idnits 2.17.1 draft-ietf-ntp-ntpv4-mib-07.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** You're using the IETF Trust Provisions' Section 6.b License Notice from 12 Sep 2009 rather than the newer Notice from 28 Dec 2009. (See https://trustee.ietf.org/license-info/) Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (March 5, 2010) is 5164 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'RFC4001' is defined on line 1167, but no explicit reference was found in the text Summary: 1 error (**), 0 flaws (~~), 3 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 NTP H. Gerstung 3 Internet-Draft Meinberg 4 Intended status: Standards Track C. Elliott 5 Expires: September 6, 2010 6 B. Haberman, Ed. 7 JHU APL 8 March 5, 2010 10 Definitions of Managed Objects for Network Time Protocol Version 4 11 (NTPv4) 12 draft-ietf-ntp-ntpv4-mib-07 14 Abstract 16 RFC Ed. : This draft refers to itself with RFC YYYY. When this draft 17 is published as an RFC, the RFC Editor is asked to replace "YYYY" (in 18 the RFC, including the MIB module part) with the assigned RFC number 19 and to remove this note. This draft also refers to 20 draft-ietf-ntp-ntpv4-proto. When this draft is published as an RFC, 21 the RFC Editor is asked to replace "draft-ietf-ntp-ntpv4-proto" (in 22 the RFC, including the MIB module part) with "RFC ZZZZ" (where ZZZZ 23 is the assigned RFC number) and to remove this note. 25 The Network Time Protocol (NTP) is used in networks of all types and 26 sizes for time synchronization of servers, workstations and other 27 networked equipment. As time synchronization is more and more a 28 mission critical service, standardized means for monitoring and 29 management of this subsystem of a networked host are required to 30 allow operators of such a service to setup a monitoring system that 31 is platform- and vendor-independent. This document provides a 32 standardized collection of data objects for monitoring the NTP entity 33 of such a network participant and it is part of the NTP Version 4 34 standardization effort. 36 Status of this Memo 38 This Internet-Draft is submitted to IETF in full conformance with the 39 provisions of BCP 78 and BCP 79. 41 Internet-Drafts are working documents of the Internet Engineering 42 Task Force (IETF), its areas, and its working groups. Note that 43 other groups may also distribute working documents as Internet- 44 Drafts. 46 Internet-Drafts are draft documents valid for a maximum of six months 47 and may be updated, replaced, or obsoleted by other documents at any 48 time. It is inappropriate to use Internet-Drafts as reference 49 material or to cite them other than as "work in progress." 51 The list of current Internet-Drafts can be accessed at 52 http://www.ietf.org/ietf/1id-abstracts.txt. 54 The list of Internet-Draft Shadow Directories can be accessed at 55 http://www.ietf.org/shadow.html. 57 This Internet-Draft will expire on September 6, 2010. 59 Copyright Notice 61 Copyright (c) 2010 IETF Trust and the persons identified as the 62 document authors. All rights reserved. 64 This document is subject to BCP 78 and the IETF Trust's Legal 65 Provisions Relating to IETF Documents 66 (http://trustee.ietf.org/license-info) in effect on the date of 67 publication of this document. Please review these documents 68 carefully, as they describe your rights and restrictions with respect 69 to this document. Code Components extracted from this document must 70 include Simplified BSD License text as described in Section 4.e of 71 the Trust Legal Provisions and are provided without warranty as 72 described in the BSD License. 74 Table of Contents 76 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 77 2. Conventions Used In This Document . . . . . . . . . . . . . . 4 78 3. The Internet-Standard Management Framework . . . . . . . . . . 4 79 4. Technical Description . . . . . . . . . . . . . . . . . . . . 4 80 5. MIB Definition . . . . . . . . . . . . . . . . . . . . . . . . 5 81 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 24 82 7. Security Considerations . . . . . . . . . . . . . . . . . . . 24 83 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 26 84 8.1. Normative References . . . . . . . . . . . . . . . . . . . 26 85 8.2. Informative References . . . . . . . . . . . . . . . . . . 26 86 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 26 88 1. Introduction 90 The NTPv4 MIB Module is designed to allow SNMP to be used to monitor 91 and manage local NTP [I-D.ietf-ntp-ntpv4-proto] entities. It 92 provides a collection of data objects that can be queried using the 93 SNMP protocol and represent the current status of the NTP entity. 94 This includes general information about the NTP entity itself 95 (vendor, product, version) as well as connectivity to upstream NTP 96 servers used as sources of reference time and to hardware reference 97 clocks like radio clocks. The most important values are included in 98 order to be able to detect failures before they can have an impact on 99 the overall time synchronization status of the network. There are 100 also a collection of notification objects to inform about state 101 changes in the NTP entity. There are objects to control these 102 notifications as well. 104 2. Conventions Used In This Document 106 The capitalized key words "MUST", "MUST NOT", "REQUIRED", "SHALL", 107 "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and 108 "OPTIONAL" in this document are to be interpreted as described in 109 [RFC2119]. 111 3. The Internet-Standard Management Framework 113 For a detailed overview of the documents that describe the current 114 Internet-Standard Management Framework, please refer to section 7 of 115 RFC3410 [RFC3410]. 117 Managed objects are accessed via a virtual information store, termed 118 the Management Information Base or MIB. MIB objects are generally 119 accessed through the Simple Network Management Protocol (SNMP). 120 Objects in the MIB are defined using the mechanisms defined in the 121 Structure of Management Information (SMI). This memo specifies a MIB 122 module that is compliant to the SMIv2, which is described in RFC2578 123 [RFC2578], RFC2579 [RFC2579] and RFC2580 [RFC2580]. 125 4. Technical Description 127 The NTPv4 MIB Module is divided into sections for general server 128 information, current NTP entity status, status information of all 129 mobilized associations (e.g. unicast upstream time servers, multicast 130 or broadcast time references and hardware clocks), NTP entity control 131 objects, NTP objects used only for notifications, as well as SNMP 132 notification definitions for core events. 134 The general server information section contains static information 135 and can be queried to identify which NTP implementation is running on 136 a host. This includes the vendor and product name of the running NTP 137 software as well as version information, hardware/os platform 138 identity and the time resolution of the underlying OS. 140 Section 2 (current NTP status) includes data objects that represent 141 the current operational status of the NTP entity. 143 The third section contains data objects that represent the set of 144 time references ("associations") the NTP entity is currently working 145 with. 147 The fourth section contains objects that can be used to control the 148 NTP entity. The currently defined objects control how often the 149 heartbeat interval notification is sent out and which notifications 150 are enabled. 152 The fifth section contains objects that are only used as varbinds in 153 notifications. There is currently only one object in this section--a 154 message that adds a clear text event message to notifications. 156 Certain important events can occur while the NTP entity is running. 157 The notification section defines SNMP notifications for a collection 158 of the most important ones ("core events") and additionally provides 159 a heartbeat notification as well as a test notification to allow 160 management systems to test the reception of NTP related notifications 161 as well as enable heartbeat-based monitoring systems to assure that 162 the NTP entity is still up and running. 164 Some values are included both in numeric and in human-readable 165 (string) format. This has been done to simplify the representation 166 of a status information. If the two representations of a certain 167 value differ, the numeric representation takes precedence. 169 5. MIB Definition 171 -- ********************************************************************* 172 -- 173 -- The Network Time Protocol Version 4 174 -- Management Information Base (MIB) 175 -- 176 -- Authors: Heiko Gerstung (heiko.gerstung@meinberg.de) 177 -- Chris Elliott (chelliot@pobox.com) 178 -- 179 -- for the Internet Engineering Task Force (IETF) 180 -- NTP Working Group (ntpwg) 181 -- 182 -- 183 -- ********************************************************************* 184 -- Rev 1.00 185 -- Published as RFC YYYY 186 -- 187 -- ********************************************************************* 189 NTPv4-MIB DEFINITIONS ::= BEGIN 191 IMPORTS 192 MODULE-IDENTITY, OBJECT-TYPE , mib-2, Integer32, NOTIFICATION-TYPE, 193 Unsigned32, Counter32, TimeTicks 194 FROM SNMPv2-SMI -- RFC2578 195 MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP 196 FROM SNMPv2-CONF -- RFC2580 197 DisplayString, TEXTUAL-CONVENTION 198 FROM SNMPv2-TC -- RFC2579 199 InetAddressType, InetAddress 200 FROM INET-ADDRESS-MIB -- RFC4001 201 Utf8String 202 FROM SYSAPPL-MIB; -- RFC2287 204 ntpSnmpMIB MODULE-IDENTITY 205 LAST-UPDATED "201003050000Z" -- March 5, 2010 206 ORGANIZATION "The IETF NTP Working Group (ntpwg)" 207 CONTACT-INFO 208 " WG Email: ntpwg@lists.ntp.isc.org 209 Subscribe: 210 https://lists.ntp.isc.org/mailman/listinfo/ntpwg 212 Heiko Gerstung 213 Meinberg Funkuhren Gmbh & Co. KG 214 Lange Wand 9 215 Bad Pyrmont 31812 216 Germany 218 Phone: +49 5281 9309 25 219 Email: heiko.gerstung@meinberg.de 221 Chris Elliott 222 1516 Kent St. 223 Durham, NC 27707 224 USA 226 Phone: +1-919-308-1216 227 Email: chelliot@pobox.com 228 Brian Haberman 229 11100 Johns Hopkins Road 230 Laurel, MD 20723 231 USA 233 Phone: +1-443-778-1319 234 Email: brian@innovationslab.net" 235 DESCRIPTION 236 "The Management Information Base for NTP time entities. 238 Copyright (c) 2010 IETF Trust and the persons identified as the 239 document authors. All rights reserved. 241 This document is subject to BCP 78 and the IETF Trust's Legal 242 Provisions Relating to IETF Documents 243 (http://trustee.ietf.org/license-info) in effect on the date of 244 publication of this document. Please review these documents 245 carefully, as they describe your rights and restrictions with 246 respect to this document. Code Components extracted from this 247 document must include Simplified BSD License text as described 248 in Section 4.e of the Trust Legal Provisions and are provided 249 without warranty as described in the BSD License." 251 REVISION "201003050000Z" 252 DESCRIPTION 253 "This revision of the MIB module is published as RFC YYYY." 255 ::= { mib-2 XXXXX } 257 ntpSnmpMIBObjects OBJECT IDENTIFIER ::= { ntpSnmpMIB 1 } 259 -- MIB contains 6 groups 261 ntpEntInfo OBJECT IDENTIFIER ::= { ntpSnmpMIBObjects 1 } 262 ntpEntStatus OBJECT IDENTIFIER ::= { ntpSnmpMIBObjects 2 } 263 ntpAssociation OBJECT IDENTIFIER ::= { ntpSnmpMIBObjects 3 } 264 ntpEntControl OBJECT IDENTIFIER ::= { ntpSnmpMIBObjects 4 } 265 ntpEntNotifObjects OBJECT IDENTIFIER ::= { ntpSnmpMIBObjects 5 } 267 -- 268 -- Textual Conventions 269 -- 271 NtpStratum ::= TEXTUAL-CONVENTION 272 DISPLAY-HINT "d" 273 STATUS current 274 DESCRIPTION 275 "The NTP stratum, with 16 representing no stratum." 276 SYNTAX Unsigned32 (1..16) 278 NtpDateTime ::= TEXTUAL-CONVENTION 279 DISPLAY-HINT "4d:4d:4d.4d" 280 STATUS current 281 DESCRIPTION 282 "NTP date/time on the device, in 128-bit 283 NTP date format. If time is not syncronized this 284 field shall be a zero-length string. 286 This TC is not to be used for objects that are used 287 to set the time of the node querying this object. 288 NTP should be used for this--or at least SNTP." 289 REFERENCE "draft-ietf-ntp-ntpv4-proto, section 6" 290 SYNTAX OCTET STRING (SIZE (0 | 16)) 292 -- 293 -- Section 1: General NTP Entity information objects 294 -- (relatively static information) 295 -- 297 ntpEntSoftwareName OBJECT-TYPE 298 SYNTAX Utf8String 299 MAX-ACCESS read-only 300 STATUS current 301 DESCRIPTION 302 "The product name of the running NTP version, e.g. 'ntpd'" 303 ::= { ntpEntInfo 1 } 305 ntpEntSoftwareVersion OBJECT-TYPE 306 SYNTAX Utf8String 307 MAX-ACCESS read-only 308 STATUS current 309 DESCRIPTION 310 "The software version of the installed NTP implementation 311 as a full version string, e.g. 'ntpd-4.2.0b@1.1433 ...'" 312 ::= { ntpEntInfo 2 } 314 ntpEntSoftwareVendor OBJECT-TYPE 315 SYNTAX Utf8String 316 MAX-ACCESS read-only 317 STATUS current 318 DESCRIPTION 319 "The vendor/author of the installed NTP version." 320 ::= { ntpEntInfo 3 } 322 ntpEntSystemType OBJECT-TYPE 323 SYNTAX Utf8String 324 MAX-ACCESS read-only 325 STATUS current 326 DESCRIPTION 327 "General hardware/os platform information, 328 e.g. 'Linux 2.6.12 / x86'" 329 -- freely configurable, default is OS Version / Hardware platform 330 ::= { ntpEntInfo 4 } 332 ntpEntTimeResolution OBJECT-TYPE 333 SYNTAX Unsigned32 334 MAX-ACCESS read-only 335 STATUS current 336 DESCRIPTION 337 "The time resolution in integer format, where the resolution 338 is represented as divisions of a second, e.g. a value of 1000 339 translates to 1.0 ms." 340 ::= { ntpEntInfo 5 } 342 ntpEntTimePrecision OBJECT-TYPE 343 SYNTAX Integer32 344 MAX-ACCESS read-only 345 STATUS current 346 DESCRIPTION 347 "The entity's precision in integer format, shows the precision. 348 A value of -5 would mean 2^-5 = 31.25 ms" 349 ::= { ntpEntInfo 6 } 351 ntpEntTimeDistance OBJECT-TYPE 352 SYNTAX DisplayString 353 MAX-ACCESS read-only 354 STATUS current 355 DESCRIPTION 356 "The distance from this NTP entity to the root time reference 357 (stratum 0) source including the unit, e.g. '13.243 ms'" 358 ::= { ntpEntInfo 7 } 360 -- 361 -- Section 2: Current NTP status (dynamic information) 362 -- 364 ntpEntStatusCurrentMode OBJECT-TYPE 365 SYNTAX INTEGER { 366 notRunning(1), 367 notSynchronized(2), 368 noneConfigured(3), 369 syncToLocal(4), 370 syncToRefclock(5), 371 syncToRemoteServer(6), 372 unknown(99) 373 } 374 MAX-ACCESS read-only 375 STATUS current 376 DESCRIPTION 377 "The current mode of the NTP. The definition of each possible 378 value is: 379 notRunning(1) - NTP is not running 380 notSynchronized(2) - NTP is not synchronized to any time 381 source (stratum = 16) 382 noneConfigured(3) - NTP is not synchronized and does not 383 have a reference configured 384 (stratum = 16) 385 syncToLocal(4) - NTP is distributing time based on its 386 local clock (degraded accuracy and/or 387 reliability) 388 syncToRefclock(5) - NTP is synchronized to a local 389 hardware refclock (e.g. GPS) 390 syncToRemoteServer(6) - NTP is synchronized to a remote 391 NTP server ('upstream' server) 392 unknown(99) - The state of NTP is unknown." 393 ::= { ntpEntStatus 1 } 395 ntpEntStatusStratum OBJECT-TYPE 396 SYNTAX NtpStratum 397 MAX-ACCESS read-only 398 STATUS current 399 DESCRIPTION 400 "The NTP entity's own stratum value. Should be stratum of 401 syspeer + 1 (or 16 if no syspeer)" 402 ::= { ntpEntStatus 2 } 404 ntpEntStatusActiveRefSourceId OBJECT-TYPE 405 SYNTAX Unsigned32 ( 0..99999 ) 406 MAX-ACCESS read-only 407 STATUS current 408 DESCRIPTION 409 "The association ID of the current syspeer." 410 ::= { ntpEntStatus 3 } 412 ntpEntStatusActiveRefSourceName OBJECT-TYPE 413 SYNTAX Utf8String 414 MAX-ACCESS read-only 415 STATUS current 416 DESCRIPTION 417 "The hostname/descriptive name of the current reference source 418 selected as syspeer, e.g. 'ntp1.ptb.de' or 'GPS' or 'DCFi' ..." 420 ::= { ntpEntStatus 4 } 422 ntpEntStatusActiveOffset OBJECT-TYPE 423 SYNTAX DisplayString 424 MAX-ACCESS read-only 425 STATUS current 426 DESCRIPTION 427 "The Time offset to the current selected reference time source 428 as a string including unit, e.g. '0.032 ms' or '1.232 s'" 429 ::= { ntpEntStatus 5 } 431 ntpEntStatusNumberOfRefSources OBJECT-TYPE 432 SYNTAX Unsigned32 (0..99) 433 MAX-ACCESS read-only 434 STATUS current 435 DESCRIPTION 436 "The number of reference sources configured for NTP." 437 ::= { ntpEntStatus 6 } 439 ntpEntStatusDispersion OBJECT-TYPE 440 SYNTAX DisplayString 441 MAX-ACCESS read-only 442 STATUS current 443 DESCRIPTION 444 "The root dispersion of the running NTP entity, e.g. '6.927'" 445 ::= { ntpEntStatus 7 } 447 ntpEntStatusEntityUptime OBJECT-TYPE 448 SYNTAX TimeTicks 449 MAX-ACCESS read-only 450 STATUS current 451 DESCRIPTION 452 "The uptime of the NTP entity, (i.e. the time since ntpd was 453 (re-)initialized not sysUptime!). The time is represented in 454 hundreds of seconds since Jan 1, 1970 (00:00:00.000) UTC" 455 ::= { ntpEntStatus 8 } 457 ntpEntStatusDateTime OBJECT-TYPE 458 SYNTAX NtpDateTime 459 MAX-ACCESS read-only 460 STATUS current 461 DESCRIPTION 462 "The current NTP date/time on the device, in 128-bit 463 NTP date format. If time is not syncronized this 464 field shall be a zero-length string. 466 This object can be used to timestamp events on this 467 node and allow a management station to coorelate 468 different time objects. For example, a management 469 station could query this object and sysUpTime in 470 the same operation to be able to relate sysUpTime 471 to NTP time. 473 This object is not to be used to set the time of 474 the node querying this object. NTP should be used 475 for this--or at least SNTP." 476 REFERENCE "draft-ietf-ntp-ntpv4-proto, section 6" 477 ::= { ntpEntStatus 9 } 479 ntpEntStatusLeapSecond OBJECT-TYPE 480 SYNTAX NtpDateTime 481 MAX-ACCESS read-only 482 STATUS current 483 DESCRIPTION 484 "Date the next known leap second will occur. If there is 485 no leap second announced then this object should be 0." 486 ::= { ntpEntStatus 10 } 488 ntpEntStatusLeapSecDirection OBJECT-TYPE 489 SYNTAX Integer32 (-1..1) 490 MAX-ACCESS read-only 491 STATUS current 492 DESCRIPTION 493 "Direction of next known leap second. If there is no 494 leap second announced then this object should be 0." 495 ::= { ntpEntStatus 11 } 497 ntpEntStatusInPkts OBJECT-TYPE 498 SYNTAX Counter32 499 UNITS "packets" 500 MAX-ACCESS read-only 501 STATUS current 502 DESCRIPTION 503 "The total number of NTP messages delivered to the 504 NTP entity from the transport service. 505 Discountinuities in the value of this counter can occur 506 upon cold start or reinitialization of the NTP entity, the 507 management system and at other times as indicated by 508 discontinuities in the value of sysUpTime." 510 ::= { ntpEntStatus 12 } 512 ntpEntStatusOutPkts OBJECT-TYPE 513 SYNTAX Counter32 514 UNITS "packets" 515 MAX-ACCESS read-only 516 STATUS current 517 DESCRIPTION 518 "The total number of NTP messages delivered to the 519 transport service by this NTP entity. 520 Discountinuities in the value of this counter can occur 521 upon cold start or reinitialization of the NTP entity, the 522 management system and at other times as indicated by 523 discontinuities in the value of sysUpTime." 524 ::= { ntpEntStatus 13 } 526 ntpEntStatusBadVersion OBJECT-TYPE 527 SYNTAX Counter32 528 UNITS "packets" 529 MAX-ACCESS read-only 530 STATUS current 531 DESCRIPTION 532 "The total number of NTP messages which were delivered 533 to this NTP entity and were for an unsupported NTP 534 version. 535 Discountinuities in the value of this counter can occur 536 upon cold start or reinitialization of the NTP entity, the 537 management system and at other times as indicated by 538 discontinuities in the value of sysUpTime." 539 ::= { ntpEntStatus 14 } 541 ntpEntStatusProtocolError OBJECT-TYPE 542 SYNTAX Counter32 543 UNITS "packets" 544 MAX-ACCESS read-only 545 STATUS current 546 DESCRIPTION 547 "The total number of NTP messages which were delivered 548 to this NTP entity and this entity was not able to 549 process due to an NTP protocol error. 550 Discountinuities in the value of this counter can occur 551 upon cold start or reinitialization of the NTP entity, the 552 management system and at other times as indicated by 553 discontinuities in the value of sysUpTime." 554 ::= { ntpEntStatus 15 } 556 ntpEntStatusNotifications OBJECT-TYPE 557 SYNTAX Counter32 558 UNITS "notifications" 559 MAX-ACCESS read-only 560 STATUS current 561 DESCRIPTION 562 "The total number of SNMP notifications which this NTP 563 entity has generated. 565 Discountinuities in the value of this counter can occur 566 upon cold start or reinitialization of the NTP entity, the 567 management system and at other times as indicated by 568 discontinuities in the value of sysUpTime." 569 ::= { ntpEntStatus 16 } 571 ntpEntStatPktModeTable OBJECT-TYPE 572 SYNTAX SEQUENCE OF NtpEntStatPktModeEntry 573 MAX-ACCESS not-accessible 574 STATUS current 575 DESCRIPTION 576 "The number of packets sent and received by packet mode. 577 One entry per packet mode." 578 ::= { ntpEntStatus 17 } 580 ntpEntStatPktModeEntry OBJECT-TYPE 581 SYNTAX NtpEntStatPktModeEntry 582 MAX-ACCESS not-accessible 583 STATUS current 584 DESCRIPTION 585 "A statistical record of the number of packets sent and 586 received for each packet mode." 587 INDEX { ntpEntStatPktMode } 588 ::= { ntpEntStatPktModeTable 1 } 590 NtpEntStatPktModeEntry ::= SEQUENCE { 591 ntpEntStatPktMode INTEGER, 592 ntpEntStatPktSent Counter32, 593 ntpEntStatPktReceived Counter32 594 } 596 ntpEntStatPktMode OBJECT-TYPE 597 SYNTAX INTEGER { 598 symetricactive(1), 599 symetricpassive(2), 600 client(3), 601 server(4), 602 broadcastserver(5), 603 broadcastclient(6) 604 } 605 MAX-ACCESS not-accessible 606 STATUS current 607 DESCRIPTION 608 "The NTP packet mode." 609 ::= { ntpEntStatPktModeEntry 1 } 611 ntpEntStatPktSent OBJECT-TYPE 612 SYNTAX Counter32 613 UNITS "packets" 614 MAX-ACCESS read-only 615 STATUS current 616 DESCRIPTION 617 "The number of NTP packets sent with this packet mode. 618 Discountinuities in the value of this counter can occur 619 upon cold start or reinitialization of the NTP entity, the 620 management system and at other times as indicated by 621 discontinuities in the value of sysUpTime." 623 ::= { ntpEntStatPktModeEntry 2 } 625 ntpEntStatPktReceived OBJECT-TYPE 626 SYNTAX Counter32 627 UNITS "packets" 628 MAX-ACCESS read-only 629 STATUS current 630 DESCRIPTION 631 "The number of NTP packets received with this packet mode. 632 Discountinuities in the value of this counter can occur 633 upon cold start or reinitialization of the NTP entity, the 634 management system and at other times as indicated by 635 discontinuities in the value of sysUpTime." 637 ::= { ntpEntStatPktModeEntry 3 } 639 -- 640 -- Section 3: The status of all currently mobilized associations 641 -- 643 ntpAssociationTable OBJECT-TYPE 644 SYNTAX SEQUENCE OF NtpAssociationEntry 645 MAX-ACCESS not-accessible 646 STATUS current 647 DESCRIPTION 648 "The table of currently mobilized associations." 649 ::= { ntpAssociation 1 } 651 ntpAssociationEntry OBJECT-TYPE 652 SYNTAX NtpAssociationEntry 653 MAX-ACCESS not-accessible 654 STATUS current 655 DESCRIPTION 656 "The table entry of currently mobilized associations." 657 INDEX { ntpAssocId } 658 ::= { ntpAssociationTable 1 } 660 NtpAssociationEntry ::= SEQUENCE { 661 ntpAssocId Unsigned32, 662 ntpAssocName Utf8String, 663 ntpAssocRefId DisplayString, 664 ntpAssocAddressType InetAddressType, 665 ntpAssocAddress InetAddress, 666 ntpAssocOffset DisplayString, 667 ntpAssocStratum NtpStratum, 668 ntpAssocStatusJitter DisplayString, 669 ntpAssocStatusDelay DisplayString, 670 ntpAssocStatusDispersion DisplayString 671 } 673 ntpAssocId OBJECT-TYPE 674 SYNTAX Unsigned32 ( 1..99999 ) 675 MAX-ACCESS not-accessible 676 STATUS current 677 DESCRIPTION 678 "The association ID. This is an internal, unique ID." 679 ::= { ntpAssociationEntry 1 } 681 ntpAssocName OBJECT-TYPE 682 SYNTAX Utf8String 683 MAX-ACCESS read-only 684 STATUS current 685 DESCRIPTION 686 "The hostname or other descriptive name for the association." 687 ::= { ntpAssociationEntry 2 } 689 ntpAssocRefId OBJECT-TYPE 690 SYNTAX DisplayString 691 MAX-ACCESS read-only 692 STATUS current 693 DESCRIPTION 694 "The refclock driver ID, if available." 695 -- a refclock driver ID like "127.127.1.0" for non 696 -- uni/multi/broadcast associations 697 ::= { ntpAssociationEntry 3 } 699 ntpAssocAddressType OBJECT-TYPE 700 SYNTAX InetAddressType { ipv4(1), ipv6(2), ipv4z(3), ipv6z(4) } 701 MAX-ACCESS read-only 702 STATUS current 703 DESCRIPTION 704 "The type of address of the association. Can be either IPv4 or 705 IPv6 (both with or without zone index) and contains the type of 706 address for unicast, multicast and broadcast associations." 707 ::= { ntpAssociationEntry 4 } 709 ntpAssocAddress OBJECT-TYPE 710 SYNTAX InetAddress (SIZE (4|8|16|20)) 711 MAX-ACCESS read-only 712 STATUS current 713 DESCRIPTION 714 "The IP address (IPv4 or IPv6, with or without zone index) of 715 the association. The type and size depends on the 716 ntpAssocAddressType object. Represents the IP address of a 717 uni/multi/broadcast association." 718 ::= { ntpAssociationEntry 5 } 720 ntpAssocOffset OBJECT-TYPE 721 SYNTAX DisplayString 722 MAX-ACCESS read-only 723 STATUS current 724 DESCRIPTION 725 "The time offset to the association as a string." 726 -- including unit, e.g. "0.032 ms" or "1.232 s" 727 ::= { ntpAssociationEntry 6 } 729 ntpAssocStratum OBJECT-TYPE 730 SYNTAX NtpStratum 731 MAX-ACCESS read-only 732 STATUS current 733 DESCRIPTION 734 "The association stratum value." 735 ::= { ntpAssociationEntry 7 } 737 ntpAssocStatusJitter OBJECT-TYPE 738 SYNTAX DisplayString 739 MAX-ACCESS read-only 740 STATUS current 741 DESCRIPTION 742 "The jitter in miliseconds as a string." 743 ::= { ntpAssociationEntry 8 } 745 ntpAssocStatusDelay OBJECT-TYPE 746 SYNTAX DisplayString 747 MAX-ACCESS read-only 748 STATUS current 749 DESCRIPTION 750 "The network delay in miliseconds as a string." 751 ::= { ntpAssociationEntry 9 } 753 ntpAssocStatusDispersion OBJECT-TYPE 754 SYNTAX DisplayString 755 MAX-ACCESS read-only 756 STATUS current 757 DESCRIPTION 758 "The root dispersion of the association." 759 -- e.g. "6.927" 760 ::= { ntpAssociationEntry 10 } 762 ntpAssociationStatisticsTable OBJECT-TYPE 763 SYNTAX SEQUENCE OF NtpAssociationStatisticsEntry 764 MAX-ACCESS not-accessible 765 STATUS current 766 DESCRIPTION 767 "The table of statistics for current associations." 768 ::= { ntpAssociation 2 } 770 ntpAssociationStatisticsEntry OBJECT-TYPE 771 SYNTAX NtpAssociationStatisticsEntry 772 MAX-ACCESS not-accessible 773 STATUS current 774 DESCRIPTION 775 "The table entry of statistics for current associations." 776 INDEX { ntpAssocId } 777 ::= { ntpAssociationStatisticsTable 1 } 779 NtpAssociationStatisticsEntry ::= SEQUENCE { 780 ntpAssocStatInPkts Counter32, 781 ntpAssocStatOutPkts Counter32, 782 ntpAssocStatProtocolError Counter32 783 } 785 ntpAssocStatInPkts OBJECT-TYPE 786 SYNTAX Counter32 787 UNITS "packets" 788 MAX-ACCESS read-only 789 STATUS current 790 DESCRIPTION 791 "The total number of NTP messages delivered to the 792 NTP entity from this association. 793 Discountinuities in the value of this counter can occur 794 upon cold start or reinitialization of the NTP entity, the 795 management system and at other times as indicated by 796 discontinuities in the value of sysUpTime." 798 ::= { ntpAssociationStatisticsEntry 1 } 800 ntpAssocStatOutPkts OBJECT-TYPE 801 SYNTAX Counter32 802 UNITS "packets" 803 MAX-ACCESS read-only 804 STATUS current 805 DESCRIPTION 806 "The total number of NTP messages delivered to the 807 transport service by this NTP entity for this 808 association. 809 Discountinuities in the value of this counter can occur 810 upon cold start or reinitialization of the NTP entity, the 811 management system and at other times as indicated by 812 discontinuities in the value of sysUpTime." 814 ::= { ntpAssociationStatisticsEntry 2 } 816 ntpAssocStatProtocolError OBJECT-TYPE 817 SYNTAX Counter32 818 UNITS "packets" 819 MAX-ACCESS read-only 820 STATUS current 821 DESCRIPTION 822 "The total number of NTP messages which were delivered 823 to this NTP entity from this association and this entity 824 was not able to process due to an NTP protocol error. 825 Discountinuities in the value of this counter can occur 826 upon cold start or reinitialization of the NTP entity, the 827 management system and at other times as indicated by 828 discontinuities in the value of sysUpTime." 830 ::= { ntpAssociationStatisticsEntry 3 } 832 -- 833 -- Section 4: Control objects 834 -- 836 ntpEntHeartbeatInterval OBJECT-TYPE 837 SYNTAX Unsigned32 838 UNITS "seconds" 839 MAX-ACCESS read-write 840 STATUS current 841 DESCRIPTION 842 "The interval at which the ntpEntNotifHeartbeat notification 843 should be sent, in seconds. If set to 0 and the 844 entNotifHeartbeat bit in ntpEntNotifBits is 1 then 845 ntpEntNotifHeartbeat is sent once. 846 This value is stored persistently and will be restored to its 847 last set value upon cold start or restart." 848 DEFVAL { 60 } 849 ::= { ntpEntControl 1 } 851 ntpEntNotifBits OBJECT-TYPE 852 SYNTAX BITS { 853 notUsed(0), -- Used to sync up bit and notification 854 -- indices 855 entNotifModeChange(1), 856 entNotifStratumChange(2), 857 entNotifSyspeerChanged(3), 858 entNotifAddAssociation(4), 859 entNotifRemoveAssociation(5), 860 entNotifConfigChanged(6), 861 entNotifLeapSecondAnnounced(7), 862 entNotifHeartbeat(8) 863 } 864 MAX-ACCESS read-write 865 STATUS current 866 DESCRIPTION 867 "A bit for each notification. A 1 for a particular bit enables 868 that particular notification, a 0 disables it. 869 This value is stored persistently and will be restored to its 870 last set value upon cold start or restart." 871 ::= { ntpEntControl 2 } 873 -- 874 -- Section 5: Notification objects 875 -- 877 ntpEntNotifMessage OBJECT-TYPE 878 SYNTAX Utf8String 879 MAX-ACCESS accessible-for-notify 880 STATUS current 881 DESCRIPTION 882 "Used as a payload object for all notifications. Holds a clear 883 text event message." 884 DEFVAL { "no event" } 885 ::= { ntpEntNotifObjects 1 } 887 -- 888 -- SNMP notification definitions 889 -- 891 ntpEntNotifications OBJECT IDENTIFIER ::= { ntpSnmpMIB 0 } 893 ntpEntNotifModeChange NOTIFICATION-TYPE 894 OBJECTS { ntpEntStatusCurrentMode } 895 STATUS current 896 DESCRIPTION 897 "The notification to be sent when the NTP entity changes mode, 898 including starting and stopping (if possible)" 899 ::= { ntpEntNotifications 1 } 901 ntpEntNotifStratumChange NOTIFICATION-TYPE 902 OBJECTS { ntpEntStatusDateTime, ntpEntStatusStratum, 903 ntpEntNotifMessage } 904 STATUS current 905 DESCRIPTION 906 "The notification to be sent when stratum level of NTP changes." 907 ::= { ntpEntNotifications 2 } 909 ntpEntNotifSyspeerChanged NOTIFICATION-TYPE 910 OBJECTS { ntpEntStatusDateTime, ntpEntStatusActiveRefSourceId, 911 ntpEntNotifMessage } 912 STATUS current 913 DESCRIPTION 914 "The notification to be sent when a (new) syspeer has been 915 selected." 916 ::= { ntpEntNotifications 3 } 918 ntpEntNotifAddAssociation NOTIFICATION-TYPE 919 OBJECTS { ntpEntStatusDateTime, ntpAssocName, ntpEntNotifMessage } 920 STATUS current 921 DESCRIPTION 922 "The notification to be sent when a new association is 923 mobilized." 924 ::= { ntpEntNotifications 4 } 926 ntpEntNotifRemoveAssociation NOTIFICATION-TYPE 927 OBJECTS { ntpEntStatusDateTime, ntpAssocName, ntpEntNotifMessage } 928 STATUS current 929 DESCRIPTION 930 "The notification to be sent when an association is 931 demobilized." 932 ::= { ntpEntNotifications 5 } 934 ntpEntNotifConfigChanged NOTIFICATION-TYPE 935 OBJECTS { ntpEntStatusDateTime, ntpEntNotifMessage } 936 STATUS current 937 DESCRIPTION 938 "The notification to be sent when the NTP configuration has 939 changed, e.g. when the system connected to the internet and was 940 assigned a new IP address by the ISPs DHCP server" 941 ::= { ntpEntNotifications 6 } 943 ntpEntNotifLeapSecondAnnounced NOTIFICATION-TYPE 944 OBJECTS { ntpEntStatusDateTime, ntpEntNotifMessage } 945 STATUS current 946 DESCRIPTION 947 "The notification to be sent when a leap second has been 948 announced." 950 ::= { ntpEntNotifications 7 } 952 ntpEntNotifHeartbeat NOTIFICATION-TYPE 953 OBJECTS { ntpEntStatusDateTime, ntpEntStatusCurrentMode, 954 ntpEntHeartbeatInterval, ntpEntNotifMessage } 955 STATUS current 956 DESCRIPTION 957 "The notification to be sent periodically (as defined by 958 ntpEntHeartbeatInterval) to indicate that the NTP entity is 959 still alive." 960 ::= { ntpEntNotifications 8 } 962 -- 963 -- Conformance/Compliance statements 964 -- 966 ntpEntConformance OBJECT IDENTIFIER ::= { ntpSnmpMIB 2 } 968 ntpEntCompliances OBJECT IDENTIFIER ::= { ntpEntConformance 1 } 969 ntpEntGroups OBJECT IDENTIFIER ::= { ntpEntConformance 2 } 971 ntpEntNTPCompliance MODULE-COMPLIANCE 972 STATUS current 973 DESCRIPTION 974 "The compliance statement for SNMP entities which use NTP and 975 implement the NTP MIB" 976 MODULE -- this module 977 MANDATORY-GROUPS { 978 ntpEntObjectsGroup1 979 } 980 ::= { ntpEntCompliances 1 } 982 ntpEntSNTPCompliance MODULE-COMPLIANCE 983 STATUS current 984 DESCRIPTION 985 "The compliance statement for SNMP entities which use SNTP and 986 implement the NTP MIB" 987 MODULE -- this module 988 MANDATORY-GROUPS { 989 ntpEntObjectsGroup1 990 } 991 GROUP ntpEntObjectsGroup2 992 DESCRIPTION 993 "optional object group" 994 GROUP ntpEntNotifGroup 995 DESCRIPTION 996 "optional notifications for this MIB" 997 ::= { ntpEntCompliances 2 } 999 ntpEntObjectsGroup1 OBJECT-GROUP 1000 OBJECTS { 1001 ntpEntSoftwareName, 1002 ntpEntSoftwareVersion, 1003 ntpEntSoftwareVendor, 1004 ntpEntSystemType, 1005 ntpEntStatusEntityUptime, 1006 ntpEntStatusDateTime, 1007 ntpAssocName, 1008 ntpAssocRefId, 1009 ntpAssocAddressType, 1010 ntpAssocAddress 1011 } 1012 STATUS current 1013 DESCRIPTION 1014 "A collection of objects for the NTP MIB." 1015 ::= { ntpEntGroups 1 } 1017 ntpEntObjectsGroup2 OBJECT-GROUP 1018 OBJECTS { 1019 ntpEntTimeResolution, 1020 ntpEntTimePrecision, 1021 ntpEntTimeDistance, 1022 ntpEntStatusCurrentMode, 1023 ntpEntStatusStratum, 1024 ntpEntStatusActiveRefSourceId, 1025 ntpEntStatusActiveRefSourceName, 1026 ntpEntStatusActiveOffset, 1027 ntpEntStatusNumberOfRefSources, 1028 ntpEntStatusDispersion, 1029 ntpEntStatusLeapSecond, 1030 ntpEntStatusLeapSecDirection, 1031 ntpEntStatusInPkts, 1032 ntpEntStatusOutPkts, 1033 ntpEntStatusBadVersion, 1034 ntpEntStatusProtocolError, 1035 ntpEntStatusNotifications, 1036 ntpEntStatPktSent, 1037 ntpEntStatPktReceived, 1038 ntpAssocOffset, 1039 ntpAssocStratum, 1040 ntpAssocStatusJitter, 1041 ntpAssocStatusDelay, 1042 ntpAssocStatusDispersion, 1043 ntpAssocStatInPkts, 1044 ntpAssocStatOutPkts, 1045 ntpAssocStatProtocolError, 1046 ntpEntHeartbeatInterval, 1047 ntpEntNotifBits, 1048 ntpEntNotifMessage 1049 } 1050 STATUS current 1051 DESCRIPTION 1052 "A collection of objects for the NTP MIB." 1053 ::= { ntpEntGroups 2 } 1055 ntpEntNotifGroup NOTIFICATION-GROUP 1056 NOTIFICATIONS { 1057 ntpEntNotifModeChange, 1058 ntpEntNotifStratumChange, 1059 ntpEntNotifSyspeerChanged, 1060 ntpEntNotifAddAssociation, 1061 ntpEntNotifRemoveAssociation, 1062 ntpEntNotifConfigChanged, 1063 ntpEntNotifLeapSecondAnnounced, 1064 ntpEntNotifHeartbeat 1065 } 1066 STATUS current 1067 DESCRIPTION 1068 "A collection of notifications for the NTP MIB" 1069 ::= { ntpEntGroups 3 } 1071 END 1073 6. IANA Considerations 1075 The MIB module in this document uses the following IANA-assigned 1076 OBJECT IDENTIFIER values recorded in the SMI Numbers registry: 1078 Descriptor OBJECT IDENTIFIER value 1079 ---------- ----------------------- 1081 ntpSnmp { mib-2 XXX } 1083 RFC Ed. : the IANA is requested to assign a value for "XXX" under the 1084 'mib-2' subtree and to record the assignment in the SMI Numbers 1085 registry. When the assignment has been made, the RFC Editor is asked 1086 to replace "XXX" (here and in the MIB module) with the assigned value 1087 and to remove this note. 1089 7. Security Considerations 1091 There are currently two management objects defined in this MIB module 1092 with a MAX-ACCESS clause of read-write and/or read-create. Such 1093 objects may be considered sensitive or vulnerable in some network 1094 environments. The support for SET operations in a non-secure 1095 environment without proper protection can have a negative effect on 1096 network operations. These are the objects and their sensitivity/ 1097 vulnerability: 1099 ntpEntHeartbeatInterval controls the interval of heartbeat 1100 notifications. If set to 1 this will cause the NTP entity to send 1101 one notification each second. This is the maximum rate (1/s) that 1102 can be generated automatically. If it is set to 0, then one single 1103 hearbeat notification will be created and no further automatically 1104 generated notification is sent. This functionality can be used to 1105 create notifications at a higher rate (as high as the object can be 1106 written). 1108 ntpEntNotifBits enables/disables notifications. Could be used to 1109 switch off notifications in order to delay or eliminate the 1110 notification for critical and important events. 1112 Some of the readable objects in this MIB module (i.e., objects with a 1113 MAX-ACCESS other than not-accessible) may be considered sensitive or 1114 vulnerable in some network environments. It is thus important to 1115 control even GET and/or NOTIFY access to these objects and possibly 1116 to even encrypt the values of these objects when sending them over 1117 the network via SNMP. These are the tables and objects and their 1118 sensitivity/vulnerability: 1120 ntpEntSoftwareName, ntpEntSoftwareVersion, ntpEntSoftwareVendor and 1121 ntpEntSystemType all can be used to identify software and its version 1122 as well as the operating system and hardware platform. This might 1123 help a potential attacker to find security problems and therefore can 1124 be used in the preparation of an attack. 1126 SNMP versions prior to SNMPv3 did not include adequate security. 1127 Even if the network itself is secure (for example by using IPsec), 1128 even then, there is no control as to who on the secure network is 1129 allowed to access and GET/SET (read/change/create/delete) the objects 1130 in this MIB module. It is RECOMMENDED that implementers consider the 1131 security features as provided by the SNMPv3 framework (see RFC3410 1132 [RFC3410], section 8), including full support for the SNMPv3 1133 cryptographic mechanisms (for authentication and privacy). Further, 1134 deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. 1135 Instead, it is RECOMMENDED to deploy SNMPv3 and to enable 1136 cryptographic security. It is then a customer/operator 1137 responsibility to ensure that the SNMP entity giving access to an 1138 instance of this MIB module is properly configured to give access to 1139 the objects only to those principals (users) that have legitimate 1140 rights to indeed GET or SET (change/create/delete) them. 1142 8. References 1144 8.1. Normative References 1146 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1147 Requirement Levels", BCP 14, RFC 2119, March 1997. 1149 [I-D.ietf-ntp-ntpv4-proto] 1150 Kasch, W., Mills, D., and J. Burbank, "Network Time 1151 Protocol Version 4 Protocol And Algorithms Specification", 1152 draft-ietf-ntp-ntpv4-proto-13 (work in progress), 1153 October 2009. 1155 [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. 1156 Schoenwaelder, Ed., "Structure of Management Information 1157 Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. 1159 [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. 1160 Schoenwaelder, Ed., "Textual Conventions for SMIv2", 1161 STD 58, RFC 2579, April 1999. 1163 [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, 1164 "Conformance Statements for SMIv2", STD 58, RFC 2580, 1165 April 1999. 1167 [RFC4001] Daniele, M., Haberman, B., Routhier, S., and J. 1168 Schoenwaelder, "Textual Conventions for Internet Network 1169 Addresses", RFC 4001, February 2005. 1171 8.2. Informative References 1173 [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, 1174 "Introduction and Applicability Statements for Internet- 1175 Standard Management Framework", RFC 3410, December 2002. 1177 Authors' Addresses 1179 Heiko Gerstung 1180 Meinberg Funkuhren Gmbh & Co. KG 1181 Lange Wand 9 1182 Bad Pyrmont 31812 1183 Germany 1185 Phone: +49 5281 9309 25 1186 Email: heiko.gerstung@meinberg.de 1187 Chris Elliott 1188 1516 Kent St. 1189 Durham, NC 27707 1190 USA 1192 Phone: +1-919-308-1216 1193 Email: chelliot@pobox.com 1195 Brian Haberman (editor) 1196 Johns Hopkins University Applied Physics Lab 1197 11100 Johns Hopkins Road 1198 Laurel, MD 20723-6099 1199 US 1201 Phone: +1 443 778 1319 1202 Email: brian@innovationslab.net