Header Only - DO NOT REMOVE - Extreme Networks
Question

XOS 16.1.2 - How to disable the NTP restrict-list?


Userlevel 3
I have successfully enabled a x460-g2 switch as NTP server, and clients can receive time from them.

BUT: It appears that only clients from directly connected VLANs are allowed by the NTP service, for all others I have to add an entry via:
configure ntp restrict-list add allow[/code]I can list the active restrict-list:

# show ntp restrict-list
IP Address Mask Count Type Action
===========================================================
0.0.0.0 0.0.0.0 128 System Deny
10.0.0.0 255.255.255.252 0 System Permit
10.1.0.2 255.255.255.255 0 System Permit
10.90.90.17 255.255.255.255 1875 System Permit
127.0.0.1 255.255.255.255 0 System Permit
...

The question is: How can disable the use of this ACL, aka: how can I change the implicit entry (0.0.0.0 0.0.0.0) to Permit? I found no way so far....

2 replies

Userlevel 6
I think adding a 0.0.0.0 0.0.0.0 allow will make it allow all ntp requests.
Userlevel 3
I had tried that, doesn't work:

* Summit-PC.3 # configure ntp restrict-list add 0.0.0.0 0.0.0.0 permit
Error: NTP restrict network address 0.0.0.0 or mask 0.0.0.0 is invalid.

I can add 128.0.0.0/1 (netmask 128.0.0.0), but that still doesn't cover 0.0.0.0/1. Which I cannot add either...

Reply