[Docs] [txt|pdf|xml|html] [Tracker] [WG] [Email] [Diff1] [Diff2] [Nits]
Versions: 00 01 02 03 04 05 06 07 RFC 5907
NTP H. Gerstung
Internet-Draft Meinberg
Intended status: Standards Track C. Elliott
Expires: September 6, 2010
B. Haberman, Ed.
JHU APL
March 5, 2010
Definitions of Managed Objects for Network Time Protocol Version 4
(NTPv4)
draft-ietf-ntp-ntpv4-mib-07
Abstract
RFC Ed. : This draft refers to itself with RFC YYYY. When this draft
is published as an RFC, the RFC Editor is asked to replace "YYYY" (in
the RFC, including the MIB module part) with the assigned RFC number
and to remove this note. This draft also refers to
draft-ietf-ntp-ntpv4-proto. When this draft is published as an RFC,
the RFC Editor is asked to replace "draft-ietf-ntp-ntpv4-proto" (in
the RFC, including the MIB module part) with "RFC ZZZZ" (where ZZZZ
is the assigned RFC number) and to remove this note.
The Network Time Protocol (NTP) is used in networks of all types and
sizes for time synchronization of servers, workstations and other
networked equipment. As time synchronization is more and more a
mission critical service, standardized means for monitoring and
management of this subsystem of a networked host are required to
allow operators of such a service to setup a monitoring system that
is platform- and vendor-independent. This document provides a
standardized collection of data objects for monitoring the NTP entity
of such a network participant and it is part of the NTP Version 4
standardization effort.
Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
Gerstung, et al. Expires September 6, 2010 [Page 1]
Internet-Draft Definitions of Managed Objects for NTPv4 March 2010
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on September 6, 2010.
Copyright Notice
Copyright (c) 2010 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the BSD License.
Gerstung, et al. Expires September 6, 2010 [Page 2]
Internet-Draft Definitions of Managed Objects for NTPv4 March 2010
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4
2. Conventions Used In This Document . . . . . . . . . . . . . . 4
3. The Internet-Standard Management Framework . . . . . . . . . . 4
4. Technical Description . . . . . . . . . . . . . . . . . . . . 4
5. MIB Definition . . . . . . . . . . . . . . . . . . . . . . . . 5
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 24
7. Security Considerations . . . . . . . . . . . . . . . . . . . 24
8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 26
8.1. Normative References . . . . . . . . . . . . . . . . . . . 26
8.2. Informative References . . . . . . . . . . . . . . . . . . 26
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 26
Gerstung, et al. Expires September 6, 2010 [Page 3]
Internet-Draft Definitions of Managed Objects for NTPv4 March 2010
1. Introduction
The NTPv4 MIB Module is designed to allow SNMP to be used to monitor
and manage local NTP [I-D.ietf-ntp-ntpv4-proto] entities. It
provides a collection of data objects that can be queried using the
SNMP protocol and represent the current status of the NTP entity.
This includes general information about the NTP entity itself
(vendor, product, version) as well as connectivity to upstream NTP
servers used as sources of reference time and to hardware reference
clocks like radio clocks. The most important values are included in
order to be able to detect failures before they can have an impact on
the overall time synchronization status of the network. There are
also a collection of notification objects to inform about state
changes in the NTP entity. There are objects to control these
notifications as well.
2. Conventions Used In This Document
The capitalized key words "MUST", "MUST NOT", "REQUIRED", "SHALL",
"SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in
[RFC2119].
3. The Internet-Standard Management Framework
For a detailed overview of the documents that describe the current
Internet-Standard Management Framework, please refer to section 7 of
RFC3410 [RFC3410].
Managed objects are accessed via a virtual information store, termed
the Management Information Base or MIB. MIB objects are generally
accessed through the Simple Network Management Protocol (SNMP).
Objects in the MIB are defined using the mechanisms defined in the
Structure of Management Information (SMI). This memo specifies a MIB
module that is compliant to the SMIv2, which is described in RFC2578
[RFC2578], RFC2579 [RFC2579] and RFC2580 [RFC2580].
4. Technical Description
The NTPv4 MIB Module is divided into sections for general server
information, current NTP entity status, status information of all
mobilized associations (e.g. unicast upstream time servers, multicast
or broadcast time references and hardware clocks), NTP entity control
objects, NTP objects used only for notifications, as well as SNMP
notification definitions for core events.
Gerstung, et al. Expires September 6, 2010 [Page 4]
Internet-Draft Definitions of Managed Objects for NTPv4 March 2010
The general server information section contains static information
and can be queried to identify which NTP implementation is running on
a host. This includes the vendor and product name of the running NTP
software as well as version information, hardware/os platform
identity and the time resolution of the underlying OS.
Section 2 (current NTP status) includes data objects that represent
the current operational status of the NTP entity.
The third section contains data objects that represent the set of
time references ("associations") the NTP entity is currently working
with.
The fourth section contains objects that can be used to control the
NTP entity. The currently defined objects control how often the
heartbeat interval notification is sent out and which notifications
are enabled.
The fifth section contains objects that are only used as varbinds in
notifications. There is currently only one object in this section--a
message that adds a clear text event message to notifications.
Certain important events can occur while the NTP entity is running.
The notification section defines SNMP notifications for a collection
of the most important ones ("core events") and additionally provides
a heartbeat notification as well as a test notification to allow
management systems to test the reception of NTP related notifications
as well as enable heartbeat-based monitoring systems to assure that
the NTP entity is still up and running.
Some values are included both in numeric and in human-readable
(string) format. This has been done to simplify the representation
of a status information. If the two representations of a certain
value differ, the numeric representation takes precedence.
5. MIB Definition
-- *********************************************************************
--
-- The Network Time Protocol Version 4
-- Management Information Base (MIB)
--
-- Authors: Heiko Gerstung (heiko.gerstung@meinberg.de)
-- Chris Elliott (chelliot@pobox.com)
--
-- for the Internet Engineering Task Force (IETF)
-- NTP Working Group (ntpwg)
Gerstung, et al. Expires September 6, 2010 [Page 5]
Internet-Draft Definitions of Managed Objects for NTPv4 March 2010
--
--
-- *********************************************************************
-- Rev 1.00
-- Published as RFC YYYY
--
-- *********************************************************************
NTPv4-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE , mib-2, Integer32, NOTIFICATION-TYPE,
Unsigned32, Counter32, TimeTicks
FROM SNMPv2-SMI -- RFC2578
MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
FROM SNMPv2-CONF -- RFC2580
DisplayString, TEXTUAL-CONVENTION
FROM SNMPv2-TC -- RFC2579
InetAddressType, InetAddress
FROM INET-ADDRESS-MIB -- RFC4001
Utf8String
FROM SYSAPPL-MIB; -- RFC2287
ntpSnmpMIB MODULE-IDENTITY
LAST-UPDATED "201003050000Z" -- March 5, 2010
ORGANIZATION "The IETF NTP Working Group (ntpwg)"
CONTACT-INFO
" WG Email: ntpwg@lists.ntp.isc.org
Subscribe:
https://lists.ntp.isc.org/mailman/listinfo/ntpwg
Heiko Gerstung
Meinberg Funkuhren Gmbh & Co. KG
Lange Wand 9
Bad Pyrmont 31812
Germany
Phone: +49 5281 9309 25
Email: heiko.gerstung@meinberg.de
Chris Elliott
1516 Kent St.
Durham, NC 27707
USA
Phone: +1-919-308-1216
Email: chelliot@pobox.com
Gerstung, et al. Expires September 6, 2010 [Page 6]
Internet-Draft Definitions of Managed Objects for NTPv4 March 2010
Brian Haberman
11100 Johns Hopkins Road
Laurel, MD 20723
USA
Phone: +1-443-778-1319
Email: brian@innovationslab.net"
DESCRIPTION
"The Management Information Base for NTP time entities.
Copyright (c) 2010 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with
respect to this document. Code Components extracted from this
document must include Simplified BSD License text as described
in Section 4.e of the Trust Legal Provisions and are provided
without warranty as described in the BSD License."
REVISION "201003050000Z"
DESCRIPTION
"This revision of the MIB module is published as RFC YYYY."
::= { mib-2 XXXXX }
ntpSnmpMIBObjects OBJECT IDENTIFIER ::= { ntpSnmpMIB 1 }
-- MIB contains 6 groups
ntpEntInfo OBJECT IDENTIFIER ::= { ntpSnmpMIBObjects 1 }
ntpEntStatus OBJECT IDENTIFIER ::= { ntpSnmpMIBObjects 2 }
ntpAssociation OBJECT IDENTIFIER ::= { ntpSnmpMIBObjects 3 }
ntpEntControl OBJECT IDENTIFIER ::= { ntpSnmpMIBObjects 4 }
ntpEntNotifObjects OBJECT IDENTIFIER ::= { ntpSnmpMIBObjects 5 }
--
-- Textual Conventions
--
NtpStratum ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION
Gerstung, et al. Expires September 6, 2010 [Page 7]
Internet-Draft Definitions of Managed Objects for NTPv4 March 2010
"The NTP stratum, with 16 representing no stratum."
SYNTAX Unsigned32 (1..16)
NtpDateTime ::= TEXTUAL-CONVENTION
DISPLAY-HINT "4d:4d:4d.4d"
STATUS current
DESCRIPTION
"NTP date/time on the device, in 128-bit
NTP date format. If time is not syncronized this
field shall be a zero-length string.
This TC is not to be used for objects that are used
to set the time of the node querying this object.
NTP should be used for this--or at least SNTP."
REFERENCE "draft-ietf-ntp-ntpv4-proto, section 6"
SYNTAX OCTET STRING (SIZE (0 | 16))
--
-- Section 1: General NTP Entity information objects
-- (relatively static information)
--
ntpEntSoftwareName OBJECT-TYPE
SYNTAX Utf8String
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The product name of the running NTP version, e.g. 'ntpd'"
::= { ntpEntInfo 1 }
ntpEntSoftwareVersion OBJECT-TYPE
SYNTAX Utf8String
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The software version of the installed NTP implementation
as a full version string, e.g. 'ntpd-4.2.0b@1.1433 ...'"
::= { ntpEntInfo 2 }
ntpEntSoftwareVendor OBJECT-TYPE
SYNTAX Utf8String
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The vendor/author of the installed NTP version."
::= { ntpEntInfo 3 }
ntpEntSystemType OBJECT-TYPE
Gerstung, et al. Expires September 6, 2010 [Page 8]
Internet-Draft Definitions of Managed Objects for NTPv4 March 2010
SYNTAX Utf8String
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"General hardware/os platform information,
e.g. 'Linux 2.6.12 / x86'"
-- freely configurable, default is OS Version / Hardware platform
::= { ntpEntInfo 4 }
ntpEntTimeResolution OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The time resolution in integer format, where the resolution
is represented as divisions of a second, e.g. a value of 1000
translates to 1.0 ms."
::= { ntpEntInfo 5 }
ntpEntTimePrecision OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The entity's precision in integer format, shows the precision.
A value of -5 would mean 2^-5 = 31.25 ms"
::= { ntpEntInfo 6 }
ntpEntTimeDistance OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The distance from this NTP entity to the root time reference
(stratum 0) source including the unit, e.g. '13.243 ms'"
::= { ntpEntInfo 7 }
--
-- Section 2: Current NTP status (dynamic information)
--
ntpEntStatusCurrentMode OBJECT-TYPE
SYNTAX INTEGER {
notRunning(1),
notSynchronized(2),
noneConfigured(3),
syncToLocal(4),
syncToRefclock(5),
Gerstung, et al. Expires September 6, 2010 [Page 9]
Internet-Draft Definitions of Managed Objects for NTPv4 March 2010
syncToRemoteServer(6),
unknown(99)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The current mode of the NTP. The definition of each possible
value is:
notRunning(1) - NTP is not running
notSynchronized(2) - NTP is not synchronized to any time
source (stratum = 16)
noneConfigured(3) - NTP is not synchronized and does not
have a reference configured
(stratum = 16)
syncToLocal(4) - NTP is distributing time based on its
local clock (degraded accuracy and/or
reliability)
syncToRefclock(5) - NTP is synchronized to a local
hardware refclock (e.g. GPS)
syncToRemoteServer(6) - NTP is synchronized to a remote
NTP server ('upstream' server)
unknown(99) - The state of NTP is unknown."
::= { ntpEntStatus 1 }
ntpEntStatusStratum OBJECT-TYPE
SYNTAX NtpStratum
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The NTP entity's own stratum value. Should be stratum of
syspeer + 1 (or 16 if no syspeer)"
::= { ntpEntStatus 2 }
ntpEntStatusActiveRefSourceId OBJECT-TYPE
SYNTAX Unsigned32 ( 0..99999 )
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The association ID of the current syspeer."
::= { ntpEntStatus 3 }
ntpEntStatusActiveRefSourceName OBJECT-TYPE
SYNTAX Utf8String
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The hostname/descriptive name of the current reference source
selected as syspeer, e.g. 'ntp1.ptb.de' or 'GPS' or 'DCFi' ..."
Gerstung, et al. Expires September 6, 2010 [Page 10]
Internet-Draft Definitions of Managed Objects for NTPv4 March 2010
::= { ntpEntStatus 4 }
ntpEntStatusActiveOffset OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The Time offset to the current selected reference time source
as a string including unit, e.g. '0.032 ms' or '1.232 s'"
::= { ntpEntStatus 5 }
ntpEntStatusNumberOfRefSources OBJECT-TYPE
SYNTAX Unsigned32 (0..99)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of reference sources configured for NTP."
::= { ntpEntStatus 6 }
ntpEntStatusDispersion OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The root dispersion of the running NTP entity, e.g. '6.927'"
::= { ntpEntStatus 7 }
ntpEntStatusEntityUptime OBJECT-TYPE
SYNTAX TimeTicks
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The uptime of the NTP entity, (i.e. the time since ntpd was
(re-)initialized not sysUptime!). The time is represented in
hundreds of seconds since Jan 1, 1970 (00:00:00.000) UTC"
::= { ntpEntStatus 8 }
ntpEntStatusDateTime OBJECT-TYPE
SYNTAX NtpDateTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The current NTP date/time on the device, in 128-bit
NTP date format. If time is not syncronized this
field shall be a zero-length string.
This object can be used to timestamp events on this
node and allow a management station to coorelate
Gerstung, et al. Expires September 6, 2010 [Page 11]
Internet-Draft Definitions of Managed Objects for NTPv4 March 2010
different time objects. For example, a management
station could query this object and sysUpTime in
the same operation to be able to relate sysUpTime
to NTP time.
This object is not to be used to set the time of
the node querying this object. NTP should be used
for this--or at least SNTP."
REFERENCE "draft-ietf-ntp-ntpv4-proto, section 6"
::= { ntpEntStatus 9 }
ntpEntStatusLeapSecond OBJECT-TYPE
SYNTAX NtpDateTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Date the next known leap second will occur. If there is
no leap second announced then this object should be 0."
::= { ntpEntStatus 10 }
ntpEntStatusLeapSecDirection OBJECT-TYPE
SYNTAX Integer32 (-1..1)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Direction of next known leap second. If there is no
leap second announced then this object should be 0."
::= { ntpEntStatus 11 }
ntpEntStatusInPkts OBJECT-TYPE
SYNTAX Counter32
UNITS "packets"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of NTP messages delivered to the
NTP entity from the transport service.
Discountinuities in the value of this counter can occur
upon cold start or reinitialization of the NTP entity, the
management system and at other times as indicated by
discontinuities in the value of sysUpTime."
::= { ntpEntStatus 12 }
ntpEntStatusOutPkts OBJECT-TYPE
SYNTAX Counter32
UNITS "packets"
MAX-ACCESS read-only
Gerstung, et al. Expires September 6, 2010 [Page 12]
Internet-Draft Definitions of Managed Objects for NTPv4 March 2010
STATUS current
DESCRIPTION
"The total number of NTP messages delivered to the
transport service by this NTP entity.
Discountinuities in the value of this counter can occur
upon cold start or reinitialization of the NTP entity, the
management system and at other times as indicated by
discontinuities in the value of sysUpTime."
::= { ntpEntStatus 13 }
ntpEntStatusBadVersion OBJECT-TYPE
SYNTAX Counter32
UNITS "packets"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of NTP messages which were delivered
to this NTP entity and were for an unsupported NTP
version.
Discountinuities in the value of this counter can occur
upon cold start or reinitialization of the NTP entity, the
management system and at other times as indicated by
discontinuities in the value of sysUpTime."
::= { ntpEntStatus 14 }
ntpEntStatusProtocolError OBJECT-TYPE
SYNTAX Counter32
UNITS "packets"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of NTP messages which were delivered
to this NTP entity and this entity was not able to
process due to an NTP protocol error.
Discountinuities in the value of this counter can occur
upon cold start or reinitialization of the NTP entity, the
management system and at other times as indicated by
discontinuities in the value of sysUpTime."
::= { ntpEntStatus 15 }
ntpEntStatusNotifications OBJECT-TYPE
SYNTAX Counter32
UNITS "notifications"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of SNMP notifications which this NTP
entity has generated.
Gerstung, et al. Expires September 6, 2010 [Page 13]
Internet-Draft Definitions of Managed Objects for NTPv4 March 2010
Discountinuities in the value of this counter can occur
upon cold start or reinitialization of the NTP entity, the
management system and at other times as indicated by
discontinuities in the value of sysUpTime."
::= { ntpEntStatus 16 }
ntpEntStatPktModeTable OBJECT-TYPE
SYNTAX SEQUENCE OF NtpEntStatPktModeEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The number of packets sent and received by packet mode.
One entry per packet mode."
::= { ntpEntStatus 17 }
ntpEntStatPktModeEntry OBJECT-TYPE
SYNTAX NtpEntStatPktModeEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A statistical record of the number of packets sent and
received for each packet mode."
INDEX { ntpEntStatPktMode }
::= { ntpEntStatPktModeTable 1 }
NtpEntStatPktModeEntry ::= SEQUENCE {
ntpEntStatPktMode INTEGER,
ntpEntStatPktSent Counter32,
ntpEntStatPktReceived Counter32
}
ntpEntStatPktMode OBJECT-TYPE
SYNTAX INTEGER {
symetricactive(1),
symetricpassive(2),
client(3),
server(4),
broadcastserver(5),
broadcastclient(6)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The NTP packet mode."
::= { ntpEntStatPktModeEntry 1 }
ntpEntStatPktSent OBJECT-TYPE
SYNTAX Counter32
Gerstung, et al. Expires September 6, 2010 [Page 14]
Internet-Draft Definitions of Managed Objects for NTPv4 March 2010
UNITS "packets"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of NTP packets sent with this packet mode.
Discountinuities in the value of this counter can occur
upon cold start or reinitialization of the NTP entity, the
management system and at other times as indicated by
discontinuities in the value of sysUpTime."
::= { ntpEntStatPktModeEntry 2 }
ntpEntStatPktReceived OBJECT-TYPE
SYNTAX Counter32
UNITS "packets"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of NTP packets received with this packet mode.
Discountinuities in the value of this counter can occur
upon cold start or reinitialization of the NTP entity, the
management system and at other times as indicated by
discontinuities in the value of sysUpTime."
::= { ntpEntStatPktModeEntry 3 }
--
-- Section 3: The status of all currently mobilized associations
--
ntpAssociationTable OBJECT-TYPE
SYNTAX SEQUENCE OF NtpAssociationEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table of currently mobilized associations."
::= { ntpAssociation 1 }
ntpAssociationEntry OBJECT-TYPE
SYNTAX NtpAssociationEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table entry of currently mobilized associations."
INDEX { ntpAssocId }
::= { ntpAssociationTable 1 }
NtpAssociationEntry ::= SEQUENCE {
Gerstung, et al. Expires September 6, 2010 [Page 15]
Internet-Draft Definitions of Managed Objects for NTPv4 March 2010
ntpAssocId Unsigned32,
ntpAssocName Utf8String,
ntpAssocRefId DisplayString,
ntpAssocAddressType InetAddressType,
ntpAssocAddress InetAddress,
ntpAssocOffset DisplayString,
ntpAssocStratum NtpStratum,
ntpAssocStatusJitter DisplayString,
ntpAssocStatusDelay DisplayString,
ntpAssocStatusDispersion DisplayString
}
ntpAssocId OBJECT-TYPE
SYNTAX Unsigned32 ( 1..99999 )
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The association ID. This is an internal, unique ID."
::= { ntpAssociationEntry 1 }
ntpAssocName OBJECT-TYPE
SYNTAX Utf8String
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The hostname or other descriptive name for the association."
::= { ntpAssociationEntry 2 }
ntpAssocRefId OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The refclock driver ID, if available."
-- a refclock driver ID like "127.127.1.0" for non
-- uni/multi/broadcast associations
::= { ntpAssociationEntry 3 }
ntpAssocAddressType OBJECT-TYPE
SYNTAX InetAddressType { ipv4(1), ipv6(2), ipv4z(3), ipv6z(4) }
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of address of the association. Can be either IPv4 or
IPv6 (both with or without zone index) and contains the type of
address for unicast, multicast and broadcast associations."
::= { ntpAssociationEntry 4 }
Gerstung, et al. Expires September 6, 2010 [Page 16]
Internet-Draft Definitions of Managed Objects for NTPv4 March 2010
ntpAssocAddress OBJECT-TYPE
SYNTAX InetAddress (SIZE (4|8|16|20))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The IP address (IPv4 or IPv6, with or without zone index) of
the association. The type and size depends on the
ntpAssocAddressType object. Represents the IP address of a
uni/multi/broadcast association."
::= { ntpAssociationEntry 5 }
ntpAssocOffset OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The time offset to the association as a string."
-- including unit, e.g. "0.032 ms" or "1.232 s"
::= { ntpAssociationEntry 6 }
ntpAssocStratum OBJECT-TYPE
SYNTAX NtpStratum
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The association stratum value."
::= { ntpAssociationEntry 7 }
ntpAssocStatusJitter OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The jitter in miliseconds as a string."
::= { ntpAssociationEntry 8 }
ntpAssocStatusDelay OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The network delay in miliseconds as a string."
::= { ntpAssociationEntry 9 }
ntpAssocStatusDispersion OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
Gerstung, et al. Expires September 6, 2010 [Page 17]
Internet-Draft Definitions of Managed Objects for NTPv4 March 2010
DESCRIPTION
"The root dispersion of the association."
-- e.g. "6.927"
::= { ntpAssociationEntry 10 }
ntpAssociationStatisticsTable OBJECT-TYPE
SYNTAX SEQUENCE OF NtpAssociationStatisticsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table of statistics for current associations."
::= { ntpAssociation 2 }
ntpAssociationStatisticsEntry OBJECT-TYPE
SYNTAX NtpAssociationStatisticsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table entry of statistics for current associations."
INDEX { ntpAssocId }
::= { ntpAssociationStatisticsTable 1 }
NtpAssociationStatisticsEntry ::= SEQUENCE {
ntpAssocStatInPkts Counter32,
ntpAssocStatOutPkts Counter32,
ntpAssocStatProtocolError Counter32
}
ntpAssocStatInPkts OBJECT-TYPE
SYNTAX Counter32
UNITS "packets"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of NTP messages delivered to the
NTP entity from this association.
Discountinuities in the value of this counter can occur
upon cold start or reinitialization of the NTP entity, the
management system and at other times as indicated by
discontinuities in the value of sysUpTime."
::= { ntpAssociationStatisticsEntry 1 }
ntpAssocStatOutPkts OBJECT-TYPE
SYNTAX Counter32
UNITS "packets"
MAX-ACCESS read-only
STATUS current
Gerstung, et al. Expires September 6, 2010 [Page 18]
Internet-Draft Definitions of Managed Objects for NTPv4 March 2010
DESCRIPTION
"The total number of NTP messages delivered to the
transport service by this NTP entity for this
association.
Discountinuities in the value of this counter can occur
upon cold start or reinitialization of the NTP entity, the
management system and at other times as indicated by
discontinuities in the value of sysUpTime."
::= { ntpAssociationStatisticsEntry 2 }
ntpAssocStatProtocolError OBJECT-TYPE
SYNTAX Counter32
UNITS "packets"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of NTP messages which were delivered
to this NTP entity from this association and this entity
was not able to process due to an NTP protocol error.
Discountinuities in the value of this counter can occur
upon cold start or reinitialization of the NTP entity, the
management system and at other times as indicated by
discontinuities in the value of sysUpTime."
::= { ntpAssociationStatisticsEntry 3 }
--
-- Section 4: Control objects
--
ntpEntHeartbeatInterval OBJECT-TYPE
SYNTAX Unsigned32
UNITS "seconds"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The interval at which the ntpEntNotifHeartbeat notification
should be sent, in seconds. If set to 0 and the
entNotifHeartbeat bit in ntpEntNotifBits is 1 then
ntpEntNotifHeartbeat is sent once.
This value is stored persistently and will be restored to its
last set value upon cold start or restart."
DEFVAL { 60 }
::= { ntpEntControl 1 }
ntpEntNotifBits OBJECT-TYPE
SYNTAX BITS {
Gerstung, et al. Expires September 6, 2010 [Page 19]
Internet-Draft Definitions of Managed Objects for NTPv4 March 2010
notUsed(0), -- Used to sync up bit and notification
-- indices
entNotifModeChange(1),
entNotifStratumChange(2),
entNotifSyspeerChanged(3),
entNotifAddAssociation(4),
entNotifRemoveAssociation(5),
entNotifConfigChanged(6),
entNotifLeapSecondAnnounced(7),
entNotifHeartbeat(8)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"A bit for each notification. A 1 for a particular bit enables
that particular notification, a 0 disables it.
This value is stored persistently and will be restored to its
last set value upon cold start or restart."
::= { ntpEntControl 2 }
--
-- Section 5: Notification objects
--
ntpEntNotifMessage OBJECT-TYPE
SYNTAX Utf8String
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"Used as a payload object for all notifications. Holds a clear
text event message."
DEFVAL { "no event" }
::= { ntpEntNotifObjects 1 }
--
-- SNMP notification definitions
--
ntpEntNotifications OBJECT IDENTIFIER ::= { ntpSnmpMIB 0 }
ntpEntNotifModeChange NOTIFICATION-TYPE
OBJECTS { ntpEntStatusCurrentMode }
STATUS current
DESCRIPTION
"The notification to be sent when the NTP entity changes mode,
including starting and stopping (if possible)"
::= { ntpEntNotifications 1 }
Gerstung, et al. Expires September 6, 2010 [Page 20]
Internet-Draft Definitions of Managed Objects for NTPv4 March 2010
ntpEntNotifStratumChange NOTIFICATION-TYPE
OBJECTS { ntpEntStatusDateTime, ntpEntStatusStratum,
ntpEntNotifMessage }
STATUS current
DESCRIPTION
"The notification to be sent when stratum level of NTP changes."
::= { ntpEntNotifications 2 }
ntpEntNotifSyspeerChanged NOTIFICATION-TYPE
OBJECTS { ntpEntStatusDateTime, ntpEntStatusActiveRefSourceId,
ntpEntNotifMessage }
STATUS current
DESCRIPTION
"The notification to be sent when a (new) syspeer has been
selected."
::= { ntpEntNotifications 3 }
ntpEntNotifAddAssociation NOTIFICATION-TYPE
OBJECTS { ntpEntStatusDateTime, ntpAssocName, ntpEntNotifMessage }
STATUS current
DESCRIPTION
"The notification to be sent when a new association is
mobilized."
::= { ntpEntNotifications 4 }
ntpEntNotifRemoveAssociation NOTIFICATION-TYPE
OBJECTS { ntpEntStatusDateTime, ntpAssocName, ntpEntNotifMessage }
STATUS current
DESCRIPTION
"The notification to be sent when an association is
demobilized."
::= { ntpEntNotifications 5 }
ntpEntNotifConfigChanged NOTIFICATION-TYPE
OBJECTS { ntpEntStatusDateTime, ntpEntNotifMessage }
STATUS current
DESCRIPTION
"The notification to be sent when the NTP configuration has
changed, e.g. when the system connected to the internet and was
assigned a new IP address by the ISPs DHCP server"
::= { ntpEntNotifications 6 }
ntpEntNotifLeapSecondAnnounced NOTIFICATION-TYPE
OBJECTS { ntpEntStatusDateTime, ntpEntNotifMessage }
STATUS current
DESCRIPTION
"The notification to be sent when a leap second has been
announced."
Gerstung, et al. Expires September 6, 2010 [Page 21]
Internet-Draft Definitions of Managed Objects for NTPv4 March 2010
::= { ntpEntNotifications 7 }
ntpEntNotifHeartbeat NOTIFICATION-TYPE
OBJECTS { ntpEntStatusDateTime, ntpEntStatusCurrentMode,
ntpEntHeartbeatInterval, ntpEntNotifMessage }
STATUS current
DESCRIPTION
"The notification to be sent periodically (as defined by
ntpEntHeartbeatInterval) to indicate that the NTP entity is
still alive."
::= { ntpEntNotifications 8 }
--
-- Conformance/Compliance statements
--
ntpEntConformance OBJECT IDENTIFIER ::= { ntpSnmpMIB 2 }
ntpEntCompliances OBJECT IDENTIFIER ::= { ntpEntConformance 1 }
ntpEntGroups OBJECT IDENTIFIER ::= { ntpEntConformance 2 }
ntpEntNTPCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMP entities which use NTP and
implement the NTP MIB"
MODULE -- this module
MANDATORY-GROUPS {
ntpEntObjectsGroup1
}
::= { ntpEntCompliances 1 }
ntpEntSNTPCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMP entities which use SNTP and
implement the NTP MIB"
MODULE -- this module
MANDATORY-GROUPS {
ntpEntObjectsGroup1
}
GROUP ntpEntObjectsGroup2
DESCRIPTION
"optional object group"
GROUP ntpEntNotifGroup
DESCRIPTION
"optional notifications for this MIB"
::= { ntpEntCompliances 2 }
Gerstung, et al. Expires September 6, 2010 [Page 22]
Internet-Draft Definitions of Managed Objects for NTPv4 March 2010
ntpEntObjectsGroup1 OBJECT-GROUP
OBJECTS {
ntpEntSoftwareName,
ntpEntSoftwareVersion,
ntpEntSoftwareVendor,
ntpEntSystemType,
ntpEntStatusEntityUptime,
ntpEntStatusDateTime,
ntpAssocName,
ntpAssocRefId,
ntpAssocAddressType,
ntpAssocAddress
}
STATUS current
DESCRIPTION
"A collection of objects for the NTP MIB."
::= { ntpEntGroups 1 }
ntpEntObjectsGroup2 OBJECT-GROUP
OBJECTS {
ntpEntTimeResolution,
ntpEntTimePrecision,
ntpEntTimeDistance,
ntpEntStatusCurrentMode,
ntpEntStatusStratum,
ntpEntStatusActiveRefSourceId,
ntpEntStatusActiveRefSourceName,
ntpEntStatusActiveOffset,
ntpEntStatusNumberOfRefSources,
ntpEntStatusDispersion,
ntpEntStatusLeapSecond,
ntpEntStatusLeapSecDirection,
ntpEntStatusInPkts,
ntpEntStatusOutPkts,
ntpEntStatusBadVersion,
ntpEntStatusProtocolError,
ntpEntStatusNotifications,
ntpEntStatPktSent,
ntpEntStatPktReceived,
ntpAssocOffset,
ntpAssocStratum,
ntpAssocStatusJitter,
ntpAssocStatusDelay,
ntpAssocStatusDispersion,
ntpAssocStatInPkts,
ntpAssocStatOutPkts,
ntpAssocStatProtocolError,
ntpEntHeartbeatInterval,
Gerstung, et al. Expires September 6, 2010 [Page 23]
Internet-Draft Definitions of Managed Objects for NTPv4 March 2010
ntpEntNotifBits,
ntpEntNotifMessage
}
STATUS current
DESCRIPTION
"A collection of objects for the NTP MIB."
::= { ntpEntGroups 2 }
ntpEntNotifGroup NOTIFICATION-GROUP
NOTIFICATIONS {
ntpEntNotifModeChange,
ntpEntNotifStratumChange,
ntpEntNotifSyspeerChanged,
ntpEntNotifAddAssociation,
ntpEntNotifRemoveAssociation,
ntpEntNotifConfigChanged,
ntpEntNotifLeapSecondAnnounced,
ntpEntNotifHeartbeat
}
STATUS current
DESCRIPTION
"A collection of notifications for the NTP MIB"
::= { ntpEntGroups 3 }
END
6. IANA Considerations
The MIB module in this document uses the following IANA-assigned
OBJECT IDENTIFIER values recorded in the SMI Numbers registry:
Descriptor OBJECT IDENTIFIER value
---------- -----------------------
ntpSnmp { mib-2 XXX }
RFC Ed. : the IANA is requested to assign a value for "XXX" under the
'mib-2' subtree and to record the assignment in the SMI Numbers
registry. When the assignment has been made, the RFC Editor is asked
to replace "XXX" (here and in the MIB module) with the assigned value
and to remove this note.
7. Security Considerations
There are currently two management objects defined in this MIB module
with a MAX-ACCESS clause of read-write and/or read-create. Such
Gerstung, et al. Expires September 6, 2010 [Page 24]
Internet-Draft Definitions of Managed Objects for NTPv4 March 2010
objects may be considered sensitive or vulnerable in some network
environments. The support for SET operations in a non-secure
environment without proper protection can have a negative effect on
network operations. These are the objects and their sensitivity/
vulnerability:
ntpEntHeartbeatInterval controls the interval of heartbeat
notifications. If set to 1 this will cause the NTP entity to send
one notification each second. This is the maximum rate (1/s) that
can be generated automatically. If it is set to 0, then one single
hearbeat notification will be created and no further automatically
generated notification is sent. This functionality can be used to
create notifications at a higher rate (as high as the object can be
written).
ntpEntNotifBits enables/disables notifications. Could be used to
switch off notifications in order to delay or eliminate the
notification for critical and important events.
Some of the readable objects in this MIB module (i.e., objects with a
MAX-ACCESS other than not-accessible) may be considered sensitive or
vulnerable in some network environments. It is thus important to
control even GET and/or NOTIFY access to these objects and possibly
to even encrypt the values of these objects when sending them over
the network via SNMP. These are the tables and objects and their
sensitivity/vulnerability:
ntpEntSoftwareName, ntpEntSoftwareVersion, ntpEntSoftwareVendor and
ntpEntSystemType all can be used to identify software and its version
as well as the operating system and hardware platform. This might
help a potential attacker to find security problems and therefore can
be used in the preparation of an attack.
SNMP versions prior to SNMPv3 did not include adequate security.
Even if the network itself is secure (for example by using IPsec),
even then, there is no control as to who on the secure network is
allowed to access and GET/SET (read/change/create/delete) the objects
in this MIB module. It is RECOMMENDED that implementers consider the
security features as provided by the SNMPv3 framework (see RFC3410
[RFC3410], section 8), including full support for the SNMPv3
cryptographic mechanisms (for authentication and privacy). Further,
deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED.
Instead, it is RECOMMENDED to deploy SNMPv3 and to enable
cryptographic security. It is then a customer/operator
responsibility to ensure that the SNMP entity giving access to an
instance of this MIB module is properly configured to give access to
the objects only to those principals (users) that have legitimate
rights to indeed GET or SET (change/create/delete) them.
Gerstung, et al. Expires September 6, 2010 [Page 25]
Internet-Draft Definitions of Managed Objects for NTPv4 March 2010
8. References
8.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[I-D.ietf-ntp-ntpv4-proto]
Kasch, W., Mills, D., and J. Burbank, "Network Time
Protocol Version 4 Protocol And Algorithms Specification",
draft-ietf-ntp-ntpv4-proto-13 (work in progress),
October 2009.
[RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J.
Schoenwaelder, Ed., "Structure of Management Information
Version 2 (SMIv2)", STD 58, RFC 2578, April 1999.
[RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J.
Schoenwaelder, Ed., "Textual Conventions for SMIv2",
STD 58, RFC 2579, April 1999.
[RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder,
"Conformance Statements for SMIv2", STD 58, RFC 2580,
April 1999.
[RFC4001] Daniele, M., Haberman, B., Routhier, S., and J.
Schoenwaelder, "Textual Conventions for Internet Network
Addresses", RFC 4001, February 2005.
8.2. Informative References
[RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart,
"Introduction and Applicability Statements for Internet-
Standard Management Framework", RFC 3410, December 2002.
Authors' Addresses
Heiko Gerstung
Meinberg Funkuhren Gmbh & Co. KG
Lange Wand 9
Bad Pyrmont 31812
Germany
Phone: +49 5281 9309 25
Email: heiko.gerstung@meinberg.de
Gerstung, et al. Expires September 6, 2010 [Page 26]
Internet-Draft Definitions of Managed Objects for NTPv4 March 2010
Chris Elliott
1516 Kent St.
Durham, NC 27707
USA
Phone: +1-919-308-1216
Email: chelliot@pobox.com
Brian Haberman (editor)
Johns Hopkins University Applied Physics Lab
11100 Johns Hopkins Road
Laurel, MD 20723-6099
US
Phone: +1 443 778 1319
Email: brian@innovationslab.net
Gerstung, et al. Expires September 6, 2010 [Page 27]
Html markup produced by rfcmarkup 1.129d, available from
https://tools.ietf.org/tools/rfcmarkup/