Access Control Permission Configuration 759NTP multicast client mode will respond this packet and start the clocksynchronization procedure. In this mode, the switch can accommodate up to1,024 multicast clients.n ■ The total number of the servers and peers configured for a switch can be up to128.■ After the configuration, the Switch 7750 does not establish connections withthe peer if it operates in NTP server mode. Whereas if it operates in any of theother modes, it establishes connections with the peer.■ If a Switch 7750 operates as a passive peer in peer mode, NTP broadcast clientmode, or NTP multicast client mode, the connections it establishes with thepeers are dynamic. If it operates in other modes, the connections it establisheswith the peers are static.Access ControlPermissionConfigurationAccess control permission to NTP server is a security measure that is of theminimum extent. Authentication is more reliable comparing to it.An access request made to an NTP server is matched from the highest permissionto the lowest, that is, in the order of peer, server, synchronization, and query.NTP AuthenticationConfigurationFor the networks with higher security requirements, you can specify to performauthentications when enabling NTP. With the authentications performed on boththe client side and the server side, the client is synchronized only to the server thatpasses the authentication. This improves network security.Prerequisites NTP authentication configuration involves:■ Configuring NTP authentication on the client■ Configuring NTP authentication on the serverNote the following when performing NTP authentication configuration:■ If the NTP authentication is not enabled on a client, the client can besynchronized to a server regardless of the NTP authentication configurationperformed on the server (assuming that the related configurations areperformed).■ You need to couple the NTP authentication with a trusted key.■ The configurations performed on the server and the client must be the same.■ A client with NTP authentication enabled is only synchronized to a server thatcan provide a trusted key.Table 603 Configure the access control permission to the local NTP serverOperation Command DescriptionEnter system view system-view -Configure the accesscontrol permission tothe local NTP serverntp-service access { peer |server | synchronization |query } acl-numberOptionalBy default, the access controlpermission to the local NTP serveris peer