration example	132
Network requirements	132
Configuration procedure	133
SNMP test configuration example	135
Network requirements	135
Configuration procedure	135
TCP test configuration example	136
Network requirements	136
Configuration procedure	136
UDP echo test configuration example	137
Network requirements	137
Configuration procedure	138
Voice test configuration example	139
Network requirements	139
Configuration procedure	139
DLSw test configuration example	141
Network requirements	141
Configuration procedure	142
NQA collaboration configuration example	142
Network requirements	142
Configuration procedure	143
Verifying the configuration	143
Configuring sFlow	145
sFlow configuration task list	145
Configuring the sFlow agent and sFlow collector	146
Configuring flow sampling	146
Configuring counter sampling	147
Displaying and maintaining sFlow	147
sFlow configuration example	147
Network requirements	147
Configuration procedure	148
Troubleshooting sFlow configuration	149
Symptom	149
Analysis	149
Solution	149
Configuring IPC	150
Overview	150
Node	150
Link	150
Channel	150
Packet sending modes	151
Enabling IPC performance statistics	151
Displaying and maintaining IPC	152
Support and other resources	153
Contacting HP	153
Subscription service	153
Related information	153
Documents	153
Websites	153
Conventions	154
Command conventions	154
GUI conventions	154
Symbols	154
Network topology icons	155
Port numbering in examples	155

Match case Limit results 1 per page

Configuration prerequisites

Before you configure the NTP service access-control right to the local device, create and configure an

ACL associated with the access-control right. For more information about ACLs, see

ACL and QoS

Configuration Guide

Configuration procedure

To configure the NTP service access-control right to the local device:

Step

Command

Remarks

Enter system view.

system-view

N/A

Configure the NTP service

access-control right for a peer

device to access the local

device.

ntp-service access

{

peer

query

server

synchronization

}

acl-number

The default is

peer

Configuring NTP authentication

Enable NTP authentication for a system running NTP in a network where there is a high security demand.

NTP authentication enhances network security by using client-server key authentication, which prohibits

a client from synchronizing with a device that fails authentication.

To configure NTP authentication, do the following:

•

Enable NTP authentication

•

Configure an authentication key

•

Configure the key as a trusted key

•

Associate the specified key with an NTP server or a symmetric peer

These tasks are required. If any task is omitted, NTP authentication cannot function.

Configuring NTP authentication in client/server mode

Follow these instructions to configure NTP authentication in client/server mode:

•

A client can synchronize to the server only when you configure all the required tasks on both the

client and server.

•

On the client, if NTP authentication is not enabled or no key is specified to associate with the NTP

server, the client is not authenticated. No matter whether NTP authentication is enabled or not on

the server, the clock synchronization between the server and client can be performed.

•

On the client, if NTP authentication is enabled and a key is specified to associate with the NTP

server, but the key is not a trusted key, the client does not synchronize to the server no matter whether

NTP authentication is enabled or not on the server.

Configuring NTP authentication for client