|
|
To configure a name for a PNNI node, use the name node-level subcommand. To return to the default value, use the no form of this command.
name name| name | Specify the ASCII name for the PNNI node. |
The value assigned by the hostname command.
PNNI node command.
The LightStream 1010 PNNI node name is distributed to all other nodes via PNNI flooding. This allows all LightStream 1010 PNNI nodes to use this node name to identify this node in the following PNNI show commands:
This command only applies to PNNI nodes.
For more information, refer to the LightStream 1010 ATM Switch Software Configuration Guide.
The following example configures the node name to be eng_1.
Switch#configure terminalSwitch(config)#atm router pnniSwitch(config-atm-router)#node 1Switch(config-pnni-node)#name eng_1Switch(config-pnni-node)#
To name an existing network connection, use the name-connection EXEC command.
name-connection name| name | A name that identifies the internal adapter. |
EXEC.
The name can be any string of up to 8 characters that does not include blanks.
The following example assigns a name to an internal adapter interface.
Switch# name VTAM_B14
To allow the recovered clock to specify a particular port to provide network clocking, use the network-clock-select global configuration commands. Use the no form of this command to disable this feature.
network-clock-select priority atm card/subcard/port| card/sub/card/port | Card, subcard, and port number for the SONET port. |
| priority | Specifies the priority between 1 and 4. |
No network-clocks.
Global configuration.
This command applies only to SONET interfaces.
The following example shows how to configure ATM 3/0/1 as a network clock source of priority 2 and to configure ATM 0/1/0 to use network-clock mode.
Switch#configure terminalSwitch(config)#network 2 atm 3/0/1Switch(config)#interface atm 0/1/0Switch(config)#clock network-derivedend
 | Warning Make sure a network clock-source is configured before a port uses it as its clock source, which could cause serious problems on the link. |
To create, delete, enable, or disable nodes running on this switch and to specify or change the level of a node, use the node ATM router PNNI configuration command. PNNI node configuration mode is started when this command is entered. To remove a previously set node index, use the no form of this command.
node node_index level level_indicator [lowest] [enable | disable]| node_index | Specifies the local node index used to identify nodes running on this switch. |
| level_indicator | Specifies the PNNI level (position in the PNNI hierarchy) at which the node exists. |
| lowest | Indicates that the node to be created is a lowest-level node (for example, the node runs over physical links and VPCs). If this is not present when a new node_index is specified, the new node becomes a logical group node that represents a PNNI peer group. A logical group node only becomes active when its child node is elected peer group leader. |
With LightStream 1010 ATM switch's autoconfiguration capabilities, a lowest-level PNNI node, with the node index 1, is automatically created and by default runs on all PNNI interfaces (including interfaces determined by ILMI to be PNNI interfaces and on interfaces configured to run PNNI).
The default level is 56, the proper level for lowest-level nodes using autoconfigured Cisco ATM addresses in a single level hierarchy.
ATM router PNNI configuration.
Currently only a single lowest-level node with node index 1 is supported.
Only a node running at the lowest level can be configured to run on an interface.
The level of a node can only be modified when the node is disabled.
Enable and disable can be used to reinitialize PNNI. For example, the node ID and peer group ID are recalculated based on the switch's first ATM address and the node-level whenever a node is enabled.
For more information, refer to the LightStream 1010 ATM Switch Software Configuration Guide.
The following example shows how to enter PNNI node configuration mode.
Switch#configure terminalSwitch(config)#atm router pnniSwitch(config-atm-router)#node 1Switch(config-pnni-node)#
The following example shows how to create a lowest-level PNNI node with node index 1 at level 96 (assuming no node currently exists on this switch).
Switch#configure terminalSwitch(config)#atm router pnniSwitch(config-atm-router)#node 1 level 96 lowestSwitch(config-pnni-node)#
atm address
atm router pnni
show atm pnni node
To enable terminal notification about pending output from other connections, use the notify line configuration command. The no form of this command ends notification.
notifyThis command has no arguments or keywords.
Disabled.
Line configuration.
The command sets a line to inform a user with multiple, concurrent Telnet connections when output is pending on a connection other than the current one.
The following example sets up notification of pending output from connections on virtual terminal lines 0 to 4.
Switch#line vty 0 4Switch(config-line)#notify
terminal notify
To control access to the system's Network Time Protocol (NTP) services, use the ntp access-group global configuration command. To remove access control to the system's NTP services, use the no form of this command.
ntp access-group {query-only | serve-only | serve | peer} access-list-number| query-only | Allows only NTP control queries. See RFC 1305 (NTP version 3). |
| serve-only | Allows only time requests. |
| serve | Allows time requests and NTP control queries, but does not allow the system to synchronize to the remote system. |
| peer | Allows time requests and NTP control queries and allows the system to synchronize to the remote system. |
| access-list-number | Number (1 to 99) of a standard IP access list. |
No access control (full access granted to all systems).
Global configuration.
The ntp-access group command scans the options in the following order from least restrictive to most restrictive:
Access is granted for the first match found. If no access groups are specified, complete access is granted to all sources. If any access groups are specified, only the specified access is granted. This facility provides minimal security. If more security is desired, use the NTP authentication facility.
In the following example, the system is configured to allow itself to be synchronized by a peer from access list 99. However, the system restricts access to allow only time requests from access list 42.
Switch#ntp access-group peer 99Switch#ntp access-group serve-only 42
access-list
To enable Network Time Protocol (NTP) authentication, use the ntp authenticate global configuration command. Use the no form of this command to disable the feature.
ntp authenticateThis command has no keywords or arguments.
No authentication.
Global configuration.
Use this command if you want authentication. If this command is specified, the system does not synchronize to a system unless it carries one of the authentication keys specified in the ntp trusted-key command.
The following example enables NTP authentication.
Switch# ntp authenticate
ntp authentication-key
ntp trusted-key
To define an authentication key for Network Time Protocol (NTP), use the ntp authentication-key global configuration command. Use the no form of this command to remove the authentication key for NTP.
ntp authentication-key number md5 value| number | Key number (1 to 4294967295). |
| md5 | Authentication key. Message authentication support is provided using the Message Digest (MD5) algorithm. The key type md5 is currently the only key type supported. |
| value | Key value (an arbitrary string of up to eight characters). |
No authentication key is defined for NTP.
Global configuration.
Use this command to define authentication keys for use with other NTP commands to provide a higher degree of security.
The following example sets authentication key 10 to aNiceKey.
Switch# ntp authentication-key 10 md5 aNiceKey
ntp peer
ntp server
ntp trusted-key
To specify that a specific interface should send Network Time Protocol (NTP) broadcast packets, use the ntp broadcast interface configuration command. Use the no form of this command to disable this capability.
ntp broadcast [version number]| version number | (Optional) Number from 1 to 3 indicating the NTP version. |
Disabled.
Interface configuration.
In the following example, Ethernet interface 2/0/0 is configured to send NTP version 2 packets.
Switch(config)#interface ethernet 2/0/0Switch(config-if)#ntp broadcast version 2
ntp broadcast client
ntp broadcastdelay
To allow the system to receive NTP broadcast packets on an interface, use the ntp broadcast client interface configuration command. Use the no form of this command to disable this capability.
ntp broadcast clientThis command has no arguments or keywords.
Disabled.
Interface configuration.
Use this command to allow the system to listen to broadcast packets on an interface-by-interface basis.
In the following example, the switch synchronizes to NTP packets broadcast on Ethernet interface 2/0/0.
Switch(config)#interface ethernet 2/0/0Switch(config-if)#ntp broadcast client
ntp broadcast
ntp broadcastdelay
To set the estimated round-trip delay between the switch and a Network Time Protocol (NTP) broadcast server, use the ntp broadcastdelay global configuration command. Use the no form of this command to revert to the default value.
ntp broadcastdelay microseconds| microseconds | Estimated round-trip time (in microseconds) for NTP broadcasts. The range is from 1 to 999999. |
3000 microseconds.
Global configuration.
Use this command when the switch is configured as a broadcast client and the round-trip delay on the network is other than 3000 microseconds.
In the following example, the estimated round-trip delay between the switch and the broadcast client is set to 5000 microseconds.
Switch# ntp broadcastdelay 5000
ntp broadcast
ntp broadcast client
 | Caution Do not use this command; it is documented for informational purposes only. The system automatically generates this command as Network Time Protocol (NTP) determines the clock error and then compensates. |
As NTP compensates for the error in the system clock, it keeps track of the correction factor for this error. The system automatically saves this value into the system configuration using the ntp clock-period global configuration command. The system uses the no form of this command to revert to the default.
ntp clock-period value| value | Amount to add to the system clock for each clock hardware tick (in units of 2 to 32 seconds). |
17179869 (4 milliseconds).
Global configuration.
If a copy running-config startup-config command is entered to save the configuration to memory, this command is automatically added to the configuration. It is a good idea to perform this task after NTP has been running for a week or so; this helps NTP synchronize more quickly if the system is restarted.
To prevent an interface from receiving Network Time Protocol (NTP) packets, use the ntp disable interface configuration command. To enable receipt of NTP packets on an interface, use the no form of this command.
ntp disableThis command has no arguments or keywords.
Disabled.
Interface configuration.
This command provides a simple method of access control.
In the following example, Ethernet interface 2/0/0 is prevented from receiving NTP packets.
Switch(config)#interface ethernet 2/0/0Switch(config-if)#ntp disable
To configure the switch as a Network Time Protocol (NTP) master clock to which peers synchronize themselves when an external NTP source is not available, use the ntp master global configuration command. To disable the master clock function, use the no form of this command.
ntp master [stratum] | Caution Use this command with extreme caution. It is very easy to override valid time sources using this command, especially if a low stratum number is configured. Configuring multiple machines in the same network with the ntp master command can cause instability in timekeeping if the machines do not agree on the time. |
| stratum | (Optional) Number from 1 to 15. Indicates the NTP stratum number that the system claims. |
By default, the master clock function is disabled. When enabled, the default stratum is 8.
Global configuration.
Since the Cisco implementation of NTP does not support directly attached radio or atomic clocks, the switch is normally synchronized, directly or indirectly, to an external system that has such a clock. In a network without Internet connectivity, such a time source may not be available. The ntp master command is used in such cases.
If the system has ntp master configured and it cannot reach any clock with a lower stratum number, the system claims to be synchronized at the configured stratum number, and other systems synchronize to it via NTP.
In the following example, the switch is configured as an NTP master clock to which peers may synchronize.
Switch# ntp master 10
To configure the switch's system clock to synchronize a peer or to be synchronized by a peer, use the
ntp peer global configuration command. To disable this capability, use the no form of this command.
| ip-address | IP address of the peer providing or being provided the clock synchronization. |
| version | (Optional) Defines the Network Time Protocol (NTP) version number. |
| number | (Optional) NTP version number (1 to 3). |
| key | (Optional) Defines the authentication key. |
| keyid | (Optional) Authentication key to use when sending packets to this peer. |
| source | (Optional) Names the interface. |
| interface | (Optional) Name of the interface from which to pick the IP source address. |
| prefer | (Optional) Makes this peer the preferred peer that provides synchronization. |
No peers are configured by default. If a peer is configured, the default NTP version number is 3, no authentication key is used, and the source IP address is taken from the outgoing interface.
Global configuration.
Use this command if you want to allow this machine to synchronize with the peer or vice versa. Using the prefer keyword reduces switching back and forth between peers.
If you are using the default version of 3 and NTP synchronization does not occur, try using NTP version number 2. Many NTP servers on the Internet run version 2.
In the following example, the switch is configured to allow its system clock to be synchronized with the clock of the peer (or vice versa) at IP address 131.108.22.33 using NTP version 2. The source IP address is the address of Ethernet 2/0/0.
Switch# ntp peer 131.108.22.33 version 2 source ethernet 2/0/0
ntp authentication-key
ntp server
ntp source
To allow the switch's system clock to be synchronized by a time server, use the ntp server global configuration command. To disable this capability, use the no form of this command.
ntp server ip-address [version number] [key keyid] [source interface] [prefer]| ip-address | IP address of the time server providing the clock synchronization. |
| version | (Optional) Defines the Network Time Protocol (NTP) version number. |
| number | (Optional) NTP version number (1 to 3). |
| key | (Optional) Defines the authentication key. |
| keyid | (Optional) Authentication key to use when sending packets to this peer. |
| source | (Optional) Identifies the interface from which to pick the IP source address. |
| interface | (Optional) Name of the interface from which to pick the IP source address. |
| prefer | (Optional) Makes this server the preferred server that provides synchronization. |
No peers are configured by default. If a peer is configured, the default NTP version number is 3, no authentication key is used, and the source IP address is taken from the outgoing interface.
Global configuration.
Use this command if you want to allow this machine to synchronize with the specified server. The server does not synchronize to this machine.
Using the prefer keyword reduces switching back and forth between servers.
If you are using the default version of 3 and NTP synchronization does not occur, try using NTP version number 2. Many NTP servers on the Internet run version 2.
In the following example, the switch is configured to allow its system clock to be synchronized with the clock of the peer at IP address 128.108.22.44 using NTP version 2.
Switch# ntp server 128.108.22.44 version 2
ntp authentication-key
ntp peer
ntp source
To use a particular source address in Network Time Protocol (NTP) packets, use the ntp source global configuration command. Use the no form of this command to remove the specified source address.
ntp source interface| interface | Any valid system interface name. |
Source address is determined by the outgoing interface.
Global configuration.
Use this command when you want to use a particular source IP address for all NTP packets. The address is taken from the named interface. This command is useful if the address on an interface cannot be used as the destination for reply packets. If the source keyword is present on an ntp server or ntp peer command, that value overrides the global value.
In the following example, the switch is configured to use the IP address of Ethernet 2/0/0 as the source address of all outgoing NTP packets.
Switch# ntp source ethernet 2/0/0
If you want to authenticate the identity of a system to which Network Time Protocol (NTP) synchronizes, use the ntp trusted-key global configuration command. Use the no form of this command to disable authentication of the identity of the system.
ntp trusted-key key-number| key-number | Key number of authentication key to be trusted. |
Disabled.
Global configuration.
If authentication is enabled, use this command to define one or more key numbers (corresponding to the keys defined with the ntp authentication-key command) that a peer NTP system must provide in its NTP packets in order for this system to synchronize to it. This provides protection against accidentally synchronizing the system to a system that is not trusted because the other system must know the correct authentication key.
In the following example, the system is configured to synchronize only to systems providing authentication key 42 in its NTP packets.
Switch#ntp authenticateSwitch#ntp authentication-key 42 md5 aNiceKeySwitch#ntp trusted-key 42
To periodically update the calendar from Network Time Protocol (NTP), use the ntp update-calendar global configuration command. Use the no form of this command to disable this feature.
ntp update-calendarThis command has no arguments or keywords.
The calendar is not updated.
Global configuration.
If a switch is synchronized to an outside time source via NTP, you should periodically update the calendar with the time learned from NTP. Otherwise, the calendar tends to gradually lose or gain time. The calendar is updated only if NTP has synchronized to an authoritative time server.
In the following example, the system is configured to periodically update the calendar from the system clock.
Switch# ntp update-calendar
clock read-calendar
clock update-calendar
|
|