5-9
Catalyst 2960 and 2960-S Switch Software Configuration Guide
OL-8603-09
Chapter 5 Administering the Switch
Managing the System Time and Date
To disable an interface from receiving NTP broadcast packets, use the no ntp broadcast client interface
configuration command. To change the estimated round-trip delay to the default, use the no ntp
broadcastdelay global configuration command.
This example shows how to configure a port to receive NTP broadcast packets:
Switch(config)# interface gigabitethernet0/1
Switch(config-if)# ntp broadcast client
Configuring NTP Access Restrictions
You can control NTP access on two levels as described in these sections:
• Creating an Access Group and Assigning a Basic IP Access List, page 5-9
• Disabling NTP Services on a Specific Interface, page 5-11
Creating an Access Group and Assigning a Basic IP Access List
Beginning in privileged EXEC mode, follow these steps to control access to NTP services by using
access lists:
Step 5
ntp broadcastdelay microseconds (Optional) Change the estimated round-trip delay between the switch and
the NTP broadcast server.
The default is 3000 microseconds; the range is 1 to 999999.
Step 6
end Return to privileged EXEC mode.
Step 7
show running-config Verify your entries.
Step 8
copy running-config startup-config (Optional) Save your entries in the configuration file.
Command Purpose
Command Purpose
Step 1
configure terminal Enter global configuration mode.
Step 2
ntp access-group {query-only |
serve-only | serve | peer}
access-list-number
Create an access group, and apply a basic IP access list.
The keywords have these meanings:
• query-only—Allows only NTP control queries.
• serve-only—Allows only time requests.
• serve—Allows time requests and NTP control queries, but does not
allow the switch to synchronize to the remote device.
• peer—Allows time requests and NTP control queries and allows the
switch to synchronize to the remote device.
For access-list-number, enter a standard IP access list number from 1
to 99.