1-10From the highest NTP service access-control right to the lowest one are peer, server,synchronization, and query. When a device receives an NTP request, it will perform anaccess-control right match in this order and use the first matched right.Configuration PrerequisitesPrior to configuring the NTP service access-control right to the local switch for peer devices, you needto create and configure an ACL associated with the access-control right. For the configuration of ACL,refer to ACL Configuration in Security Volume.Configuration ProcedureTable 1-9 Configure the NTP service access-control right to the local device for peer devicesOperation Command… DescriptionEnter system view system-view —Configure the NTP serviceaccess-control right to the localswitch for peer devicesntp-service access { peer |server | synchronization |query } acl-numberOptionalpeer by defaultThe access-control right mechanism provides only a minimum degree of security protection for the localswitch. A more secure method is identity authentication.Configuring NTP AuthenticationIn networks with higher security requirements, the NTP authentication function must be enabled to runNTP. Through password authentication on the client and the server, the clock of the client issynchronized only to that of the server that passes the authentication. This improves network security.Table 1-10 shows the roles of devices in the NTP authentication function.Table 1-10 Description on the roles of devices in NTP authentication functionRole of device Working modeClient in the server/client modeClient in the broadcast modeClient in the multicast modeClientSymmetric-active peer in the symmetric peer modeServer in the server/client modeServer in the broadcast modeServer in the multicast modeServerSymmetric-passive peer in the symmetric peer mode