Главная » Роутеры

Настройка времени на роутере huawei

На чтение 9 мин Просмотров 3 Опубликовано
Содержание
  1. Configuring NTP to Synchronize Time
  2. Networking Requirements
  3. Configuration Roadmap
  4. Procedure
  5. Verifying the Configuration
  6. Configuration File
  7. Conclusions and Suggestions
  8. Настройка времени на роутере huawei
  9. Уcтановка даты и времени на huawei
  10. Установка часового пояса на huawei
  11. Cинхронизация времени с ntp сервером на huawei
  12. Шаблоны типовой настройки синхронизации времени с ntp сервером на huawei

Configuring NTP to Synchronize Time

This example applies to all models and versions. For details about the mapping between software versions and switch models, see the Hardware Query Tool.

Networking Requirements

On the data center network, manually setting system time on all devices is time-consuming and the system time may be inaccurate. The NTP protocol can quickly synchronize system time of all devices on the network. As shown in Figure 2-37, the IP addresses of SwitchA and SwitchB have been configured. SwitchA has synchronized its clock to an authoritative clock, for example, the Global Positioning System (GPS). SwitchA functions as the time server of SwitchB.

Configuration Roadmap

  1. Configuring IP addresses for SwitchA and SwitchB
  2. Configuring SwitchA as the master clock so that the local clock of SwitchA can be used as the reference clock
  3. Configuring SwitchB to synchronize time from SwitchA and configuring NTP authentication to ensure time synchronization security

Procedure

HUAWEI> system-view [*HUAWEI] sysname SwitchA [~HUAWEI] commit [~SwitchA] vlan batch 100 [*SwitchA] interface vlanif 100 [*SwitchA-Vlanif100] ip address 10.10.1.1 24 [*SwitchA-Vlanif100] quit [*SwitchA] interface 10ge 1/0/1 [*SwitchA-10GE1/0/1] port link-type trunk [*SwitchA-10GE1/0/1] port trunk pvid vlan 100 [*SwitchA-10GE1/0/1] port trunk allow-pass vlan 100 [*SwitchA-10GE1/0/1] quit [*SwitchA] commit
HUAWEI> system-view [~HUAWEI] sysname SwitchB [~HUAWEI] commit [*SwitchB] vlan batch 100 [*SwitchB] interface vlanif 100 [*SwitchB-Vlanif100] ip address 10.10.1.2 24 [*SwitchB-Vlanif100] quit [*SwitchB] interface 10ge 1/0/1 [*SwitchB-10GE1/0/1] port link-type trunk [*SwitchB-10GE1/0/1] port trunk pvid vlan 100 [*SwitchB-10GE1/0/1] port trunk allow-pass vlan 100 [*SwitchB-10GE1/0/1] quit [*SwitchB] commit

The value of clock stratum ranges from 1 to 15. The clocks on the subnet are synchronized in an ascending order of stratum. The clock stratum can be set. In this example, the clock stratum is 1. In actual circumstances, the NTP server synchronized with the authoritative clock is set as stratum 1, and is used as a clock source. Other devices on the network synchronize their clocks with the clock of the NTP server, which means the local clock of the NTP server is configured as the NTP master clock.

[~SwitchA] ntp refclock-master 1 //Set the clock stratum to 1. [*SwitchA] ntp authentication enable [*SwitchA] ntp authentication-keyid 45 authentication-mode hmac-sha256 hello123456 //Authentication methods includes MD5 and HMAC-SHA256. HMAC-SHA256 has a higher security and MD5 has a higher speed. In this example, HMAC-SHA256 is used. [*SwitchA] ntp trusted authentication-keyid 45 [*SwitchA] commit
[~SwitchA] ntp server source-interface vlanif 100 [*SwitchA] commit
[~SwitchA] undo ntp server disable [*SwitchA] commit [~SwitchA] quit
[~SwitchB] ntp authentication enable [*SwitchB] ntp authentication-keyid 45 authentication-mode hmac-sha256 hello123456 //Authentication methods includes MD5 and HMAC-SHA256. HMAC-SHA256 has a higher security and MD5 has a higher speed. In this example, hmac-sha256 is used. [*SwitchB] ntp trusted authentication-keyid 45 [*SwitchB] ntp unicast-server 10.10.1.1 authentication-keyid 45 //Set the clock synchronization mode to unicast client/server. [*SwitchB] commit [~SwitchB] quit

The authentication key ID on SwitchB must be the same as that on SwitchA; otherwise, the authentication will fail.

Читайте также:  Обжим витой пары 8 жил схема цветов компьютер роутер

Verifying the Configuration

  • Check the configurations on SwitchA.
  • Run the display ntp status command on SwitchA to view the NTP status.
 display ntp status clock status: synchronized //Local clock status. clock stratum: 1 //Clock stratum. reference clock ID: LOCAL(0) nominal frequency: 100.0000 Hz actual frequency: 100.0000 Hz clock precision: 2^18 clock offset: 0.0000 ms root delay: 0.00 ms root dispersion: 11.65 ms peer dispersion: 10.00 ms reference time: 15:13:24.754 UTC Aug 21 2013(D5BF5794.C13458CD) //Reference time stamp. synchronization state: clock synchronized //Local clock synchronization status.
 display clock 2013-08-21 15:14:23 Wednesday Time Zone(DefaultZoneName) : UTC
 display ntp status clock status: synchronized //Local clock status. clock stratum: 2 //Clock stratum. reference clock ID: 10.10.1.1 nominal frequency: 100.0000 Hz actual frequency: 100.0000 Hz clock precision: 2^18 clock offset: 0.6828 ms root delay: 2.74 ms root dispersion: 24.84 ms peer dispersion: 10.93 ms reference time: 15:13:24.518 UTC Aug 21 2013(D5BF5B33.84A4A05D) //Reference time stamp. synchronization state: clock synchronized //Local clock synchronization status.
 display clock 2013-08-21 15:14:23 Wednesday Time Zone(DefaultZoneName) : UTC

Configuration File

Configuration file of SwitchA

# sysname SwitchA # ntp ipv6 server disable ntp authentication-keyid 45 authentication-mode hmac-sha256 cipher %^%#fhKx(LFg)~2:d23J_(t~RNcW9g#Bv7>a[7(%$HG-%^%# //The ciphertext format provided here is for example only. The format may vary depending on the system software version. ntp trusted authentication-keyid 45 ntp refclock-master 1 ntp authentication enable ntp server source-interface Vlanif100 # vlan batch 100 # interface Vlanif100 ip address 10.10.1.1 255.255.255.0 # interface 10GE1/0/1 port link-type trunk port trunk pvid vlan 100 port trunk allow-pass vlan 100 # return

Configuration file of SwitchB

# sysname SwitchB # ntp server disable ntp ipv6 server disable ntp authentication-keyid 45 authentication-mode hmac-sha256 cipher %^%#fhKx(LFg)~2:d23J_(t~RNcW9g#Bv7>a[7(%$HG-%^%# //The ciphertext format provided here is for example only. The format may vary depending on the system software version. ntp trusted authentication-keyid 45 ntp unicast-server 10.10.1.1 authentication-keyid 45 ntp authentication enable # vlan batch 100 # interface Vlanif100 ip address 10.10.1.2 255.255.255.0 # interface 10GE1/0/1 port link-type trunk port trunk pvid vlan 100 port trunk allow-pass vlan 100 # return

Conclusions and Suggestions

  • Unicast client/server mode: used at a higher stratum on a synchronization subnet. In this mode, the clients need to obtain the IP address of the server before synchronizing time.
  • Peer mode: used at a lower stratum on the synchronization subnet. In this mode, an active peer and a passive peer can be synchronized with each other. To be specific, a peer of a higher stratum is synchronized to a peer of a lower stratum.
  • Broadcast mode: used when the IP address of a server or peer is not determined, or when the clocks of a large number of devices need to be synchronized on a network.
  • Multicast mode: used for the high-speed network that has multiple workstations and does not require high clock accuracy. In a typical scenario, one or more clock servers on the network periodically send multicast packets to the workstations. The delay of packet transmission in a LAN is at the milliseconds level.
  • Manycast mode (V100R002C00 or later): used in the scenario where servers are scattered on a network. The client can discover and synchronize to the closest manycast server. On a network where the server is unstable, the manycast mode avoids reconfigurations on clients after the server changes.
  • clock not set: indicates that the clock is not updated.
  • frequency set by configuration: indicates that the clock frequency is set by NTP.
  • clock set: indicates that the clock is set.
  • clock set but frequency not determined: indicates that the clock is set, but the clock frequency is not determined.
  • clock synchronized: indicates that the clock has been synchronized.
  • spike (clock will be set in XXX secs): indicates that the system detects that the time difference between the clock server and the client exceeds 128 milliseconds, and the local clock will be revalidated in XXX seconds.
  • Run the display ntp event clock-unsync command to view the latest 10 reasons of NTP synchronization failures.
  • Run the display ntp sessions command to view information about all sessions of local NTP.
  • Run the display ntp slot-status command to view the clock system status.

Источник

Настройка времени на роутере huawei

Установка актуальной даты и времени является одной из первоочередных задач которую необходимо выполнить на сетевом оборудование, чтобы избежать дальнейшей путаницы при просмотре логов и т.п. Давайте разберем ручную устанавку timezone, даты и времени, а также настройку синхронизации времени с ntp-сервера на оборудование huawei.

Уcтановка даты и времени на huawei

1. Установка времени. Формат установки времени — HH:MM:SS

2. Установка даты. Формат установки даты — YYYY-MM-DD

clock datetime 13:20:00 2018-12-25

Просмотр текущей информации по установленом даты, времени и тайм зоны.

display clock 2017-06-02 14:22:06+03:00 Friday Time Zone(MSK) : UTC+03:00

Установка часового пояса на huawei

Установка Московского часового пояса +3 часа по Гринвичу (GMT).

clock timezone MSK add 03:00:00

Установка часового пояса -2 часа по Гринвичу (GMT).

clock timezone MSK minus 02:00:00

Cинхронизация времени с ntp сервером на huawei

Удобно выставлять время на железе не вручную, а синхронизировать его c ntp серверами. Для этого используем следующие команды.

ntp-service unicast-server IP-NTP-SERV-1 ntp-service unicast-server IP-NTP-SERV-2

Если у вас на сети используется MPLS и ntp сервер доступен через VRF, то в этом случае к настройкам добавляем параметр vpn-instanсe.

ntp-service unicast-server IP-NTP-SERV vpn-instance NAME-VRF

Просмотр общей информации ntp.

display ntp-service status clock status: synchronized clock stratum: 5 reference clock ID: XXX.XXX.XXX.XXX nominal frequency: 60.0002 Hz actual frequency: 60.0002 Hz clock precision: 2^17 clock offset: -2.3619 ms root delay: 337.70 ms root dispersion: 152.28 ms peer dispersion: 104.00 ms reference time: 11:14:45.392 UTC Jun 2 2017(DCDBC725.6472085B) synchronization state: clock synchronized

Просмотр информации о текущих сессиях установленных с ntp серверами.

display ntp-service sessions clock source: XXX.XXX.XXX.XXX clock stratum: 4 clock status: configured, selected, sane, valid reference clock ID: XXX.XXX.XXX.XXX reach: 377 current poll: 1024 now: 434 offset: 0.4184 ms delay: 57.38 ms disper: 16.15 ms clock source: XXX.XXX.XXX.XXX clock stratum: 4 clock status: configured, master, sane, valid reference clock ID: XXX.XXX.XXX.XXX reach: 377 current poll: 1024 now: 566 offset: -4.3471 ms delay: 63.11 ms disper: 16.75 ms

Шаблоны типовой настройки синхронизации времени с ntp сервером на huawei

Стандартный шаблон настройки для huawei.

clock timezone MSK add XX:XX:XX sys ntp-service unicast-server XXX.XXX.XXX.XXX ntp-service unicast-server XXX.XXX.XXX.XXX

Шаблон настройки для случая если ntp сервер доступен через VRF.

clock timezone MSK add XX:XX:XX sys ntp-service unicast-server XXX.XXX.XXX.XXX vpn-instance NAME-VRF ntp-service unicast-server XXX.XXX.XXX.XXX vpn-instance NAME-VRF

На этом все. Как видим ничего сложного в настройки даты и времени оборудование huawei нет. Комментируем, подписываемся ну и всем пока:)

Источник

Оцените статью
© 2023 Posetke
Adblock
detector