ntp acl
Use this command to allow paticular client to communicate with NTP server.
Use the no form of this command to remove the particular client from NTP server.
Note: ntp discard option and limited rate flag are required for sending the KOD packet.
Command Syntax
ntp allow (A.B.C.D | X:X::X:X) (mask (A.B.C.D| <1-128>)|)
({nopeer|noserve|noquery|nomodify|kod|limited|notrap}|) (vrf management|)
no ntp allow (A.B.C.D | X:X::X:X) (mask (A.B.C.D| <1-128>)|)
({nopeer|noserve|noquery|nomodify|kod|limited|notrap}|) (vrf management|)
Parameters
A.B.C.D
IPV4 address of the client
X:X::X:X
IPV6 address of the client
A.B.C.D
Mask for the IPv4 address
1-128
Mask for the IPv6 address
nopeer
Prevent the client from establishing a peer association
noserve
Prevent the client from performing time queries
noquery
Prevent the client from performing NTPq and NTPdc queries, but not time queries
nomodify
Restrict the client from making any changes to the NTP configurations
kod
Send a kiss-of-death packet if the client limit has exceeded
limited
Deny time service if the packet violates the rate limits established by the discard command
notrap
Prevent the client from configuring control message traps
vrf
Virtual Router and Forwarding
management
Virtual Routing and Forwarding name
Default
By default, only local host is permitted.
Command Mode
Configure mode
Applicability
This command is introduced in OcNOS version 4.1.
Example
#configure terminal
(config)#ntp allow 1.1.1.1 mask 255.255.255.0 nopeer kod notrap noserve vrf management
Last modified date: 10/19/2023