idnits 2.17.1 draft-ietf-ntp-yang-data-model-05.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 163 has weird spacing: '...ss-mode acc...' == Line 256 has weird spacing: '...address rt-...' == Line 258 has weird spacing: '...address rt-...' -- The document date (December 17, 2018) is 1957 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 1305 (Obsoleted by RFC 5905) Summary: 1 error (**), 0 flaws (~~), 4 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 NTP Working Group N. Wu 3 Internet-Draft D. Dhody 4 Intended status: Standards Track Huawei 5 Expires: June 20, 2019 A. Sinha 6 A. Kumar S N 7 RtBrick Inc. 8 Y. Zhao 9 Ericsson 10 December 17, 2018 12 A YANG Data Model for NTP 13 draft-ietf-ntp-yang-data-model-05 15 Abstract 17 This document defines a YANG data model for Network Time Protocol 18 (NTP) implementations. The data model includes configuration data 19 and state data. 21 Requirements Language 23 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 24 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 25 "OPTIONAL" in this document are to be interpreted as described in BCP 26 14 [RFC2119] [RFC8174] when, and only when, they appear in all 27 capitals, as shown here. 29 Status of This Memo 31 This Internet-Draft is submitted in full conformance with the 32 provisions of BCP 78 and BCP 79. 34 Internet-Drafts are working documents of the Internet Engineering 35 Task Force (IETF). Note that other groups may also distribute 36 working documents as Internet-Drafts. The list of current Internet- 37 Drafts is at https://datatracker.ietf.org/drafts/current/. 39 Internet-Drafts are draft documents valid for a maximum of six months 40 and may be updated, replaced, or obsoleted by other documents at any 41 time. It is inappropriate to use Internet-Drafts as reference 42 material or to cite them other than as "work in progress." 44 This Internet-Draft will expire on June 20, 2019. 46 Copyright Notice 48 Copyright (c) 2018 IETF Trust and the persons identified as the 49 document authors. All rights reserved. 51 This document is subject to BCP 78 and the IETF Trust's Legal 52 Provisions Relating to IETF Documents 53 (https://trustee.ietf.org/license-info) in effect on the date of 54 publication of this document. Please review these documents 55 carefully, as they describe your rights and restrictions with respect 56 to this document. Code Components extracted from this document must 57 include Simplified BSD License text as described in Section 4.e of 58 the Trust Legal Provisions and are provided without warranty as 59 described in the Simplified BSD License. 61 Table of Contents 63 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 64 1.1. Operational State . . . . . . . . . . . . . . . . . . . . 3 65 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 66 1.3. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . 3 67 1.4. Prefixes in Data Node Names . . . . . . . . . . . . . . . 3 68 2. NTP data model . . . . . . . . . . . . . . . . . . . . . . . 4 69 3. Relationship with NTPv4-MIB . . . . . . . . . . . . . . . . . 8 70 4. Relationship with RFC 7317 . . . . . . . . . . . . . . . . . 8 71 5. Access Rules . . . . . . . . . . . . . . . . . . . . . . . . 9 72 6. Key Management . . . . . . . . . . . . . . . . . . . . . . . 9 73 7. NTP YANG Module . . . . . . . . . . . . . . . . . . . . . . . 9 74 8. Usage Example . . . . . . . . . . . . . . . . . . . . . . . . 32 75 8.1. Unicast association . . . . . . . . . . . . . . . . . . . 32 76 8.2. Refclock master . . . . . . . . . . . . . . . . . . . . . 34 77 8.3. Authentication configuration . . . . . . . . . . . . . . 35 78 8.4. Access configuration . . . . . . . . . . . . . . . . . . 37 79 8.5. Multicast configuration . . . . . . . . . . . . . . . . . 37 80 8.6. Manycast configuration . . . . . . . . . . . . . . . . . 41 81 8.7. Clock state . . . . . . . . . . . . . . . . . . . . . . . 44 82 8.8. Get all association . . . . . . . . . . . . . . . . . . . 44 83 8.9. Global statistic . . . . . . . . . . . . . . . . . . . . 46 84 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 46 85 10. Security Considerations . . . . . . . . . . . . . . . . . . . 47 86 11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 48 87 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 48 88 12.1. Normative References . . . . . . . . . . . . . . . . . . 48 89 12.2. Informative References . . . . . . . . . . . . . . . . . 50 90 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 50 92 1. Introduction 94 This document defines a YANG [RFC7950] data model for Network Time 95 Protocol [RFC5905] implementations. 97 The data model convers configuration of system parameters of NTP, 98 such as access rules, authentication and VPN Routing and Forwarding 99 (VRF) binding, and also associations of NTP in different modes and 100 parameters of per-interface. It also provides information about 101 running state of NTP implementations. 103 1.1. Operational State 105 NTP Operational State is included in the same tree as NTP 106 configuration, consistent with Network Management Datastore 107 Architecture [RFC8342]. NTP current state and statistics are also 108 maintained in the operational state. Additionally, the operational 109 state also include the associations state. 111 1.2. Terminology 113 The terminology used in this document is aligned to [RFC5905]. 115 1.3. Tree Diagrams 117 A simplified graphical representation of the data model is used in 118 this document. This document uses the graphical representation of 119 data models defined in [RFC8340]. 121 1.4. Prefixes in Data Node Names 123 In this document, names of data nodes and other data model objects 124 are often used without a prefix, as long as it is clear from the 125 context in which YANG module each name is defined. Otherwise, names 126 are prefixed using the standard prefix associated with the 127 corresponding YANG module, as shown in Table 1. 129 +----------+--------------------------+-----------------------------+ 130 | Prefix | YANG module | Reference | 131 +----------+--------------------------+-----------------------------+ 132 | yang | ietf-yang-types | [RFC6991] | 133 | inet | ietf-inet-types | [RFC6991] | 134 | if | ietf-interfaces | [RFC8343] | 135 | ianach | iana-crypt-hash | [RFC7317] | 136 | key- | ietf-key-chain | [RFC8177] | 137 | chain | | | 138 | acl | ietf-access-control-list | [I-D.ietf-netmod-acl-model] | 139 | rt-types | ietf-routing-types | [RFC8294] | 140 +----------+--------------------------+-----------------------------+ 142 Table 1: Prefixes and corresponding YANG modules 144 2. NTP data model 146 This document defines the YANG module "ietf-ntp", which has the 147 following structure: 149 module: ietf-ntp 150 +--rw ntp! 151 +--rw port? inet:port-number {ntp-port}? 152 +--rw refclock-master! 153 | +--rw master-stratum? ntp-stratum 154 +--rw authentication 155 | +--rw auth-enabled? boolean 156 | +--rw authentication-keys* [key-id] 157 | +--rw key-id uint32 158 | +--rw algorithm? identityref 159 | +--rw key? ianach:crypt-hash 160 | +--rw istrusted? boolean 161 +--rw access-rules 162 | +--rw access-rule* [access-mode] 163 | +--rw access-mode access-mode 164 | +--rw acl? -> /acl:acls/acl/name 165 +--ro clock-state 166 | +--ro system-status 167 | +--ro clock-state ntp-clock-status 168 | +--ro clock-stratum ntp-stratum 169 | +--ro clock-refid union 170 | +--ro associations-address? 171 | | -> /ntp/associations/address 172 | +--ro associations-local-mode? 173 | | -> /ntp/associations/local-mode 174 | +--ro associations-isconfigured? 175 | | -> /ntp/associations/isconfigured 176 | +--ro nominal-freq decimal64 177 | +--ro actual-freq decimal64 178 | +--ro clock-precision uint8 179 | +--ro clock-offset? decimal64 180 | +--ro root-delay? decimal64 181 | +--ro root-dispersion? decimal64 182 | +--ro reference-time? yang:date-and-time 183 | +--ro sync-state ntp-sync-state 184 +--rw unicast-configuration* [address type] 185 | +--rw address inet:host 186 | +--rw type unicast-configuration-type 187 | +--rw authentication 188 | | +--rw (authentication-type)? 189 | | +--:(symmetric-key) 190 | | +--rw key-id? leafref 191 | +--rw prefer? boolean 192 | +--rw burst? boolean 193 | +--rw iburst? boolean 194 | +--rw source? if:interface-ref 195 | +--rw minpoll? ntp-minpoll 196 | +--rw maxpoll? ntp-maxpoll 197 | +--rw port? inet:port-number {ntp-port}? 198 | +--rw version? ntp-version 199 +--ro associations* [address local-mode isconfigured] 200 | +--ro address inet:host 201 | +--ro local-mode association-mode 202 | +--ro isconfigured boolean 203 | +--ro stratum? ntp-stratum 204 | +--ro refid? union 205 | +--ro authentication? 206 | | -> /ntp/authentication/authentication-keys/key-id 207 | +--ro prefer? boolean 208 | +--ro peer-interface? if:interface-ref 209 | +--ro minpoll? ntp-minpoll 210 | +--ro maxpoll? ntp-maxpoll 211 | +--ro port? inet:port-number {ntp-port}? 212 | +--ro version? ntp-version 213 | +--ro reach? uint8 214 | +--ro unreach? uint8 215 | +--ro poll? uint8 216 | +--ro now? uint32 217 | +--ro offset? decimal64 218 | +--ro delay? decimal64 219 | +--ro dispersion? decimal64 220 | +--ro originate-time? yang:date-and-time 221 | +--ro receive-time? yang:date-and-time 222 | +--ro transmit-time? yang:date-and-time 223 | +--ro input-time? yang:date-and-time 224 | +--ro ntp-statistics 225 | +--ro packet-sent? yang:counter32 226 | +--ro packet-sent-fail? yang:counter32 227 | +--ro packet-received? yang:counter32 228 | +--ro packet-dropped? yang:counter32 229 +--rw interfaces 230 | +--rw interface* [name] 231 | +--rw name if:interface-ref 232 | +--rw broadcast-server! 233 | | +--rw ttl? uint8 234 | | +--rw authentication 235 | | | +--rw (authentication-type)? 236 | | | +--:(symmetric-key) 237 | | | +--rw key-id? leafref 238 | | +--rw minpoll? ntp-minpoll 239 | | +--rw maxpoll? ntp-maxpoll 240 | | +--rw port? inet:port-number {ntp-port}? 241 | | +--rw version? ntp-version 242 | +--rw broadcast-client! 243 | +--rw multicast-server* [address] 244 | | +--rw address 245 | | | rt-types:ip-multicast-group-address 246 | | +--rw ttl? uint8 247 | | +--rw authentication 248 | | | +--rw (authentication-type)? 249 | | | +--:(symmetric-key) 250 | | | +--rw key-id? leafref 251 | | +--rw minpoll? ntp-minpoll 252 | | +--rw maxpoll? ntp-maxpoll 253 | | +--rw port? inet:port-number {ntp-port}? 254 | | +--rw version? ntp-version 255 | +--rw multicast-client* [address] 256 | | +--rw address rt-types:ip-multicast-group-address 257 | +--rw manycast-server* [address] 258 | | +--rw address rt-types:ip-multicast-group-address 259 | +--rw manycast-client* [address] 260 | +--rw address 261 | | rt-types:ip-multicast-group-address 262 | +--rw authentication 263 | | +--rw (authentication-type)? 264 | | +--:(symmetric-key) 265 | | +--rw key-id? leafref 266 | +--rw ttl? uint8 267 | +--rw minclock? uint8 268 | +--rw maxclock? uint8 269 | +--rw beacon? uint8 270 | +--rw minpoll? ntp-minpoll 271 | +--rw maxpoll? ntp-maxpoll 272 | +--rw port? inet:port-number {ntp-port}? 273 | +--rw version? ntp-version 274 +--ro ntp-statistics 275 +--ro packet-sent? yang:counter32 276 +--ro packet-sent-fail? yang:counter32 277 +--ro packet-received? yang:counter32 278 +--ro packet-dropped? yang:counter32 280 groupings: 281 authentication 282 +---- (authentication-type)? 283 +--:(symmetric-key) 284 +---- key-id? 285 -> /ntp/authentication/authentication-keys/key-id 287 statistics 288 +---- packet-sent? yang:counter32 289 +---- packet-sent-fail? yang:counter32 290 +---- packet-received? yang:counter32 291 +---- packet-dropped? yang:counter32 293 authentication-key 294 +---- key-id? uint32 295 +---- algorithm? identityref 296 +---- key? ianach:crypt-hash 297 +---- istrusted? boolean 299 association-ref 300 +---- associations-address? -> /ntp/associations/address 301 +---- associations-local-mode? -> /ntp/associations/local-mode 302 +---- associations-isconfigured? 303 -> /ntp/associations/isconfigured 305 common-attributes 306 +---- minpoll? ntp-minpoll 307 +---- maxpoll? ntp-maxpoll 308 +---- port? inet:port-number {ntp-port}? 309 +---- version? ntp-version 311 This data model defines one top-level container which includes both 312 the NTP configuration and the NTP running state including access 313 rules, authentication, associations, unicast configurations, 314 interfaces, system status and associations. 316 3. Relationship with NTPv4-MIB 318 If the device implements the NTPv4-MIB [RFC5907], data nodes from 319 YANG module can be mapped to table entries in NTPv4-MIB. 321 The following tables list the YANG data nodes with corresponding 322 objects in the NTPv4-MIB. 324 YANG NTP Configuration Data Nodes and Related NTPv4-MIB Objects 326 +---------------------------------+---------------------------------+ 327 | YANG data nodes in /ntp/clock- | NTPv4-MIB objects | 328 | state/system-status | | 329 +---------------------------------+---------------------------------+ 330 | clock-state | ntpEntStatusCurrentMode | 331 | clock-stratum | ntpEntStatusStratum | 332 | clock-refid | ntpEntStatusActiveRefSourceId | 333 | | ntpEntStatusActiveRefSourceName | 334 | clock-precision | ntpEntTimePrecision | 335 | clock-offset | ntpEntStatusActiveOffset | 336 | root-dispersion | ntpEntStatusDispersion | 337 +---------------------------------+---------------------------------+ 339 +---------------------------------------+---------------------------+ 340 | YANG data nodes in /ntp/associations/ | NTPv4-MIB objects | 341 +---------------------------------------+---------------------------+ 342 | address | ntpAssocAddressType | 343 | | ntpAssocAddress | 344 | stratum | ntpAssocStratum | 345 | refid | ntpAssocRefId | 346 | offset | ntpAssocOffset | 347 | delay | ntpAssocStatusDelay | 348 | dispersion | ntpAssocStatusDispersion | 349 | ntp-statistics/packet-sent | ntpAssocStatOutPkts | 350 | ntp-statistics/packet-received | ntpAssocStatInPkts | 351 | ntp-statistics/packet-dropped | ntpAssocStatProtocolError | 352 +---------------------------------------+---------------------------+ 354 YANG NTP State Data Nodes and Related NTPv4-MIB Objects 356 4. Relationship with RFC 7317 358 This section describes the relationship with NTP definition in 359 Section 3.2 System Time Management of [RFC7317] . YANG data nodes in 360 /ntp/ also supports per-interface configurations which is not 361 supported in /system/ntp. If the yang model defined in this document 362 is implemented, then /system/ntp SHOULD NOT be used and MUST be 363 ignored. 365 +-------------------------------+--------------------------------+ 366 | YANG data nodes in /ntp/ | YANG data nodes in /system/ntp | 367 +-------------------------------+--------------------------------+ 368 | ntp! | enabled | 369 | unicast-configuration | server | 370 | | server/name | 371 | unicast-configuration/address | server/transport/udp/address | 372 | unicast-configuration/port | server/transport/udp/port | 373 | unicast-configuration/type | server/association-type | 374 | unicast-configuration/iburst | server/iburst | 375 | unicast-configuration/prefer | server/prefer | 376 +-------------------------------+--------------------------------+ 378 YANG NTP Configuration Data Nodes and counterparts in RFC 7317 379 Objects 381 5. Access Rules 383 As per [RFC1305], NTP could include an access-control feature that 384 prevents unauthorized access and controls which peers are allowed to 385 update the local clock. Further it is useful to differentiate 386 between the various kinds of access (such as peer or server; refer 387 access-mode) and attach different acl-rule to each. For this, the 388 YANG module allow such configuration via /ntp/access-rules. The 389 access-rule itself is configured via [I-D.ietf-netmod-acl-model]. 391 6. Key Management 393 As per [RFC1305], when authentication is enabled, NTP employs a 394 crypto-checksum, computed by the sender and checked by the receiver, 395 together with a set of predistributed algorithms, and cryptographic 396 keys indexed by a key identifier included in the NTP message. This 397 key-id is 32-bits unsigned integer that MUST be configured on the NTP 398 peers before the authentication could be used. For this reason, this 399 YANG modules allow such configuration via /ntp/authentication/ 400 authentication-keys/. Further at the time of configuration of NTP 401 association (for example unicast-server), the key-id is specefied. 403 7. NTP YANG Module 405 file "ietf-ntp@2018-12-17.yang" 406 module ietf-ntp { 408 yang-version 1.1; 410 namespace "urn:ietf:params:xml:ns:yang:ietf-ntp"; 412 prefix "ntp"; 413 import ietf-yang-types { 414 prefix "yang"; 415 reference "RFC 6991"; 416 } 418 import ietf-inet-types { 419 prefix "inet"; 420 reference "RFC 6991"; 421 } 423 import ietf-interfaces { 424 prefix "if"; 425 reference "RFC 8343"; 426 } 428 import iana-crypt-hash { 429 prefix "ianach"; 430 reference "RFC 7317"; 431 } 433 import ietf-key-chain { 434 prefix "key-chain"; 435 reference "RFC 8177"; 436 } 438 import ietf-access-control-list { 439 prefix "acl"; 440 reference "RFC XXXX"; 441 } 443 /* Note: The RFC Editor will replace XXXX with the number assigned 444 to the RFC once draft-ietf-netmod-acl-model becomes an RFC.*/ 446 import ietf-routing-types { 447 prefix "rt-types"; 448 reference "RFC 8294"; 450 } 452 organization 453 "IETF NTP (Network Time Protocol) Working Group"; 455 contact 456 "WG Web: 457 WG List: 460 Editor: Anil Kumar S N 461 462 Editor: Yi Zhao 463 464 Editor: Dhruv Dhody 465 466 Editor: Ankit Kumar Sinha 467 "; 468 description 469 "This document defines a YANG data model for Network Time Protocol 470 (NTP) implementations. The data model includes configuration data 471 and state data. 473 Copyright (c) 2018 IETF Trust and the persons identified 474 as authors of the code. All rights reserved. 476 Redistribution and use in source and binary forms, 477 with or without modification, is permitted pursuant to, 478 and subject to the license terms contained in, the 479 Simplified BSD License set forth in Section 4.c of the 480 IETF Trust's Legal Provisions Relating to IETF Documents 481 (http://trustee.ietf.org/license-info). 483 This version of this YANG module is part of RFC YYYY; 484 see the RFC itself for full legal notices."; 486 revision 2018-12-17 { 487 description 488 "Updated revision."; 489 reference 490 "RFC YYYY: A YANG Data Model for NTP."; 491 } 493 /* Note: The RFC Editor will replace YYYY with the number assigned 494 to this document once it becomes an RFC.*/ 496 /* Typedef Definitions */ 498 typedef ntp-stratum { 499 type uint8 { 500 range "1..16"; 501 } 502 description 503 "The level of each server in the hierarchy is defined by 504 a stratum. Primary servers are assigned with stratum 505 one; secondary servers at each lower level are assigned with 506 one stratum greater than the preceding level"; 507 } 508 typedef ntp-version { 509 type uint8 { 510 range "1..4"; 511 } 512 default "3"; 513 description 514 "The current NTP version supported by corresponding 515 association."; 516 } 518 typedef ntp-minpoll { 519 type uint8 { 520 range "4..17"; 521 } 522 default "6"; 523 description 524 "The minimum poll exponent for this NTP association."; 525 } 527 typedef ntp-maxpoll { 528 type uint8 { 529 range "4..17"; 530 } 531 default "10"; 532 description 533 "The maximum poll exponent for this NTP association."; 534 } 536 typedef access-mode { 537 type enumeration { 538 enum peer { 539 value "0"; 540 description 541 "Enables the full access authority. Both time 542 request and control query can be performed 543 on the local NTP service, and the local clock 544 can be synchronized with the remote server."; 545 } 546 enum server { 547 value "1"; 548 description 549 "Enables the server access and query. 550 Both time requests and control query can be 551 performed on the local NTP service, but the 552 local clock cannot be synchronized with the 553 remote server."; 554 } 555 enum synchronization { 556 value "2"; 557 description 558 "Enables the server to access. 559 Only time request can be performed on the 560 local NTP service."; 561 } 562 enum query { 563 value "3"; 564 description 565 "Enables the maximum access limitation. 566 Control query can be performed only on the 567 local NTP service."; 568 } 569 } 570 description 571 "This defines NTP access modes."; 572 } 574 typedef unicast-configuration-type { 575 type enumeration { 576 enum server { 577 value "0"; 578 description 579 "Use client association mode. This device 580 will not provide synchronization to the 581 configured NTP server."; 582 } 583 enum peer { 584 value "1"; 585 description 586 "Use symmetric active association mode. 587 This device may provide synchronization 588 to the configured NTP server."; 589 } 590 } 591 description 592 "This defines NTP unicast mode of operation."; 593 } 594 typedef association-mode { 595 type enumeration { 596 enum client { 597 value "0"; 598 description 599 "Use client association mode(mode 3). 600 This device will not provide synchronization 601 to the configured NTP server."; 602 } 603 enum active { 604 value "1"; 605 description 606 "Use symmetric active association mode(mode 1). 607 This device may synchronize with its NTP peer, 608 or provide synchronization to configured NTP peer."; 609 } 610 enum passive { 611 value "2"; 612 description 613 "Use symmetric passive association mode(mode 2). 614 This device has learned this association dynamically. 615 This device may synchronize with its NTP peer."; 616 } 617 enum broadcast { 618 value "3"; 619 description 620 "Use broadcast mode(mode 5). 621 This mode defines that its either working 622 as broadcast-server or multicast-server."; 623 } 624 enum broadcast-client { 625 value "4"; 626 description 627 "This mode defines that its either working 628 as broadcast-client or multicast-client."; 629 } 630 } 631 description 632 "The NTP association modes."; 633 } 635 typedef ntp-clock-status { 636 type enumeration { 637 enum synchronized { 638 value "0"; 639 description 640 "Indicates that the local clock has been 641 synchronized with an NTP server or 642 the reference clock."; 643 } 644 enum unsynchronized { 645 value "1"; 646 description 647 "Indicates that the local clock has not been 648 synchronized with any NTP server."; 649 } 650 } 651 description 652 "This defines NTP clock status."; 653 } 655 typedef ntp-sync-state { 656 type enumeration { 657 enum clock-not-set { 658 value "0"; 659 description 660 "Indicates the clock is not updated."; 661 } 662 enum freq-set-by-cfg { 663 value "1"; 664 description 665 "Indicates the clock frequency is set by 666 NTP configuration."; 667 } 668 enum clock-set { 669 value "2"; 670 description 671 "Indicates the clock is set."; 672 } 673 enum freq-not-determined { 674 value "3"; 675 description 676 "Indicates the clock is set but the frequency 677 is not determined."; 678 } 679 enum clock-synchronized { 680 value "4"; 681 description 682 "Indicates that the clock is synchronized"; 683 } 684 enum spike { 685 value "5"; 686 description 687 "Indicates a time difference of more than 128 688 milliseconds is detected between NTP server 689 and client clock. The clock change will take 690 effect in XXX seconds."; 691 } 692 } 693 description 694 "This defines NTP clock sync states."; 695 } 697 /* features */ 698 feature ntp-port { 699 description 700 "Support for NTP port configuration"; 701 reference "RFC1305 - 3.2.7 Parameters"; 702 } 704 feature authentication { 705 description 706 "Support for NTP symmetric key authentication"; 707 reference "RFC1305 - 3.2.6 Authentication Variables"; 708 } 710 feature access-rules { 711 description 712 "Support for NTP access control"; 713 reference "RFC1305 - 3.6 Access Control Issues"; 714 } 716 feature unicast-configuration { 717 description 718 "Support for NTP client/server or active/passive 719 in unicast"; 720 reference "RFC1305 - 3.3 Modes of Operation"; 721 } 723 feature broadcast-server { 724 description 725 "Support for broadcast server"; 726 reference "RFC1305 - 3.3 Modes of Operation"; 727 } 729 feature broadcast-client { 730 description 731 "Support for broadcast client"; 732 reference "RFC1305 - 3.3 Modes of Operation"; 733 } 735 feature multicast-server { 736 description 737 "Support for multicast server"; 738 reference "RFC1305 - 3.3 Modes of Operation"; 739 } 741 feature multicast-client { 742 description 743 "Support for multicast client"; 744 reference "RFC1305 - 3.3 Modes of Operation"; 745 } 747 feature manycast-server { 748 description 749 "Support for manycast server"; 750 reference "RFC5905 - 3.1 Dynamic Server Discovery"; 751 } 753 feature manycast-client { 754 description 755 "Support for manycast client"; 756 reference "RFC5905 - 3.1 Dynamic Server Discovery"; 757 } 759 /* Groupings */ 760 grouping authentication-key { 761 description 762 "To define an authentication key for a Network Time 763 Protocol (NTP) time source."; 764 leaf key-id { 765 type uint32 { 766 range "1..max"; 767 } 768 description 769 "Authentication key identifier."; 770 } 771 leaf algorithm { 772 type identityref { 773 base key-chain:crypto-algorithm; 774 } 775 description 776 "Authentication algorithm."; 777 } 778 leaf key { 779 type ianach:crypt-hash; 780 description 781 "The key"; 782 } 783 leaf istrusted { 784 type boolean; 785 description 786 "Key-id is trusted or not"; 787 } 788 } 790 grouping authentication { 791 description 792 "Authentication."; 793 choice authentication-type { 794 description 795 "Type of authentication."; 797 case symmetric-key { 798 leaf key-id { 799 type leafref { 800 path "/ntp:ntp/ntp:authentication/" 801 + "ntp:authentication-keys/ntp:key-id"; 802 } 803 description 804 "Authentication key id referenced in this 805 association."; 806 } 807 } 808 } 809 } 811 grouping statistics { 812 description 813 "NTP packet statistic."; 814 leaf packet-sent { 815 type yang:counter32; 816 description 817 "The total number of NTP packets delivered to the 818 transport service by this NTP entity for this 819 association. 820 Discountinuities in the value of this counter can occur 821 upon cold start or reinitialization of the NTP entity, the 822 management system and at other times as indicated by 823 discontinuities in the value of sysUpTime."; 824 } 825 leaf packet-sent-fail { 826 type yang:counter32; 827 description 828 "The number of times NTP packets sending failed."; 829 } 830 leaf packet-received { 831 type yang:counter32; 832 description 833 "The total number of NTP packets delivered to the 834 NTP entity from this association. 835 Discountinuities in the value of this counter can occur 836 upon cold start or reinitialization of the NTP entity, the 837 management system and at other times as indicated by 838 discontinuities in the value of sysUpTime."; 839 } 840 leaf packet-dropped { 841 type yang:counter32; 842 description 843 "The total number of NTP packets that were delivered 844 to this NTP entity from this association and this entity 845 was not able to process due to an NTP protocol error. 846 Discountinuities in the value of this counter can occur 847 upon cold start or reinitialization of the NTP entity, the 848 management system and at other times as indicated by 849 discontinuities in the value of sysUpTime."; 850 } 851 } 853 grouping common-attributes { 854 description 855 "NTP common attributes for configuration."; 856 leaf minpoll { 857 type ntp-minpoll; 858 description 859 "The minimum poll interval used in this association."; 860 } 861 leaf maxpoll { 862 type ntp-maxpoll; 863 description 864 "The maximum poll interval used in this association."; 865 } 866 leaf port { 867 if-feature ntp-port; 868 type inet:port-number { 869 range "123 | 1025..max"; 870 } 871 default "123"; 872 description 873 "Specify the port used to send NTP packets."; 874 } 875 leaf version { 876 type ntp-version; 877 description 878 "NTP version."; 879 } 880 } 882 grouping association-ref { 883 description 884 "Reference to NTP association mode"; 885 leaf associations-address { 886 type leafref { 887 path "/ntp:ntp/ntp:associations/ntp:address"; 888 } 889 description 890 "Indicates the association's address 891 which result in clock synchronization."; 892 } 893 leaf associations-local-mode { 894 type leafref { 895 path "/ntp:ntp/ntp:associations/ntp:local-mode"; 896 } 897 description 898 "Indicates the association's local-mode 899 which result in clock synchronization."; 900 } 901 leaf associations-isconfigured { 902 type leafref { 903 path "/ntp:ntp/ntp:associations/" 904 + "ntp:isconfigured"; 905 } 906 description 907 "The association was configured or dynamic 908 which result in clock synchronization."; 909 } 910 } 912 /* Configuration data nodes */ 913 container ntp { 914 presence 915 "NTP is enabled and system should attempt to 916 synchronize the system clock with an NTP server 917 from the 'ntp/associations' list."; 918 description 919 "Configuration parameters for NTP."; 920 leaf port { 921 if-feature ntp-port; 922 type inet:port-number { 923 range "123 | 1025..max"; 924 } 925 default "123"; 926 description 927 "Specify the port used to send and receive NTP packets."; 928 } 929 container refclock-master { 930 presence 931 "NTP master clock is enabled."; 932 description 933 "Configures the local clock of this device as NTP server."; 934 leaf master-stratum { 935 type ntp-stratum; 936 default "16"; 937 description 938 "Stratum level from which NTP 939 clients get their time synchronized."; 940 } 942 } 943 container authentication { 944 description 945 "Configuration of authentication."; 946 leaf auth-enabled { 947 type boolean; 948 default false; 949 description 950 "Controls whether NTP authentication is enabled 951 or disabled on this device."; 952 } 953 list authentication-keys { 954 key "key-id"; 955 uses authentication-key; 956 description 957 "List of authentication keys."; 958 } 959 } 961 container access-rules { 962 description 963 "Configuration to control access to NTP service 964 by using NTP access-group feature. 965 The access-mode identifies how the acl is 966 applied with NTP."; 967 list access-rule { 968 key "access-mode"; 969 description 970 "List of access rules."; 971 leaf access-mode { 972 type access-mode; 973 description 974 "NTP access mode. The defination of each possible values: 975 peer(0): Both time request and control query can be 976 performed. 977 server(1): Enables the server access and query. 978 synchronization(2): Enables the server access only. 979 query(3): Enables control query only."; 980 } 981 leaf acl { 982 type leafref { 983 path "/acl:acls/acl:acl/acl:name"; 984 } 985 description 986 "Control access configuration to be used."; 987 } 988 reference 989 "RFC 1305"; 991 } 992 } 994 container clock-state { 995 config "false"; 996 description 997 "Clock operational state of the NTP."; 999 container system-status { 1000 description 1001 "System status of NTP."; 1002 leaf clock-state { 1003 type ntp-clock-status; 1004 mandatory true; 1005 description 1006 "The state of system clock. The definition of each 1007 possible value is: 1008 synchronized(0): Indicates local clock is synchronized. 1009 unsynchronized(1): Indicates local clock is not 1010 synchronized."; 1011 } 1012 leaf clock-stratum { 1013 type ntp-stratum; 1014 mandatory true; 1015 description 1016 "The NTP entity's own stratum value. Should be a stratum 1017 of syspeer + 1 (or 16 if no syspeer)."; 1018 } 1019 leaf clock-refid { 1020 type union { 1021 type inet:ipv4-address; 1022 type binary { 1023 length "4"; 1024 } 1025 type string { 1026 length "4"; 1027 } 1028 } 1029 mandatory true; 1030 description 1031 "IPv4 address or first 32 bits of the MD5 hash of 1032 the IPv6 address or reference clock of the peer to 1033 which clock is synchronized."; 1034 } 1036 uses association-ref { 1037 description 1038 "Reference to Association."; 1040 } 1041 leaf nominal-freq { 1042 type decimal64 { 1043 fraction-digits 4; 1044 } 1045 units Hz; 1046 mandatory true; 1047 description 1048 "The nominal frequency of the 1049 local clock."; 1050 } 1051 leaf actual-freq { 1052 type decimal64 { 1053 fraction-digits 4; 1054 } 1055 units Hz; 1056 mandatory true; 1057 description 1058 "The actual frequency of the 1059 local clock."; 1060 } 1061 leaf clock-precision { 1062 type uint8; 1063 units Hz; 1064 mandatory true; 1065 description 1066 "Clock precision of this system in integer format 1067 (prec=2^(-n)). A value of 5 would mean 2^-5 = 31.25 ms."; 1068 } 1069 leaf clock-offset { 1070 type decimal64 { 1071 fraction-digits 3; 1072 } 1073 units milliseconds; 1074 description 1075 "The time offset to the current selected reference time 1076 source e.g., '0.032' or '1.232'."; 1077 } 1078 leaf root-delay { 1079 type decimal64 { 1080 fraction-digits 3; 1081 } 1082 units milliseconds; 1083 description 1084 "Total delay along the path to root clock."; 1085 } 1086 leaf root-dispersion { 1087 type decimal64 { 1088 fraction-digits 3; 1089 } 1090 units milliseconds; 1091 description 1092 "The dispersion between the local clock 1093 and the root clock, e.g., '6.927'."; 1094 } 1095 leaf reference-time { 1096 type yang:date-and-time; 1097 description 1098 "The reference timestamp."; 1099 } 1100 leaf sync-state { 1101 type ntp-sync-state; 1102 mandatory true; 1103 description 1104 "The synchronization status of 1105 the local clock."; 1106 } 1107 } 1108 } 1109 list unicast-configuration { 1110 key "address type"; 1111 description 1112 "List of NTP unicast-configurations."; 1113 leaf address { 1114 type inet:host; 1115 description 1116 "Address of this association."; 1117 } 1118 leaf type { 1119 type unicast-configuration-type; 1120 description 1121 "Use client association mode. This device 1122 will not provide synchronization to the 1123 configured NTP server."; 1124 } 1125 container authentication{ 1126 description 1127 "Authentication used for this association."; 1128 uses authentication; 1129 } 1130 leaf prefer { 1131 type boolean; 1132 default "false"; 1133 description 1134 "Whether this association is preferred or not."; 1135 } 1136 leaf burst { 1137 type boolean; 1138 default "false"; 1139 description 1140 "If set, a series of packets are sent instead of a single 1141 packet within each synchronization interval to achieve faster 1142 synchronization."; 1143 } 1144 leaf iburst { 1145 type boolean; 1146 default "false"; 1147 description 1148 "If set, a series of packets are sent instead of a single 1149 packet within the initial synchronization interval to achieve 1150 faster initial synchronization."; 1151 } 1152 leaf source { 1153 type if:interface-ref; 1154 description 1155 "The interface whose IP address is used by this association 1156 as the source address."; 1157 } 1158 uses common-attributes { 1159 description 1160 "Common attributes like port, version, min and max 1161 poll."; 1162 } 1163 } 1164 list associations { 1165 key "address local-mode isconfigured"; 1166 config "false"; 1167 description 1168 "List of NTP associations. Here address, local-mode 1169 and isconfigured is required to uniquely identify 1170 a particular association. Lets take following examples - 1172 1) If RT1 acting as broadcast server, 1173 and RT2 acting as broadcast client, then RT2 1174 will form dynamic association with address as RT1, 1175 local-mode as client and isconfigured as false. 1177 2) When RT2 is configured 1178 with unicast-server RT1, then RT2 will form 1179 association with address as RT1, local-mode as client 1180 and isconfigured as true. 1182 Thus all 3 leaves are needed as key to unique identify 1183 the association."; 1185 leaf address { 1186 type inet:host; 1187 description 1188 "The address of this association. Represents the IP 1189 address of a unicast/multicast/broadcast address."; 1190 } 1191 leaf local-mode { 1192 type association-mode; 1193 description 1194 "Local mode of this NTP association."; 1195 } 1196 leaf isconfigured { 1197 type boolean; 1198 description 1199 "Indicates if this association is configured or 1200 dynamically learned."; 1201 } 1202 leaf stratum { 1203 type ntp-stratum; 1204 description 1205 "The association stratum value."; 1206 } 1207 leaf refid { 1208 type union { 1209 type inet:ipv4-address; 1210 type binary { 1211 length "4"; 1212 } 1213 type string { 1214 length "4"; 1215 } 1216 } 1217 description 1218 "The refclock driver ID, if available. 1219 -- a refclock driver ID like '127.127.1.0' for local clock 1220 sync 1221 -- uni/multi/broadcast associations will look like '20.1.1.1' 1222 -- sync with primary source will look like 'DCN', 'NIST', 1223 'ATOM'"; 1224 reference 1225 "RFC 1305"; 1226 } 1227 leaf authentication{ 1228 type leafref { 1229 path "/ntp:ntp/ntp:authentication/" 1230 + "ntp:authentication-keys/ntp:key-id"; 1231 } 1232 description 1233 "Authentication Key used for this association."; 1234 } 1235 leaf prefer { 1236 type boolean; 1237 default "false"; 1238 description 1239 "Indicates if this association is preferred."; 1240 } 1241 leaf peer-interface { 1242 type if:interface-ref; 1243 description 1244 "The interface which is used for communication."; 1245 } 1246 uses common-attributes { 1247 description 1248 "Common attributes like port, version, min and 1249 max poll."; 1250 } 1251 leaf reach { 1252 type uint8; 1253 description 1254 "The reachability of the configured 1255 server or peer."; 1256 } 1257 leaf unreach { 1258 type uint8; 1259 description 1260 "The unreachability of the configured 1261 server or peer."; 1262 } 1263 leaf poll { 1264 type uint8; 1265 units seconds; 1266 description 1267 "The polling interval for current association"; 1268 } 1269 leaf now { 1270 type uint32; 1271 units seconds; 1272 description 1273 "The time since the NTP packet was 1274 not received or last synchronized."; 1275 } 1276 leaf offset { 1277 type decimal64 { 1278 fraction-digits 3; 1279 } 1280 units milliseconds; 1281 description 1282 "The offset between the local clock 1283 and the peer clock, e.g., '0.032' or '1.232'"; 1284 } 1285 leaf delay { 1286 type decimal64 { 1287 fraction-digits 3; 1288 } 1289 units milliseconds; 1290 description 1291 "The network delay between the local clock 1292 and the peer clock."; 1293 } 1294 leaf dispersion { 1295 type decimal64 { 1296 fraction-digits 3; 1297 } 1298 units milliseconds; 1299 description 1300 "The root dispersion between the local clock 1301 and the peer clock."; 1302 } 1303 leaf originate-time { 1304 type yang:date-and-time; 1305 description 1306 "This is the local time, in timestamp format, 1307 when latest NTP packet was sent to peer(T1)."; 1308 reference 1309 "RFC 1305"; 1310 } 1311 leaf receive-time { 1312 type yang:date-and-time; 1313 description 1314 "This is the local time, in timestamp format, 1315 when latest NTP packet arrived at peer(T2). 1316 If the peer becomes unreachable the value is set to zero."; 1317 reference 1318 "RFC 1305"; 1319 } 1320 leaf transmit-time { 1321 type yang:date-and-time; 1322 description 1323 "This is the local time, in timestamp format, 1324 at which the NTP packet departed the peer(T3). 1325 If the peer becomes unreachable the value is set to zero."; 1326 reference 1327 "RFC 1305"; 1328 } 1329 leaf input-time { 1330 type yang:date-and-time; 1331 description 1332 "This is the local time, in timestamp format, 1333 when the latest NTP message from the peer arrived(T4). 1334 If the peer becomes unreachable the value is set to zero."; 1335 reference 1336 "RFC 1305"; 1337 } 1338 container ntp-statistics { 1339 description 1340 "Per Peer packet send and receive statistics."; 1341 uses statistics { 1342 description 1343 "NTP send and receive packet statistics."; 1344 } 1345 } 1346 } 1348 container interfaces { 1349 description 1350 "Configuration parameters for NTP interfaces."; 1351 list interface { 1352 key "name"; 1353 description 1354 "List of interfaces."; 1355 leaf name { 1356 type if:interface-ref; 1357 description 1358 "The interface name."; 1359 } 1361 container broadcast-server { 1362 presence 1363 "NTP broadcast-server is configured"; 1364 description 1365 "Configuration of broadcast server."; 1366 leaf ttl { 1367 type uint8; 1368 description 1369 "Specifies the time to live (TTL) for a 1370 broadcast packet."; 1371 } 1372 container authentication{ 1373 description 1374 "Authentication used for this association."; 1375 uses authentication; 1376 } 1377 uses common-attributes { 1378 description 1379 "Common attribute like port, version, min and 1380 max poll."; 1381 } 1382 } 1384 container broadcast-client { 1385 presence 1386 "NTP broadcast-client is configured."; 1387 description 1388 "Configuration of broadcast-client."; 1389 } 1391 list multicast-server { 1392 key "address"; 1393 description 1394 "Configuration of multicast server."; 1395 leaf address { 1396 type rt-types:ip-multicast-group-address; 1397 description 1398 "The IP address to send NTP multicast packets."; 1399 } 1400 leaf ttl { 1401 type uint8; 1402 description 1403 "Specifies the time to live (TTL) for a 1404 multicast packet."; 1405 } 1406 container authentication{ 1407 description 1408 "Authentication used for this association."; 1409 uses authentication; 1410 } 1411 uses common-attributes { 1412 description 1413 "Common attributes like port, version, min and 1414 max poll."; 1415 } 1416 } 1417 list multicast-client { 1418 key "address"; 1419 description 1420 "Configuration of multicast-client."; 1421 leaf address { 1422 type rt-types:ip-multicast-group-address; 1423 description 1424 "The IP address of the multicast group to 1425 join."; 1426 } 1427 } 1428 list manycast-server { 1429 key "address"; 1430 description 1431 "Configuration of manycast server."; 1432 leaf address { 1433 type rt-types:ip-multicast-group-address; 1434 description 1435 "The multicast group IP address to receive 1436 manycast client messages."; 1437 } 1438 reference 1439 "RFC 5905"; 1440 } 1441 list manycast-client { 1442 key "address"; 1443 description 1444 "Configuration of manycast-client."; 1445 leaf address { 1446 type rt-types:ip-multicast-group-address; 1447 description 1448 "The group IP address that the manycast client 1449 broadcasts the request message to."; 1450 } 1451 container authentication{ 1452 description 1453 "Authentication used for this association."; 1454 uses authentication; 1455 } 1456 leaf ttl { 1457 type uint8; 1458 description 1459 "Specifies the maximum time to live (TTL) for 1460 the expanding ring search."; 1461 } 1462 leaf minclock { 1463 type uint8; 1464 description 1465 "The minimum manycast survivors in this 1466 association."; 1467 } 1468 leaf maxclock { 1469 type uint8; 1470 description 1471 "The maximum manycast candidates in this 1472 association."; 1474 } 1475 leaf beacon { 1476 type uint8; 1477 description 1478 "The maximum interval between beacons in this 1479 association."; 1480 } 1481 uses common-attributes { 1482 description 1483 "Common attributes like port, version, min and 1484 max poll."; 1485 } 1486 reference 1487 "RFC 5905"; 1488 } 1489 } 1490 } 1491 container ntp-statistics { 1492 config "false"; 1493 description 1494 "Total NTP packet statistics."; 1495 uses statistics { 1496 description 1497 "NTP send and receive packet statistics."; 1498 } 1499 } 1500 } 1501 } 1502 1504 8. Usage Example 1506 8.1. Unicast association 1508 Below is the example on how to configure a preferred unicast server 1509 present at 192.0.2.1 running at port 1025 with authentication-key 10 1510 and version 4 1511 1512 1513 1514 1515 1516 1517 1518
192.0.2.1
1519 server 1520 true 1521 4 1522 1025 1523 1524 1525 10 1526 1527 1528 1529 1530 1531 1533 An example with IPv6 would used the an IPv6 address (say 2001:DB8::1) 1534 in the "address" leaf with no change in any other data tree. 1536 Below is the example on how to get unicast configuration 1538 1539 1540 1541 1542 1543 1544 1545 1547 1548 1549 1550
192.0.2.1
1551 server 1552 1553 1554 10 1555 1556 1557 true 1558 false 1559 true 1560 1561 6 1562 10 1563 1025 1564 4 1565 9 1566 20.1.1.1 1567 255 1568 0 1569 128 1570 10 1571 0.025 1572 0.5 1573 0.6 1574 10-10-2017 07:33:55.253 Z+05:30\ 1575 1576 10-10-2017 07:33:55.258 Z+05:30\ 1577 1578 10-10-2017 07:33:55.300 Z+05:30\ 1579 1580 10-10-2017 07:33:55.305 Z+05:30\ 1581 1582 1583 20 1584 0 1585 20 1586 0 1587 1588 1589 1590 1592 8.2. Refclock master 1594 Below is the example on how to configure reference clock with stratum 1595 8 1596 1597 1598 1599 1600 1601 1602 1603 8 1604 1605 1606 1607 1609 Below is the example on how to get reference clock configuration 1611 1612 1613 1614 1615 1616 1617 1618 1620 1621 1622 1623 8 1624 1625 1626 1628 8.3. Authentication configuration 1630 Below is the example on how to enable authentication and configure 1631 trusted authentication key 10 with mode as md5 and key as abcd 1632 1633 1634 1635 1636 1637 1638 1639 true 1640 1641 10 1642 md5 1643 abcd 1644 true 1645 1646 1647 1648 1649 1651 Below is the example on how to get authentication related 1652 configuration 1654 1655 1656 1657 1658 1659 1660 1661 1663 1664 1665 1666 false 1667 1668 1669 10 1670 md5 1671 abcd 1672 true 1673 1674 1675 1676 1678 8.4. Access configuration 1680 Below is the example on how to configure access mode "peer" 1681 associated with acl 2000. 1683 1684 1685 1686 1687 1688 1689 1690 1691 peer 1692 2000 1693 1694 1695 1696 1697 1699 Below is the example on how to get access related configuration 1701 1702 1703 1704 1705 1706 1707 1708 1710 1711 1712 1713 1714 peer 1715 2000 1716 1717 1718 1719 1721 8.5. Multicast configuration 1723 Below is the example on how to configure multicast-server with 1724 address as "224.1.1.1", port as 1025 and authentication keyid as 10 1725 1726 1727 1728 1729 1730 1731 1732 1733 Ethernet3/0/0 1734 1735
224.1.1.1
1736 1737 1738 10 1739 1740 1741 1025 1742 1743 1744 1745 1746 1747 1749 Below is the example on how to get multicast-server related 1750 configuration 1751 1752 1753 1754 1755 1756 1757 1758 1759 1760 1761 1762 1764 1765 1766 1767 1768 Ethernet3/0/0 1769 1770
224.1.1.1
1771 224.1.1.1 1772 1773 1774 10 1775 1776 1777 6 1778 10 1779 1025 1780 3 1781 1782 1783 1784 1785 1787 Below is the example on how to configure multicast-client with 1788 address as "224.1.1.1" 1789 1790 1791 1792 1793 1794 1795 1796 1797 Ethernet3/0/0 1798 1799
224.1.1.1
1800 1801 1802 1803 1804 1805 1807 Below is the example on how to get multicast-client related 1808 configuration 1810 1811 1812 1813 1814 1815 1816 1817 1818 1819 1820 1821 1823 1824 1825 1826 1827 Ethernet3/0/0 1828 1829
224.1.1.1
1830 1831 1832 1833 1834 1836 8.6. Manycast configuration 1838 Below is the example on how to configure manycast-client with address 1839 as "224.1.1.1", port as 1025 and authentication keyid as 10 1841 1842 1843 1844 1845 1846 1847 1848 1849 Ethernet3/0/0 1850 1851
224.1.1.1
1852 1853 1854 10 1855 1856 1857 1025 1858 1859 1860 1861 1862 1863 1865 Below is the example on how to get manycast-client related 1866 configuration 1867 1868 1869 1870 1871 1872 1873 1874 1875 1876 1877 1878 1880 1881 1882 1883 1884 Ethernet3/0/0 1885 1886
224.1.1.1
1887 1888 1889 10 1890 1891 1892 255 1893 3 1894 10 1895 6 1896 6 1897 10 1898 1025 1899 1900 1901 1902 1903 1905 Below is the example on how to configure manycast-server with address 1906 as "224.1.1.1" 1907 1908 1909 1910 1911 1912 1913 1914 1915 Ethernet3/0/0 1916 1917
224.1.1.1
1918 1919 1920 1921 1922 1923 1925 Below is the example on how to get manycast-server related 1926 configuration 1928 1929 1930 1931 1932 1933 1934 1935 1936 1937 1938 1939 1941 1942 1943 1944 1945 Ethernet3/0/0 1946 1947
224.1.1.1
1948 1949 1950 1951 1952 1954 8.7. Clock state 1956 Below is the example on how to get clock current state 1958 1959 1960 1961 1962 1963 1964 1965 1967 1968 1969 1970 1971 synchronized 1972 7 1973 192.0.2.1 1974 192.0.2.1\ 1975 1976 client\ 1977 1978 yes\ 1979 1980 100.0 1981 100.0 1982 18 1983 0.025 1984 0.5 1985 0.8 1986 10-10-2017 07:33:55.258 Z+05:30\ 1987 1988 clock-synchronized 1989 1990 1991 1992 1994 8.8. Get all association 1996 Below is the example on how to get all association present 1997 1998 1999 2000 2001 2002 2003 2004 2006 2007 2008 2009
192.0.2.1
2010 9 2011 20.1.1.1 2012 client 2013 true 2014 10 2015 true 2016 Ethernet3/0/0 2017 6 2018 10 2019 1025 2020 4 2021 255 2022 0 2023 128 2024 10 2025 0.025 2026 0.5 2027 0.6 2028 10-10-2017 07:33:55.253 Z+05:30\ 2029 2030 10-10-2017 07:33:55.258 Z+05:30\ 2031 2032 10-10-2017 07:33:55.300 Z+05:30\ 2033 2034 10-10-2017 07:33:55.305 Z+05:30\ 2035 2036 2037 20 2038 0 2039 20 2040 0 2041 2042 2043 2044 2046 8.9. Global statistic 2048 Below is the example on how to get clock current state 2050 2051 2052 2053 2054 2055 2056 2057 2059 2060 2061 2062 30 2063 5 2064 20 2065 2 2066 2067 2068 2070 9. IANA Considerations 2072 This document registers a URI in the "IETF XML Registry" [RFC3688]. 2073 Following the format in RFC 3688, the following registration has been 2074 made. 2076 URI: urn:ietf:params:xml:ns:yang:ietf-ntp 2078 Registrant Contact: The NTP WG of the IETF. 2080 XML: N/A; the requested URI is an XML namespace. 2082 This document registers a YANG module in the "YANG Module Names" 2083 registry [RFC6020]. 2085 Name: ietf-ntp 2087 Namespace: urn:ietf:params:xml:ns:yang:ietf-ntp 2089 Prefix: ntp 2091 Reference: RFC YYYY 2092 Note: The RFC Editor will replace YYYY with the number assigned to 2093 this document once it becomes an RFC. 2095 10. Security Considerations 2097 The YANG module specified in this document defines a schema for data 2098 that is designed to be accessed via network management protocols such 2099 as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer 2100 is the secure transport layer, and the mandatory-to-implement secure 2101 transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer 2102 is HTTPS, and the mandatory-to-implement secure transport is TLS 2103 [RFC8446]. 2105 The NETCONF access control model [RFC8341] provides the means to 2106 restrict access for particular NETCONF or RESTCONF users to a 2107 preconfigured subset of all available NETCONF or RESTCONF protocol 2108 operations and content. 2110 There are a number of data nodes defined in this YANG module that are 2111 writable/creatable/deletable (i.e., config true, which is the 2112 default). These data nodes may be considered sensitive or vulnerable 2113 in some network environments. Write operations (e.g., edit-config) 2114 to these data nodes without proper protection can have a negative 2115 effect on network operations. These are the subtrees and data nodes 2116 and their sensitivity/vulnerability: 2118 /ntp/port - This data node specify the port number to be used to 2119 send NTP packets. Unexpected changes could lead to disruption 2120 and/or network misbehavior. 2122 /ntp/authentication and /ntp/access-rules - The entries in the 2123 list include the authentication and access control configurations. 2124 Care should be taken while setting these parameters. 2126 /ntp/unicast-configuration - The entries in the list include all 2127 unicast configurations (server or peer mode), and indirectly 2128 creates or modify the NTP associations. Unexpected changes could 2129 lead to disruption and/or network misbehavior. 2131 /ntp/interfaces/interface - The entries in the list inclide all 2132 per-interface configurations related to broadcast, multicast and 2133 manycast mode, and indirectly creates or modify the NTP 2134 associations. Unexpected changes could lead to disruption and/or 2135 network misbehavior. 2137 Some of the readable data nodes in this YANG module may be considered 2138 sensitive or vulnerable in some network environments. It is thus 2139 important to control read access (e.g., via get, get-config, or 2140 notification) to these data nodes. These are the subtrees and data 2141 nodes and their sensitivity/vulnerability: 2143 /ntp/associations - The entries in the list includes all active 2144 NTP associations of all modes. Unauthorized access to this needs 2145 to be curtailed. 2147 11. Acknowledgments 2149 The authors would like to express their thanks to Sladjana Zoric, 2150 Danny Mayer, Harlan Stenn, Ulrich Windl, Miroslav Lichvar, and 2151 Maurice Angermann for their review and suggestions. 2153 12. References 2155 12.1. Normative References 2157 [I-D.ietf-netmod-acl-model] 2158 Jethanandani, M., Agarwal, S., Huang, L., and D. Blair, 2159 "Network Access Control List (ACL) YANG Data Model", 2160 draft-ietf-netmod-acl-model-21 (work in progress), 2161 November 2018. 2163 [RFC1305] Mills, D., "Network Time Protocol (Version 3) 2164 Specification, Implementation and Analysis", RFC 1305, 2165 DOI 10.17487/RFC1305, March 1992, 2166 . 2168 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 2169 Requirement Levels", BCP 14, RFC 2119, 2170 DOI 10.17487/RFC2119, March 1997, 2171 . 2173 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 2174 DOI 10.17487/RFC3688, January 2004, 2175 . 2177 [RFC5905] Mills, D., Martin, J., Ed., Burbank, J., and W. Kasch, 2178 "Network Time Protocol Version 4: Protocol and Algorithms 2179 Specification", RFC 5905, DOI 10.17487/RFC5905, June 2010, 2180 . 2182 [RFC5907] Gerstung, H., Elliott, C., and B. Haberman, Ed., 2183 "Definitions of Managed Objects for Network Time Protocol 2184 Version 4 (NTPv4)", RFC 5907, DOI 10.17487/RFC5907, June 2185 2010, . 2187 [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for 2188 the Network Configuration Protocol (NETCONF)", RFC 6020, 2189 DOI 10.17487/RFC6020, October 2010, 2190 . 2192 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 2193 and A. Bierman, Ed., "Network Configuration Protocol 2194 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 2195 . 2197 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 2198 Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, 2199 . 2201 [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", 2202 RFC 6991, DOI 10.17487/RFC6991, July 2013, 2203 . 2205 [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", 2206 RFC 7950, DOI 10.17487/RFC7950, August 2016, 2207 . 2209 [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF 2210 Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, 2211 . 2213 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2214 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 2215 May 2017, . 2217 [RFC8177] Lindem, A., Ed., Qu, Y., Yeung, D., Chen, I., and J. 2218 Zhang, "YANG Data Model for Key Chains", RFC 8177, 2219 DOI 10.17487/RFC8177, June 2017, 2220 . 2222 [RFC8294] Liu, X., Qu, Y., Lindem, A., Hopps, C., and L. Berger, 2223 "Common YANG Data Types for the Routing Area", RFC 8294, 2224 DOI 10.17487/RFC8294, December 2017, 2225 . 2227 [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", 2228 BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, 2229 . 2231 [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration 2232 Access Control Model", STD 91, RFC 8341, 2233 DOI 10.17487/RFC8341, March 2018, 2234 . 2236 [RFC8343] Bjorklund, M., "A YANG Data Model for Interface 2237 Management", RFC 8343, DOI 10.17487/RFC8343, March 2018, 2238 . 2240 [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol 2241 Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, 2242 . 2244 12.2. Informative References 2246 [RFC7317] Bierman, A. and M. Bjorklund, "A YANG Data Model for 2247 System Management", RFC 7317, DOI 10.17487/RFC7317, August 2248 2014, . 2250 [RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., 2251 and R. Wilton, "Network Management Datastore Architecture 2252 (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018, 2253 . 2255 Authors' Addresses 2257 Nan Wu 2258 Huawei 2259 Huawei Bld., No.156 Beiqing Rd. 2260 Beijing 100095 2261 China 2263 Email: eric.wu@huawei.com 2265 Dhruv Dhody 2266 Huawei 2267 Divyashree Techno Park, Whitefield 2268 Bangalore, Kanataka 560066 2269 India 2271 Email: dhruv.ietf@gmail.com 2273 Ankit kumar Sinha 2274 RtBrick Inc. 2275 Bangalore, Kanataka 2276 India 2278 Email: ankit.ietf@gmail.com 2279 Anil Kumar S N 2280 RtBrick Inc. 2281 Bangalore, Kanataka 2282 India 2284 Email: anil.ietf@gmail.com 2286 Yi Zhao 2287 Ericsson 2288 China Digital Kingdom Bld., No.1 WangJing North Rd. 2289 Beijing 100102 2290 China 2292 Email: yi.z.zhao@ericsson.com