Configuring Access Control Right 375Configuring a switch to work in the multicast client modeConfiguring AccessControl RightWith the following command, you can configure the NTP service access-controlright to the local switch for a peer device. There are four access-control rights, asfollows:■ query: Control query right. This level of right permits the peer device toperform control query to the NTP service on the local device but does notpermit the peer device to synchronize its clock to the local device. The so-called"control query" refers to query of state of the NTP service, including alarminformation, authentication status, clock source information, and so on.■ synchronization: Synchronization right. This level of right permits the peerdevice to synchronize its clock to the local switch but does not permit the peerdevice to perform control query.■ server: Server right. This level of right permits the peer device to performsynchronization and control query to the local switch but does not permit thelocal switch to synchronize its clock to the peer device.■ peer: Peer access. This level of right permits the peer device to performsynchronization and control query to the local switch and also permits the localswitch to synchronize its clock to the peer device.From the highest NTP service access-control right to the lowest one are peer,server, synchronization, and query. When a device receives an NTP request, itwill perform an access-control right match in this order and use the first matchedright.ConfigurationPrerequisitesPrior to configuring the NTP service access-control right to the local switch for peerdevices, you need to create and configure an ACL associated with theaccess-control right. To configure an ACL, refer to “ACL Configuration” onpage 291.Configuration ProcedureTable 288 Configure a switch to work in the NTP multicast client modeOperation Command DescriptionEnter system view system-view -Enter VLAN interface view interface Vlan-interfacevlan-id-Configure the switch to workin the NTP multicast clientmodentp-service multicast-client[ ip-address ]RequiredNot configured by default.Table 289 Configure the NTP service access-control right to the local device for peerdevicesOperation Command... DescriptionEnter system view system-view -Configure the NTP serviceaccess-control right to thelocal switch for peer devicesntp-service access { peer |server | synchronization |query } acl-numberOptionalpeer by default