draft-ietf-ntp-yang-data-model-02.txt   draft-ietf-ntp-yang-data-model-03.txt 
Network Working Group N. Wu NTP Working Group N. Wu
Internet-Draft Huawei Internet-Draft Huawei
Intended status: Standards Track A. Kumar S N Intended status: Standards Track A. Kumar S N
Expires: September 6, 2018 RtBrick Inc. Expires: December 24, 2018 RtBrick Inc.
Y. Zhao Y. Zhao
Ericsson Ericsson
D. Dhody D. Dhody
Huawei Huawei
A. Sinha A. Sinha
RtBrick Inc. RtBrick Inc.
March 5, 2018 June 22, 2018
A YANG Data Model for NTP A YANG Data Model for NTP
draft-ietf-ntp-yang-data-model-02 draft-ietf-ntp-yang-data-model-03
Abstract Abstract
This document defines a YANG data model for Network Time Protocol This document defines a YANG data model for Network Time Protocol
(NTP) implementations. The data model includes configuration data (NTP) implementations. The data model includes configuration data
and state data. and state data.
Requirements Language Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
skipping to change at page 1, line 47 skipping to change at page 1, line 47
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on September 6, 2018. This Internet-Draft will expire on December 24, 2018.
Copyright Notice Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the Copyright (c) 2018 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Operational State . . . . . . . . . . . . . . . . . . . . 3 1.1. Operational State . . . . . . . . . . . . . . . . . . . . 3
1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3
1.3. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . 3 1.3. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . 3
2. NTP data model . . . . . . . . . . . . . . . . . . . . . . . 3 1.4. Prefixes in Data Node Names . . . . . . . . . . . . . . . 3
3. Relationship with NTPv4-MIB . . . . . . . . . . . . . . . . . 6 2. NTP data model . . . . . . . . . . . . . . . . . . . . . . . 4
4. Relationship with RFC 7317 . . . . . . . . . . . . . . . . . 7 3. Relationship with NTPv4-MIB . . . . . . . . . . . . . . . . . 7
5. NTP YANG Module . . . . . . . . . . . . . . . . . . . . . . . 8 4. Relationship with RFC 7317 . . . . . . . . . . . . . . . . . 9
6. Usage Example . . . . . . . . . . . . . . . . . . . . . . . . 28 5. NTP YANG Module . . . . . . . . . . . . . . . . . . . . . . . 9
6.1. Unicast association . . . . . . . . . . . . . . . . . . . 28 6. Usage Example . . . . . . . . . . . . . . . . . . . . . . . . 29
6.2. Refclock master . . . . . . . . . . . . . . . . . . . . . 29 6.1. Unicast association . . . . . . . . . . . . . . . . . . . 29
6.3. Authentication configuration . . . . . . . . . . . . . . 30 6.2. Refclock master . . . . . . . . . . . . . . . . . . . . . 31
6.4. Access configuration . . . . . . . . . . . . . . . . . . 32 6.3. Authentication configuration . . . . . . . . . . . . . . 32
6.5. Multicast configuration . . . . . . . . . . . . . . . . . 32 6.4. Access configuration . . . . . . . . . . . . . . . . . . 34
6.6. Manycast configuration . . . . . . . . . . . . . . . . . 36 6.5. Multicast configuration . . . . . . . . . . . . . . . . . 34
6.7. Clock state . . . . . . . . . . . . . . . . . . . . . . . 39 6.6. Manycast configuration . . . . . . . . . . . . . . . . . 38
6.8. Get all association . . . . . . . . . . . . . . . . . . . 39 6.7. Clock state . . . . . . . . . . . . . . . . . . . . . . . 41
6.9. Global statistic . . . . . . . . . . . . . . . . . . . . 41 6.8. Get all association . . . . . . . . . . . . . . . . . . . 41
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 41 6.9. Global statistic . . . . . . . . . . . . . . . . . . . . 43
8. Security Considerations . . . . . . . . . . . . . . . . . . . 42 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 43
9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 43 8. Security Considerations . . . . . . . . . . . . . . . . . . . 44
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 43 9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 45
10.1. Normative References . . . . . . . . . . . . . . . . . . 43 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 45
10.2. Informative References . . . . . . . . . . . . . . . . . 44 10.1. Normative References . . . . . . . . . . . . . . . . . . 45
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 44 10.2. Informative References . . . . . . . . . . . . . . . . . 47
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 47
1. Introduction 1. Introduction
This document defines a YANG [RFC6020] data model for Network Time This document defines a YANG [RFC6020] data model for Network Time
Protocol [RFC5905] implementations. Protocol [RFC5905] implementations.
The data model convers configuration of system parameters of NTP, The data model convers configuration of system parameters of NTP,
such as access rules, authentication and VPN Routing and Forwarding such as access rules, authentication and VPN Routing and Forwarding
(VRF) binding, and also associations of NTP in different modes and (VRF) binding, and also associations of NTP in different modes and
parameters of per-interface. It also provides information about parameters of per-interface. It also provides information about
running state of NTP implementations. running state of NTP implementations.
1.1. Operational State 1.1. Operational State
NTP Operational State is included in the same tree as NTP NTP Operational State is included in the same tree as NTP
configuration, consistent with Network Management Datastore configuration, consistent with Network Management Datastore
Architecture [I-D.ietf-netmod-revised-datastores]. NTP current state Architecture [RFC8342]. NTP current state and statistics are also
and statistics are also maintained in the operational state. maintained in the operational state. Additionally, the operational
Additionally, the operational state also include the associations state also include the associations state.
state.
1.2. Terminology 1.2. Terminology
The terminology used in this document is aligned to [RFC5905]. The terminology used in this document is aligned to [RFC5905].
1.3. Tree Diagrams 1.3. Tree Diagrams
A simplified graphical representation of the data model is used in A simplified graphical representation of the data model is used in
this document. This document uses the graphical representation of this document. This document uses the graphical representation of
data models defined in [I-D.ietf-netmod-yang-tree-diagrams]. data models defined in [RFC8340].
1.4. Prefixes in Data Node Names
In this document, names of data nodes and other data model objects
are often used without a prefix, as long as it is clear from the
context in which YANG module each name is defined. Otherwise, names
are prefixed using the standard prefix associated with the
corresponding YANG module, as shown in Table 1.
+----------+--------------------------+-----------------------------+
| Prefix | YANG module | Reference |
+----------+--------------------------+-----------------------------+
| yang | ietf-yang-types | [RFC6991] |
| inet | ietf-inet-types | [RFC6991] |
| if | ietf-interfaces | [RFC8343] |
| ianach | iana-crypt-hash | [RFC7317] |
| key- | ietf-key-chain | [RFC8177] |
| chain | | |
| acl | ietf-access-control-list | [I-D.ietf-netmod-acl-model] |
| rt-types | ietf-routing-types | [RFC8294] |
+----------+--------------------------+-----------------------------+
Table 1: Prefixes and corresponding YANG modules
2. NTP data model 2. NTP data model
This document defines the YANG module "ietf-ntp", which has the This document defines the YANG module "ietf-ntp", which has the
following structure: following structure:
module: ietf-ntp module: ietf-ntp
+--rw ntp! +--rw ntp!
+--rw port? uint16 {ntp-port}? +--rw port? uint16 {ntp-port}?
+--rw refclock-master! +--rw refclock-master!
| +--rw master-stratum? ntp-stratum | +--rw master-stratum? ntp-stratum
+--rw authentication +--rw authentication
| +--rw auth-enabled? boolean | +--rw auth-enabled? boolean
| +--rw trusted-keys* [key-id] | +--rw trusted-keys* [key-id]
| | +--rw key-id leafref | | +--rw key-id
| +--rw authentication-keys* [key-id] | | -> /ntp/authentication/authentication-keys/key-id
| +--rw key-id uint32 | +--rw authentication-keys* [key-id]
| +--rw algorithm? identityref | +--rw key-id uint32
| +--rw password? ianach:crypt-hash | +--rw algorithm? identityref
+--rw access-rules | +--rw password? ianach:crypt-hash
| +--rw access-rule* [access-mode] +--rw access-rules
| +--rw access-mode access-modes | +--rw access-rule* [access-mode]
| +--rw acl? -> /acl:access-lists/acl/name | +--rw access-mode access-modes
+--ro clock-state | +--rw acl? -> /acl:acls/acl/name
| +--ro system-status +--ro clock-state
| +--ro clock-state ntp-clock-status | +--ro system-status
| +--ro clock-stratum ntp-stratum | +--ro clock-state ntp-clock-status
| +--ro clock-refid union | +--ro clock-stratum ntp-stratum
| +--ro associations-address? | +--ro clock-refid union
| | -> /ntp/associations/address | +--ro associations-address?
| +--ro associations-local-mode? | | -> /ntp/associations/address
| | -> /ntp/associations/local-mode | +--ro associations-local-mode?
| +--ro associations-isConfigured? | | -> /ntp/associations/local-mode
| | -> /ntp/associations/isConfigured | +--ro associations-isConfigured?
| +--ro nominal-freq decimal64 | | -> /ntp/associations/isConfigured
| +--ro actual-freq decimal64 | +--ro nominal-freq decimal64
| +--ro clock-precision uint8 | +--ro actual-freq decimal64
| +--ro clock-offset? decimal64 | +--ro clock-precision uint8
| +--ro root-delay? decimal64 | +--ro clock-offset? decimal64
| +--ro root-dispersion? decimal64 | +--ro root-delay? decimal64
| +--ro reference-time? yang:date-and-time | +--ro root-dispersion? decimal64
| +--ro sync-state ntp-sync-state | +--ro reference-time? yang:date-and-time
+--rw unicast-configuration* [address type] | +--ro sync-state ntp-sync-state
| +--rw address inet:host +--rw unicast-configuration* [address type]
| +--rw type unicast-configuration-type | +--rw address inet:host
| +--rw authentication | +--rw type unicast-configuration-type
| | +--rw (authentication-type)? | +--rw authentication
| | +--:(symmetric-key) | | +--rw (authentication-type)?
| | +--rw key-id? leafref | | +--:(symmetric-key)
| +--rw prefer? boolean | | +--rw key-id? leafref
| +--rw burst? boolean | +--rw prefer? boolean
| +--rw iburst? boolean | +--rw burst? boolean
| +--rw source? if:interface-ref | +--rw iburst? boolean
| +--rw minpoll? ntp-minpoll | +--rw source? if:interface-ref
| +--rw maxpoll? ntp-maxpoll | +--rw minpoll? ntp-minpoll
| +--rw port? uint16 {ntp-port}? | +--rw maxpoll? ntp-maxpoll
| +--rw version? ntp-version | +--rw port? uint16 {ntp-port}?
+--ro associations* [address local-mode isConfigured] | +--rw version? ntp-version
| +--ro address inet:host +--ro associations* [address local-mode isConfigured]
| +--ro local-mode association-modes | +--ro address inet:host
| +--ro isConfigured boolean | +--ro local-mode association-modes
| +--ro stratum? ntp-stratum | +--ro isConfigured boolean
| +--ro refid? union | +--ro stratum? ntp-stratum
| +--ro authentication? | +--ro refid? union
| | -> /ntp/authentication/authentication-keys/key-id | +--ro authentication?
| +--ro prefer? boolean | | -> /ntp/authentication/authentication-keys/key-id
| +--ro peer-interface? if:interface-ref | +--ro prefer? boolean
| +--ro minpoll? ntp-minpoll | +--ro peer-interface? if:interface-ref
| +--ro maxpoll? ntp-maxpoll | +--ro minpoll? ntp-minpoll
| +--ro port? uint16 {ntp-port}? | +--ro maxpoll? ntp-maxpoll
| +--ro version? ntp-version | +--ro port? uint16 {ntp-port}?
| +--ro reach? uint8 | +--ro version? ntp-version
| +--ro unreach? uint8 | +--ro reach? uint8
| +--ro poll? uint8 | +--ro unreach? uint8
| +--ro now? uint32 | +--ro poll? uint8
| +--ro offset? decimal64 | +--ro now? uint32
| +--ro delay? decimal64 | +--ro offset? decimal64
| +--ro dispersion? decimal64 | +--ro delay? decimal64
| +--ro originate-time? yang:date-and-time | +--ro dispersion? decimal64
| +--ro receive-time? yang:date-and-time | +--ro originate-time? yang:date-and-time
| +--ro transmit-time? yang:date-and-time | +--ro receive-time? yang:date-and-time
| +--ro input-time? yang:date-and-time | +--ro transmit-time? yang:date-and-time
| +--ro ntp-statistics | +--ro input-time? yang:date-and-time
| +--ro packet-sent? yang:counter32 | +--ro ntp-statistics
| +--ro packet-sent-fail? yang:counter32 | +--ro packet-sent? yang:counter32
| +--ro packet-received? yang:counter32 | +--ro packet-sent-fail? yang:counter32
| +--ro packet-dropped? yang:counter32 | +--ro packet-received? yang:counter32
+--rw interfaces | +--ro packet-dropped? yang:counter32
| +--rw interface* [name] +--rw interfaces
| +--rw name if:interface-ref | +--rw interface* [name]
| +--rw broadcast-server! | +--rw name if:interface-ref
| | +--rw ttl? uint8 | +--rw broadcast-server!
| | +--rw authentication | | +--rw ttl? uint8
| | | +--rw (authentication-type)? | | +--rw authentication
| | | +--:(symmetric-key) | | | +--rw (authentication-type)?
| | | +--rw key-id? leafref | | | +--:(symmetric-key)
| | +--rw minpoll? ntp-minpoll | | | +--rw key-id? leafref
| | +--rw maxpoll? ntp-maxpoll | | +--rw minpoll? ntp-minpoll
| | +--rw port? uint16 {ntp-port}? | | +--rw maxpoll? ntp-maxpoll
| | +--rw version? ntp-version | | +--rw port? uint16 {ntp-port}?
| +--rw broadcast-client! | | +--rw version? ntp-version
| +--rw multicast-server* [address] | +--rw broadcast-client!
| | +--rw address | +--rw multicast-server* [address]
| | | rt-types:ip-multicast-group-address | | +--rw address
| | +--rw ttl? uint8 | | | rt-types:ip-multicast-group-address
| | +--rw authentication | | +--rw ttl? uint8
| | | +--rw (authentication-type)? | | +--rw authentication
| | | +--:(symmetric-key) | | | +--rw (authentication-type)?
| | | +--rw key-id? leafref | | | +--:(symmetric-key)
| | +--rw minpoll? ntp-minpoll | | | +--rw key-id? leafref
| | +--rw maxpoll? ntp-maxpoll | | +--rw minpoll? ntp-minpoll
| | +--rw port? uint16 {ntp-port}? | | +--rw maxpoll? ntp-maxpoll
| | +--rw version? ntp-version | | +--rw port? uint16 {ntp-port}?
| +--rw multicast-client* [address] | | +--rw version? ntp-version
| | +--rw address rt-types:ip-multicast-group-address | +--rw multicast-client* [address]
| +--rw manycast-server* [address] | | +--rw address rt-types:ip-multicast-group-address
| | +--rw address rt-types:ip-multicast-group-address | +--rw manycast-server* [address]
| +--rw manycast-client* [address] | | +--rw address rt-types:ip-multicast-group-address
| +--rw address | +--rw manycast-client* [address]
| | rt-types:ip-multicast-group-address | +--rw address
| +--rw authentication | | rt-types:ip-multicast-group-address
| | +--rw (authentication-type)? | +--rw authentication
| | +--:(symmetric-key) | | +--rw (authentication-type)?
| | +--rw key-id? leafref | | +--:(symmetric-key)
| +--rw ttl? uint8 | | +--rw key-id? leafref
| +--rw minclock? uint8 | +--rw ttl? uint8
| +--rw maxclock? uint8 | +--rw minclock? uint8
| +--rw beacon? uint8 | +--rw maxclock? uint8
| +--rw minpoll? ntp-minpoll | +--rw beacon? uint8
| +--rw maxpoll? ntp-maxpoll | +--rw minpoll? ntp-minpoll
| +--rw port? uint16 {ntp-port}? | +--rw maxpoll? ntp-maxpoll
| +--rw version? ntp-version | +--rw port? uint16 {ntp-port}?
+--ro ntp-statistics | +--rw version? ntp-version
+--ro packet-sent? yang:counter32 +--ro ntp-statistics
+--ro packet-sent-fail? yang:counter32 +--ro packet-sent? yang:counter32
+--ro packet-received? yang:counter32 +--ro packet-sent-fail? yang:counter32
+--ro packet-dropped? yang:counter32 +--ro packet-received? yang:counter32
+--ro packet-dropped? yang:counter32
grouping authentication-type-param
+-- (authentication-type)?
+--:(symmetric-key)
+-- key-id?
-> /ntp/authentication/authentication-keys/key-id
grouping comman-attributes
+-- minpoll? ntp-minpoll
+-- maxpoll? ntp-maxpoll
+-- port? uint16 {ntp-port}?
+-- version? ntp-version
grouping association-ref
+-- associations-address? -> /ntp/associations/address
+-- associations-local-mode? -> /ntp/associations/local-mode
+-- associations-isConfigured?
-> /ntp/associations/isConfigured
grouping statistics
+-- packet-sent? yang:counter32
+-- packet-sent-fail? yang:counter32
+-- packet-received? yang:counter32
+-- packet-dropped? yang:counter32
grouping authentication-key
+-- key-id? uint32
+-- algorithm? identityref
+-- password? ianach:crypt-hash
This data model defines one top-level container which includes both This data model defines one top-level container which includes both
the NTP configuration and the NTP running state including access the NTP configuration and the NTP running state including access
rules, authentication, associations, unicast configurations, rules, authentication, associations, unicast configurations,
interfaces, system status and associations. interfaces, system status and associations.
3. Relationship with NTPv4-MIB 3. Relationship with NTPv4-MIB
If the device implements the NTPv4-MIB [RFC5907], data nodes from If the device implements the NTPv4-MIB [RFC5907], data nodes from
YANG module can be mapped to table entries in NTPv4-MIB. YANG module can be mapped to table entries in NTPv4-MIB.
skipping to change at page 8, line 22 skipping to change at page 9, line 30
| unicast-configuration/type | server/association-type | | unicast-configuration/type | server/association-type |
| unicast-configuration/iburst | server/iburst | | unicast-configuration/iburst | server/iburst |
| unicast-configuration/prefer | server/prefer | | unicast-configuration/prefer | server/prefer |
+-------------------------------+--------------------------------+ +-------------------------------+--------------------------------+
YANG NTP Configuration Data Nodes and counterparts in RFC 7317 YANG NTP Configuration Data Nodes and counterparts in RFC 7317
Objects Objects
5. NTP YANG Module 5. NTP YANG Module
<CODE BEGINS> file "ietf-ntp@2018-03-05.yang" <CODE BEGINS> file "ietf-ntp@2018-06-22.yang"
module ietf-ntp { module ietf-ntp {
namespace "urn:ietf:params:xml:ns:yang:ietf-ntp"; yang-version 1.1;
prefix "ntp"; namespace "urn:ietf:params:xml:ns:yang:ietf-ntp";
import ietf-yang-types { prefix "ntp";
prefix "yang";
}
import ietf-inet-types { import ietf-yang-types {
prefix "inet"; prefix "yang";
} reference "RFC 6991";
}
import ietf-interfaces { import ietf-inet-types {
prefix "if"; prefix "inet";
} reference "RFC 6991";
}
import iana-crypt-hash { import ietf-interfaces {
prefix "ianach"; prefix "if";
} reference "RFC 8343";
}
import iana-crypt-hash {
prefix "ianach";
reference "RFC 7317";
}
import ietf-key-chain { import ietf-key-chain {
prefix "key-chain"; prefix "key-chain";
} reference "RFC 8177";
}
import ietf-access-control-list { import ietf-access-control-list {
prefix "acl"; prefix "acl";
} reference "RFC XXXX";
import ietf-routing-types { }
prefix "rt-types"; import ietf-routing-types {
} prefix "rt-types";
reference "RFC 8294";
organization }
"IETF NTP (Network Time Protocol) Working Group";
contact organization
"WG Web: <http://tools.ietf.org/wg/ntp/> "IETF NTP (Network Time Protocol) Working Group";
WG List: <mailto: ntpwg@lists.ntp.org
Editor: Eric Wu contact
<mailto:eric.wu@huawei.com> "WG Web: <http://tools.ietf.org/wg/ntp/>
Editor: Anil Kumar S N WG List: <mailto: ntpwg@lists.ntp.org
<mailto:anil.ietf@gmail.com> Editor: Eric Wu
Editor: Yi Zhao <mailto:eric.wu@huawei.com>
<mailto:yi.z.zhao@ericsson.com> Editor: Anil Kumar S N
Editor: Dhruv Dhody <mailto:anil.ietf@gmail.com>
<mailto:dhruv.ietf@gmail.com> Editor: Yi Zhao
Editor: Ankit Kumar Sinha <mailto:yi.z.zhao@ericsson.com>
<mailto:ankit.ietf@gmail.com>"; Editor: Dhruv Dhody
<mailto:dhruv.ietf@gmail.com>
Editor: Ankit Kumar Sinha
<mailto:ankit.ietf@gmail.com>";
description
"This YANG module defines essential components for the
management of a routing subsystem.
Copyright (c) 2018 IETF Trust and the persons identified
as authors of the code. All rights reserved.
Redistribution and use in source and binary forms,
with or without modification, is permitted pursuant to,
and subject to the license terms contained in, the
Simplified BSD License set forth in Section 4.c of the
IETF Trust's Legal Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX;
see the RFC itself for full legal notices.";
revision 2018-06-22 {
description
"Updated revision.";
reference
"RFC XXXX: A YANG Data Model for NTP Management";
}
/* Typedef Definitions */
typedef ntp-stratum {
type uint8 {
range "1..16";
}
description
"The level of each server in the hierarchy is defined by
a stratum number. Primary servers are assigned stratum
one; secondary servers at each lower level are assigned
stratum numbers one greater than the preceding level";
}
typedef ntp-version {
type uint8 {
range "1..4";
}
default "3";
description
"The current NTP version supported by corresponding
association.";
}
typedef ntp-minpoll {
type uint8 {
range "4..17";
}
default "6";
description
"The minimum poll exponent for this NTP association.";
}
typedef ntp-maxpoll {
type uint8 {
range "4..17";
}
default "10";
description
"The maximul poll exponent for this NTP association.";
}
typedef access-modes {
type enumeration {
enum peer {
value "0";
description
"Sets the fully access authority. Both time
request and control query can be performed
on the local NTP service, and the local clock
can be synchronized to the remote server.";
}
enum server {
value "1";
description
"Enables the server access and query.
Both time requests and control query can be
performed on the local NTP service, but the
local clock cannot be synchronized to the
remote server.";
}
enum synchronization {
value "2";
description
"Enables the server to access.
Only time request can be performed on the
local NTP service.";
}
enum query {
value "3";
description
"Sets the maximum access limitation.
Control query can be performed only on the
local NTP service.";
}
}
description
"This defines NTP acess modes.";
}
typedef unicast-configuration-type {
type enumeration {
enum server {
value "0";
description
"Use client association mode. This device
will not provide synchronization to the
configured NTP server.";
}
enum peer {
value "1";
description
"Use symmetric active association mode.
This device may provide synchronization
to the configured NTP server.";
}
}
description
"This defines NTP unicast mode of operation.";
}
typedef association-modes {
type enumeration {
enum client {
value "0";
description
"Use client association mode(mode 3).
This device will not provide synchronization
to the configured NTP server.";
}
enum active {
value "1";
description
"Use symmetric active association mode(mode 1).
This device may synchronize with its NTP peer,
or provide synchronization to configured NTP peer.";
}
enum passive {
value "2";
description
"Use symmetric passive association mode(mode 2).
This device has learnt this asso dynamically.
This device may synchronize with its NTP peer.";
}
enum broadcast {
value "3";
description
"Use broadcast mode(mode 5).
This mode defines that its eigther working
as broadcast-server or multicast-server.";
}
enum broadcast-client {
value "4";
description
"This mode defines that its eigther working
as broadcast-client or multicast-client.";
}
}
description
"This defines NTP association modes.";
}
typedef ntp-clock-status {
type enumeration {
enum synchronized {
value "0";
description
"Indicates that the local clock has been
synchronized with an NTP server or
the reference clock.";
}
enum unsynchronized {
value "1";
description
"Indicates that the local clock has not been
synchronized with any NTP server.";
}
}
description
"This defines NTP clock status.";
}
typedef ntp-sync-state {
type enumeration {
enum clock-not-set {
value "0";
description
"Indicates the clock is not updated.";
}
enum freq-set-by-cfg {
value "1";
description
"Indicates the clock frequency is set by
NTP configuration.";
}
enum clock-set {
value "2";
description
"Indicates the clock is set.";
}
enum freq-not-determined {
value "3";
description
"Indicates the clock is set but the frequency
is not determined.";
}
enum clock-synchronized {
value "4";
description
"Indicates that the clock is synchronized";
}
enum spike {
value "5";
description
"Indicates a time difference of more than 128
milliseconds is detected between NTP server
and client clock. The clock change will take
effect in XXX seconds.";
}
}
description
"This defines NTP clock sync states.";
}
/* feature */
feature ntp-port {
description description
"This YANG module defines essential components for the "Indicates that the device supports the configuration of
management of a routing subsystem. the port for NTP.
Copyright (c) 2018 IETF Trust and the persons identified This is a 'feature', since many implementations do not
as authors of the code. All rights reserved. support any port other than the default port.";
}
Redistribution and use in source and binary forms, /* Groupings */
with or without modification, is permitted pursuant to, grouping authentication-key {
and subject to the license terms contained in, the description
Simplified BSD License set forth in Section 4.c of the "To define an authentication key for a Network Time
IETF Trust's Legal Provisions Relating to IETF Documents Protocol (NTP) time source.";
(http://trustee.ietf.org/license-info). leaf key-id {
type uint32 {
range "1..max";
}
description
"Authentication key identifier.";
}
leaf algorithm {
type identityref {
base key-chain:crypto-algorithm;
}
description
"Authentication algorithm.";
}
leaf password {
type ianach:crypt-hash;
description "Clear or encrypted mode for password text.";
}
}
This version of this YANG module is part of RFC XXXX; grouping authentication-type-param {
see the RFC itself for full legal notices."; description
"Authentication type.";
choice authentication-type {
description
"Type of authentication.";
case symmetric-key {
leaf key-id {
type leafref {
path "/ntp:ntp/ntp:authentication/"
+ "ntp:authentication-keys/ntp:key-id";
}
description
"Authentication key id referenced in this
association.";
}
}
}
}
revision 2018-03-05 { grouping statistics {
description description
"Updated revision."; "NTP packet statistic.";
reference leaf packet-sent {
"RFC XXXX: A YANG Data Model for NTP Management"; type yang:counter32;
} description
"Indicates the total number of packets sent.";
}
leaf packet-sent-fail {
type yang:counter32;
description
"Indicates the number of times packet
sending failed.";
}
leaf packet-received {
type yang:counter32;
description
"Indicates the total number of packets received.";
}
leaf packet-dropped {
type yang:counter32;
description
"Indicates the number of packets dropped.";
}
}
/* Typedef Definitions */ grouping comman-attributes {
description
"NTP common attributes for configuration.";
leaf minpoll {
type ntp-minpoll;
description
"The minimum poll interval used in this association.";
}
leaf maxpoll {
type ntp-maxpoll;
description
"The maximul poll interval used in this association.";
}
leaf port {
if-feature ntp-port;
type uint16 {
range "123 | 1025..max";
}
default "123";
description
"Specify the port used to send NTP packets.";
}
leaf version {
type ntp-version;
description
"NTP version.";
}
}
typedef ntp-stratum { grouping association-ref {
type uint8 { description
range "1..16"; "Reference to NTP association mode";
} leaf associations-address {
description type leafref {
"The level of each server in the hierarchy is defined by path "/ntp:ntp/ntp:associations/ntp:address";
a stratum number. Primary servers are assigned stratum }
one; secondary servers at each lower level are assigned description
stratum numbers one greater than the preceding level"; "Indicates the association address
} which result in clock synchronization.";
}
leaf associations-local-mode {
type leafref {
path "/ntp:ntp/ntp:associations/ntp:local-mode";
}
description
"Indicates the association local-mode
which result in clock synchronization.";
}
leaf associations-isConfigured {
type leafref {
path "/ntp:ntp/ntp:associations/"
+ "ntp:isConfigured";
}
description
"Indicates the association was configured or
dynamic which result in clock synchronization.";
}
}
typedef ntp-version { /* Configuration data nodes */
type uint8 { container ntp {
range "1..4"; presence
} "NTP is enable";
default "3"; description
"Configuration parameters for NTP.";
leaf port {
if-feature ntp-port;
type uint16 {
range "123 | 1025..max";
}
default "123";
description
"Specify the port used to send NTP packets.";
}
container refclock-master {
presence
"NTP master clock is enable";
description
"Configures the device as NTP server.";
leaf master-stratum {
type ntp-stratum;
default "16";
description
"Stratum level from which NTP
clients get their time synchronized.";
}
}
container authentication {
description description
"The current NTP version supported by corresponding "Configuration of authentication.";
association."; leaf auth-enabled {
type boolean;
default false;
description
"Controls whether NTP authentication is enabled
or disabled on this device.";
}
list trusted-keys {
key "key-id";
description
"List of keys trusted by NTP.";
leaf key-id {
type leafref {
path "/ntp:ntp/ntp:authentication/"
+ "ntp:authentication-keys/ntp:key-id";
}
description
"The key trusted by NTP.";
}
}
list authentication-keys {
key "key-id";
uses authentication-key;
description
"List of authentication key.";
}
} }
typedef ntp-minpoll { container access-rules {
type uint8 {
range "4..17";
}
default "6";
description description
"The minimum poll exponent for this NTP association."; "Configuration of access rules.";
list access-rule {
key "access-mode";
description
"List of access rules.";
leaf access-mode {
type access-modes;
description
"NTP access mode.";
}
leaf acl {
type leafref {
path "/acl:acls/acl:acl/acl:name";
}
description
"NTP ACL.";
}
}
} }
typedef ntp-maxpoll { container clock-state {
type uint8 { config "false";
range "4..17";
}
default "10";
description description
"The maximul poll exponent for this NTP association."; "Operational state of the NTP.";
}
typedef access-modes { container system-status {
type enumeration { description
enum peer { "System status of NTP.";
value "0"; leaf clock-state {
description type ntp-clock-status;
"Sets the fully access authority. Both time mandatory true;
request and control query can be performed description "Indicates the state of system clock.";
on the local NTP service, and the local clock
can be synchronized to the remote server.";
}
enum server {
value "1";
description
"Enables the server access and query.
Both time requests and control query can be
performed on the local NTP service, but the
local clock cannot be synchronized to the
remote server.";
} }
enum synchronization { leaf clock-stratum {
value "2"; type ntp-stratum;
description mandatory true;
"Enables the server to access. description
Only time request can be performed on the "Indicates the stratum of the reference clock.";
local NTP service.";
} }
enum query { leaf clock-refid {
value "3"; type union {
description type inet:ipv4-address;
"Sets the maximum access limitation. type binary {
Control query can be performed only on the length "4";
local NTP service."; }
type string {
length "4";
}
}
mandatory true;
description
"IPv4 address or first 32 bits of the MD5 hash of
the IPv6 address or reference clock of the peer to
which clock is synchronized.";
} }
}
description
"This defines NTP acess modes.";
}
typedef unicast-configuration-type { uses association-ref {
type enumeration {
enum server {
value "0";
description description
"Use client association mode. This device "Reference to Association mode";
will not provide synchronization to the
configured NTP server.";
} }
enum peer { leaf nominal-freq {
value "1"; type decimal64 {
description fraction-digits 4;
"Use symmetric active association mode. }
This device may provide synchronization mandatory true;
to the configured NTP server."; description
"Indicates the nominal frequency of the
local clock, in Hz.";
} }
} leaf actual-freq {
description type decimal64 {
"This defines NTP unicast mode of operation."; fraction-digits 4;
} }
typedef association-modes { mandatory true;
type enumeration { description
enum client { "Indicates the actual frequency of the
value "0"; local clock, in Hz.";
description
"Use client association mode(mode 3).
This device will not provide synchronization
to the configured NTP server.";
} }
enum active { leaf clock-precision {
value "1"; type uint8;
description mandatory true;
"Use symmetric active association mode(mode 1). description
This device may synchronize with its NTP peer, "Precision of the clock of this system
or provide synchronization to configured NTP peer."; in Hz.(prec=2^(-n))";
} }
enum passive { leaf clock-offset {
value "2"; type decimal64 {
description fraction-digits 4;
"Use symmetric passive association mode(mode 2). }
This device has learnt this asso dynamically. description
This device may synchronize with its NTP peer."; "Offset of clock to synchronized peer,
in milliseconds.";
} }
enum broadcast { leaf root-delay {
value "3"; type decimal64 {
description fraction-digits 2;
"Use broadcast mode(mode 5). }
This mode defines that its eigther working description
as broadcast-server or multicast-server."; "Total delay along path to root clock,
in milliseconds.";
} }
enum broadcast-client { leaf root-dispersion {
value "4"; type decimal64 {
description fraction-digits 2;
"This mode defines that its eigther working }
as broadcast-client or multicast-client."; description
"Indicates the dispersion between the local clock
and the master reference clock, in milliseconds.";
} }
} leaf reference-time {
description type yang:date-and-time;
"This defines NTP association modes."; description
} "Indicates reference timestamp.";
typedef ntp-clock-status {
type enumeration {
enum synchronized {
value "0";
description
"Indicates that the local clock has been
synchronized with an NTP server or
the reference clock.";
} }
enum unsynchronized { leaf sync-state {
value "1"; type ntp-sync-state;
mandatory true;
description description
"Indicates that the local clock has not been "Indicates the synchronization status of
synchronized with any NTP server."; the local clock.";
} }
} }
}
list unicast-configuration {
key "address type";
description
"list of unicast-configuration.";
leaf address {
type inet:host;
description description
"This defines NTP clock status."; "The address of this association.";
} }
leaf type {
typedef ntp-sync-state { type unicast-configuration-type;
type enumeration {
enum clock-not-set {
value "0";
description
"Indicates the clock is not updated.";
}
enum freq-set-by-cfg {
value "1";
description
"Indicates the clock frequency is set by
NTP configuration.";
}
enum clock-set {
value "2";
description
"Indicates the clock is set.";
}
enum freq-not-determined {
value "3";
description
"Indicates the clock is set but the frequency
is not determined.";
}
enum clock-synchronized {
value "4";
description
"Indicates that the clock is synchronized";
}
enum spike {
value "5";
description
"Indicates a time difference of more than 128
milliseconds is detected between NTP server
and client clock. The clock change will take
effect in XXX seconds.";
}
}
description description
"This defines NTP clock sync states."; "Type for this NTP configuration";
} }
container authentication{
/* feature */
feature ntp-port {
description
"Indicates that the device supports the configuration of
the port for NTP.
This is a 'feature', since many implementations do not
support any port other than the default port.";
}
/* Groupings */
grouping authentication-key {
description description
"To define an authentication key for a Network Time "Authentication type.";
Protocol (NTP) time source."; uses authentication-type-param;
leaf key-id { }
type uint32 { leaf prefer {
range "1..max"; type boolean;
default "false";
description
"Whether this association is preferred.";
}
leaf burst {
type boolean;
default "false";
description
"Sends a series of packets instead of a single packet
within each synchronization interval to achieve faster
synchronization.";
}
leaf iburst {
type boolean;
default "false";
description
"Sends a series of packets instead of a single packet
within the initial synchronization interval to achieve
faster initial synchronization.";
}
leaf source {
type if:interface-ref;
description
"The interface whose ip address this association used
as source address.";
}
uses comman-attributes {
description
"Common attribute like port, version, min and max
poll.";
}
}
list associations {
key "address local-mode isConfigured";
config "false";
description
"list of NTP association.";
leaf address {
type inet:host;
description
"The address of this association.";
}
leaf local-mode {
type association-modes;
description
"Local mode for this NTP association.";
}
leaf isConfigured {
type boolean;
description
"Whether this association is configured or
dynamically learnt.";
}
leaf stratum {
type ntp-stratum;
description
"Indicates the stratum of the reference clock.";
}
leaf refid {
type union {
type inet:ipv4-address;
type binary {
length "4";
} }
description type string {
"Authentication key identifier."; length "4";
}
leaf algorithm {
type identityref {
base key-chain:crypto-algorithm;
} }
description
"Authentication algorithm.";
} }
leaf password { description
type ianach:crypt-hash; "Reference clock type or address for the peer.";
description "Clear or encrypted mode for password text."; }
leaf authentication{
type leafref {
path "/ntp:ntp/ntp:authentication/"
+ "ntp:authentication-keys/ntp:key-id";
} }
description
"Authentication Key used for this association.";
} }
leaf prefer {
grouping authentication-type-param { type boolean;
default "false";
description description
"Authentication type."; "Whether this association is preferred.";
choice authentication-type {
description
"Type of authentication.";
case symmetric-key {
leaf key-id {
type leafref {
path "/ntp:ntp/ntp:authentication/"
+ "ntp:authentication-keys/ntp:key-id";
}
description
"Authentication key id referenced in this
association.";
}
}
}
} }
leaf peer-interface {
grouping statistics { type if:interface-ref;
description description
"NTP packet statistic."; "The interface which is used for communication.";
leaf packet-sent { }
type yang:counter32; uses comman-attributes {
description description
"Indicates the total number of packets sent."; "Common attribute like port, version, min and
max poll.";
}
leaf reach {
type uint8;
description
"Indicates the reachability of the configured
server or peer.";
}
leaf unreach {
type uint8;
description
"Indicates the unreachability of the configured
server or peer.";
}
leaf poll {
type uint8;
description
"Indicates the polling interval for current,
in seconds.";
}
leaf now {
type uint32;
description
"Indicates the time since the NTP packet was
not received or last synchronized, in seconds.";
}
leaf offset {
type decimal64 {
fraction-digits 4;
} }
leaf packet-sent-fail { description
type yang:counter32; "Indicates the offset between the local clock
description and the superior reference clock.";
"Indicates the number of times packet }
sending failed."; leaf delay {
type decimal64 {
fraction-digits 2;
} }
leaf packet-received { description
type yang:counter32; "Indicates the delay between the local clock
description and the superior reference clock.";
"Indicates the total number of packets received."; }
leaf dispersion {
type decimal64 {
fraction-digits 2;
} }
leaf packet-dropped { description
type yang:counter32; "Indicates the dispersion between the local
description clock and the superior reference clock.";
"Indicates the number of packets dropped."; }
leaf originate-time {
type yang:date-and-time;
description
"Indicates packet originate timestamp(T1).";
}
leaf receive-time {
type yang:date-and-time;
description
"Indicates packet receive timestamp(T2).";
}
leaf transmit-time {
type yang:date-and-time;
description
"Indicates packet transmit timestamp(T3).";
}
leaf input-time {
type yang:date-and-time;
description
"Indicates packet input timestamp(T4).";
}
container ntp-statistics {
description
"Per Peer packet send and receive statistic.";
uses statistics {
description
"NTP send and receive packet statistic.";
} }
} }
}
grouping comman-attributes { container interfaces {
description
"Configuration parameters for NTP interfaces.";
list interface {
key "name";
description description
"NTP common attributes for configuration."; "List of interfaces.";
leaf minpoll { leaf name {
type ntp-minpoll; type if:interface-ref;
description description
"The minimum poll interval used in this association."; "The interface name.";
} }
leaf maxpoll {
type ntp-maxpoll; container broadcast-server {
presence
"NTP broadcast-server is configured";
description description
"The maximul poll interval used in this association."; "Configuration of broadcast server.";
} leaf ttl {
leaf port { type uint8;
if-feature ntp-port; description
type uint16 { "Specifies the time to live (TTL) of a
range "123 | 1025..max"; broadcast packet.";
}
container authentication{
description
"Authentication type.";
uses authentication-type-param;
}
uses comman-attributes {
description
"Common attribute like port, version, min and
max poll.";
} }
default "123";
description
"Specify the port used to send NTP packets.";
} }
leaf version { container broadcast-client {
type ntp-version; presence
"NTP broadcast-client is configured";
description description
"NTP version."; "Configuration of broadcast-client.";
} }
}
grouping association-ref { list multicast-server {
description key "address";
"Reference to NTP association node"; description
leaf associations-address { "Configuration of multicast server.";
type leafref { leaf address {
path "/ntp:ntp/ntp:associations/ntp:address"; type rt-types:ip-multicast-group-address;
} description
"The IP address to send NTP multicast packets.";
}
leaf ttl {
type uint8;
description description
"Indicates the association address "Specifies the time to live (TTL) of a
which result in clock synchronization."; multicast packet.";
} }
leaf associations-local-mode { container authentication{
type leafref {
path "/ntp:ntp/ntp:associations/ntp:local-mode";
}
description description
"Indicates the association local-mode "Authentication type.";
which result in clock synchronization."; uses authentication-type-param;
}
uses comman-attributes {
description
"Common attribute like port, version, min and
max poll.";
}
} }
leaf associations-isConfigured { list multicast-client {
type leafref { key "address";
path "/ntp:ntp/ntp:associations/" description
+ "ntp:isConfigured"; "Configuration of multicast-client.";
} leaf address {
type rt-types:ip-multicast-group-address;
description description
"Indicates the association was configured or "The IP address of the multicast group to
dynamic which result in clock synchronization."; join.";
}
} }
} list manycast-server {
key "address";
description
"Configuration of manycast server.";
/* Configuration data nodes */ leaf address {
container ntp { type rt-types:ip-multicast-group-address;
presence description
"NTP is enable"; "The multicast group IP address to receive
description manycast client messages .";
"Configuration parameters for NTP.";
leaf port {
if-feature ntp-port;
type uint16 {
range "123 | 1025..max";
} }
default "123"; reference
description "RFC 5905";
"Specify the port used to send NTP packets.";
} }
container refclock-master { list manycast-client {
presence key "address";
"NTP master clock is enable";
description description
"Configures the device as NTP server."; "Configuration of manycast-client.";
leaf master-stratum { leaf address {
type ntp-stratum; type rt-types:ip-multicast-group-address;
default "16";
description description
"Stratum level from which NTP "The group IP address that the manycast client
clients get their time synchronized."; broadcasts the request message to.";
} }
} container authentication{
container authentication { description
description "Authentication type.";
"Configuration of authentication."; uses authentication-type-param;
leaf auth-enabled { }
type boolean; leaf ttl {
default false; type uint8;
description description
"Controls whether NTP authentication is enabled "Specifies the maximum time to live (TTL) for
or disabled on this device."; the expanding ring search.";
} }
list trusted-keys { leaf minclock {
key "key-id"; type uint8;
description description
"List of keys trusted by NTP."; "The minimum manycast survivors in this
leaf key-id { association.";
type leafref { }
path "/ntp:ntp/ntp:authentication/" leaf maxclock {
+ "ntp:authentication-keys/ntp:key-id"; type uint8;
} description
description "The maximum manycast candidates in this
"The key trusted by NTP."; association.";
} }
} leaf beacon {
list authentication-keys { type uint8;
key "key-id"; description
uses authentication-key; "The maximum interval between beacons in this
description association.";
"List of authentication key."; }
} uses comman-attributes {
} description
"Common attribute like port, version, min and
container access-rules { max poll.";
description }
"Configuration of access rules."; reference
list access-rule { "RFC 5905";
key "access-mode";
description
"List of access rules.";
leaf access-mode {
type access-modes;
description
"NTP access mode.";
}
leaf acl {
type leafref {
path "/acl:access-lists/acl:acl/acl:name";
}
description
"NTP ACL.";
}
}
}
container clock-state {
config "false";
description
"Operational state of the NTP.";
container system-status {
description
"System status of NTP.";
leaf clock-state {
type ntp-clock-status;
mandatory true;
description "Indicates the state of system clock.";
}
leaf clock-stratum {
type ntp-stratum;
mandatory true;
description
"Indicates the stratum of the reference clock.";
}
leaf clock-refid {
type union {
type inet:ipv4-address;
type binary {
length "4";
}
type string {
length "4";
}
}
mandatory true;
description
"IPv4 address or first 32 bits of the MD5 hash of
the IPv6 address or reference clock of the peer to
which clock is synchronized.";
}
uses association-ref {
description
"Reference to Association node";
}
leaf nominal-freq {
type decimal64 {
fraction-digits 4;
}
mandatory true;
description
"Indicates the nominal frequency of the
local clock, in Hz.";
}
leaf actual-freq {
type decimal64 {
fraction-digits 4;
}
mandatory true;
description
"Indicates the actual frequency of the
local clock, in Hz.";
}
leaf clock-precision {
type uint8;
mandatory true;
description
"Precision of the clock of this system
in Hz.(prec=2^(-n))";
}
leaf clock-offset {
type decimal64 {
fraction-digits 4;
}
description
"Offset of clock to synchronized peer,
in milliseconds.";
}
leaf root-delay {
type decimal64 {
fraction-digits 2;
}
description
"Total delay along path to root clock,
in milliseconds.";
}
leaf root-dispersion {
type decimal64 {
fraction-digits 2;
}
description
"Indicates the dispersion between the local clock
and the master reference clock, in milliseconds.";
}
leaf reference-time {
type yang:date-and-time;
description
"Indicates reference timestamp.";
}
leaf sync-state {
type ntp-sync-state;
mandatory true;
description
"Indicates the synchronization status of
the local clock.";
}
}
}
list unicast-configuration {
key "address type";
description
"list of unicast-configuration.";
leaf address {
type inet:host;
description
"The address of this association.";
}
leaf type {
type unicast-configuration-type;
description
"Type for this NTP configuration";
}
container authentication{
description
"Authentication type.";
uses authentication-type-param;
}
leaf prefer {
type boolean;
default "false";
description
"Whether this association is preferred.";
}
leaf burst {
type boolean;
default "false";
description
"Sends a series of packets instead of a single packet
within each synchronization interval to achieve faster
synchronization.";
}
leaf iburst {
type boolean;
default "false";
description
"Sends a series of packets instead of a single packet
within the initial synchronization interval to achieve
faster initial synchronization.";
}
leaf source {
type if:interface-ref;
description
"The interface whose ip address this association used
as source address.";
}
uses comman-attributes {
description
"Common attribute like port, version, min and max
poll.";
}
}
list associations {
key "address local-mode isConfigured";
config "false";
description
"list of NTP association.";
leaf address {
type inet:host;
description
"The address of this association.";
}
leaf local-mode {
type association-modes;
description
"Local mode for this NTP association.";
}
leaf isConfigured {
type boolean;
description
"Whether this association is configured or
dynamically learnt.";
}
leaf stratum {
type ntp-stratum;
description
"Indicates the stratum of the reference clock.";
}
leaf refid {
type union {
type inet:ipv4-address;
type binary {
length "4";
}
type string {
length "4";
}
}
description
"Reference clock type or address for the peer.";
}
leaf authentication{
type leafref {
path "/ntp:ntp/ntp:authentication/"
+ "ntp:authentication-keys/ntp:key-id";
}
description
"Authentication Key used for this association.";
}
leaf prefer {
type boolean;
default "false";
description
"Whether this association is preferred.";
}
leaf peer-interface {
type if:interface-ref;
description
"The interface which is used for communication.";
}
uses comman-attributes {
description
"Common attribute like port, version, min and
max poll.";
}
leaf reach {
type uint8;
description
"Indicates the reachability of the configured
server or peer.";
}
leaf unreach {
type uint8;
description
"Indicates the unreachability of the configured
server or peer.";
}
leaf poll {
type uint8;
description
"Indicates the polling interval for current,
in seconds.";
}
leaf now {
type uint32;
description
"Indicates the time since the NTP packet was
not received or last synchronized, in seconds.";
}
leaf offset {
type decimal64 {
fraction-digits 4;
}
description
"Indicates the offset between the local clock
and the superior reference clock.";
}
leaf delay {
type decimal64 {
fraction-digits 2;
}
description
"Indicates the delay between the local clock
and the superior reference clock.";
}
leaf dispersion {
type decimal64 {
fraction-digits 2;
}
description
"Indicates the dispersion between the local
clock and the superior reference clock.";
}
leaf originate-time {
type yang:date-and-time;
description
"Indicates packet originate timestamp(T1).";
}
leaf receive-time {
type yang:date-and-time;
description
"Indicates packet receive timestamp(T2).";
}
leaf transmit-time {
type yang:date-and-time;
description
"Indicates packet transmit timestamp(T3).";
}
leaf input-time {
type yang:date-and-time;
description
"Indicates packet input timestamp(T4).";
}
container ntp-statistics {
description
"Per Peer packet send and receive statistic.";
uses statistics {
description
"NTP send and receive packet statistic.";
}
}
}
container interfaces {
description
"Configuration parameters for NTP interfaces.";
list interface {
key "name";
description
"List of interfaces.";
leaf name {
type if:interface-ref;
description
"The interface name.";
}
container broadcast-server {
presence
"NTP broadcast-server is configured";
description
"Configuration of broadcast server.";
leaf ttl {
type uint8;
description
"Specifies the time to live (TTL) of a
broadcast packet.";
}
container authentication{
description
"Authentication type.";
uses authentication-type-param;
}
uses comman-attributes {
description
"Common attribute like port, version, min and
max poll.";
}
}
container broadcast-client {
presence
"NTP broadcast-client is configured";
description
"Configuration of broadcast-client.";
}
list multicast-server {
key "address";
description
"Configuration of multicast server.";
leaf address {
type rt-types:ip-multicast-group-address;
description
"The IP address to send NTP multicast packets.";
}
leaf ttl {
type uint8;
description
"Specifies the time to live (TTL) of a
multicast packet.";
}
container authentication{
description
"Authentication type.";
uses authentication-type-param;
}
uses comman-attributes {
description
"Common attribute like port, version, min and
max poll.";
}
}
list multicast-client {
key "address";
description
"Configuration of multicast-client.";
leaf address {
type rt-types:ip-multicast-group-address;
description
"The IP address of the multicast group to
join.";
}
}
list manycast-server {
key "address";
description
"Configuration of manycast server.";
leaf address {
type rt-types:ip-multicast-group-address;
description
"The multicast group IP address to receive
manycast client messages .";
}
}
list manycast-client {
key "address";
description
"Configuration of manycast-client.";
leaf address {
type rt-types:ip-multicast-group-address;
description
"The group IP address that the manycast client
broadcasts the request message to.";
}
container authentication{
description
"Authentication type.";
uses authentication-type-param;
}
leaf ttl {
type uint8;
description
"Specifies the maximum time to live (TTL) for
the expanding ring search.";
}
leaf minclock {
type uint8;
description
"The minimum manycast survivors in this
association.";
}
leaf maxclock {
type uint8;
description
"The maximum manycast candidates in this
association.";
}
leaf beacon {
type uint8;
description
"The maximum interval between beacons in this
association.";
}
uses comman-attributes {
description
"Common attribute like port, version, min and
max poll.";
}
}
} }
} }
container ntp-statistics { }
config "false"; container ntp-statistics {
description config "false";
"Total NTP packet statistic."; description
uses statistics { "Total NTP packet statistic.";
description uses statistics {
"NTP send and receive packet statistic."; description
} "NTP send and receive packet statistic.";
}
}
} }
} }
}
<CODE ENDS> <CODE ENDS>
6. Usage Example 6. Usage Example
6.1. Unicast association 6.1. Unicast association
Below is the example on how to configure a preferred unicast server Below is the example on how to configure a preferred unicast server
present at 1.1.1.1 running at port 1025 with authentication-key 10 present at 192.0.2.1 running at port 1025 with authentication-key 10
and version 4 and version 4
<edit-config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <edit-config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<target> <target>
<running/> <running/>
</target> </target>
<config> <config>
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp"> <ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<unicast-configuration> <unicast-configuration>
<address>1.1.1.1</address> <address>192.0.2.1</address>
<type>server</type> <type>server</type>
<prefer>true</prefer> <prefer>true</prefer>
<version>4</version> <version>4</version>
<port>1025</port> <port>1025</port>
<authentication> <authentication>
<symmetric-key> <symmetric-key>
<key-id>10</key-id> <key-id>10</key-id>
</symmetric-key> </symmetric-key>
</authentication> </authentication>
</unicast-configuration> </unicast-configuration>
</ntp> </ntp>
</config> </config>
</edit-config> </edit-config>
An example with IPv6 would used the an IPv6 address (say 2001:DB8::1)
in the "address" leaf with no change in any other data tree.
Below is the example on how to get unicast configuration Below is the example on how to get unicast configuration
<get> <get>
<filter type="subtree"> <filter type="subtree">
<sys:ntp xmlns:sys="urn:ietf:params:xml:ns:yang:ietf-ntp"> <sys:ntp xmlns:sys="urn:ietf:params:xml:ns:yang:ietf-ntp">
<sys:unicast-configuration> <sys:unicast-configuration>
</sys:unicast-configuration> </sys:unicast-configuration>
</sys:ntp> </sys:ntp>
</filter> </filter>
</get> </get>
<data xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <data xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp"> <ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<unicast-configuration> <unicast-configuration>
<address>1.1.1.1</address> <address>192.0.2.1</address>
<type>server</type> <type>server</type>
<authentication> <authentication>
<symmetric-key> <symmetric-key>
<key-id>10</key-id> <key-id>10</key-id>
</symmetric-key> </symmetric-key>
</authentication> </authentication>
<prefer>true</prefer> <prefer>true</prefer>
<burst>false</burst> <burst>false</burst>
<iburst>true</iburst> <iburst>true</iburst>
<source/> <source/>
skipping to change at page 32, line 51 skipping to change at page 34, line 51
<access-mode>peer</access-mode> <access-mode>peer</access-mode>
<acl>2000</acl> <acl>2000</acl>
</access-rule> </access-rule>
</access-rules> </access-rules>
</ntp> </ntp>
</data> </data>
6.5. Multicast configuration 6.5. Multicast configuration
Below is the example on how to configure multicast-server with Below is the example on how to configure multicast-server with
address as 224.1.1.1, port as 1025 and authentication keyid as 10 address as "224.1.1.1", port as 1025 and authentication keyid as 10
<edit-config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <edit-config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<target> <target>
<running/> <running/>
</target> </target>
<config> <config>
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp"> <ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<interfaces> <interfaces>
<interface> <interface>
<name>Ethernet3/0/0</name> <name>Ethernet3/0/0</name>
<multicast-server> <multicast-server>
skipping to change at page 34, line 41 skipping to change at page 36, line 41
<maxpoll>10</maxpoll> <maxpoll>10</maxpoll>
<port>1025</port> <port>1025</port>
<version>3</version> <version>3</version>
</multicast-server> </multicast-server>
</interface> </interface>
</interfaces> </interfaces>
</ntp> </ntp>
</data> </data>
Below is the example on how to configure multicast-client with Below is the example on how to configure multicast-client with
address as 224.1.1.1 address as "224.1.1.1"
<edit-config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <edit-config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<target> <target>
<running/> <running/>
</target> </target>
<config> <config>
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp"> <ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<interfaces> <interfaces>
<interface> <interface>
<name>Ethernet3/0/0</name> <name>Ethernet3/0/0</name>
<multicast-client> <multicast-client>
skipping to change at page 36, line 8 skipping to change at page 38, line 8
<address>224.1.1.1</address> <address>224.1.1.1</address>
</multicast-client> </multicast-client>
</interface> </interface>
</interfaces> </interfaces>
</ntp> </ntp>
</data> </data>
6.6. Manycast configuration 6.6. Manycast configuration
Below is the example on how to configure manycast-client with address Below is the example on how to configure manycast-client with address
as 224.1.1.1, port as 1025 and authentication keyid as 10 as "224.1.1.1", port as 1025 and authentication keyid as 10
<edit-config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <edit-config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<target> <target>
<running/> <running/>
</target> </target>
<config> <config>
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp"> <ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<interfaces> <interfaces>
<interface> <interface>
<name>Ethernet3/0/0</name> <name>Ethernet3/0/0</name>
skipping to change at page 37, line 43 skipping to change at page 39, line 43
<minpoll>6</minpoll> <minpoll>6</minpoll>
<maxpoll>10</maxpoll> <maxpoll>10</maxpoll>
<port>1025</port> <port>1025</port>
</manycast-client> </manycast-client>
</interface> </interface>
</interfaces> </interfaces>
</ntp> </ntp>
</data> </data>
Below is the example on how to configure manycast-server with address Below is the example on how to configure manycast-server with address
as 224.1.1.1 as "224.1.1.1"
<edit-config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <edit-config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<target> <target>
<running/> <running/>
</target> </target>
<config> <config>
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp"> <ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<interfaces> <interfaces>
<interface> <interface>
<name>Ethernet3/0/0</name> <name>Ethernet3/0/0</name>
<manycast-server> <manycast-server>
skipping to change at page 39, line 24 skipping to change at page 41, line 24
</sys:ntp> </sys:ntp>
</filter> </filter>
</get> </get>
<data xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <data xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp"> <ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<clock-state> <clock-state>
<system-status> <system-status>
<clock-state>synchronized</clock-state> <clock-state>synchronized</clock-state>
<clock-stratum>7</clock-stratum> <clock-stratum>7</clock-stratum>
<clock-refid>1.1.1.1</clock-refid> <clock-refid>192.0.2.1</clock-refid>
<associations-address>1.1.1.1 <associations-address>192.0.2.1
</associations-address> </associations-address>
<associations-local-mode>client <associations-local-mode>client
</associations-local-mode> </associations-local-mode>
<associations-isConfigured>yes <associations-isConfigured>yes
</associations-isConfigured> </associations-isConfigured>
<nominal-freq>100.0</nominal-freq> <nominal-freq>100.0</nominal-freq>
<actual-freq>100.0</actual-freq> <actual-freq>100.0</actual-freq>
<clock-precision>18</clock-precision> <clock-precision>18</clock-precision>
<clock-offset>0.025</clock-offset> <clock-offset>0.025</clock-offset>
<root-delay>0.5</root-delay> <root-delay>0.5</root-delay>
skipping to change at page 40, line 16 skipping to change at page 42, line 16
<sys:ntp xmlns:sys="urn:ietf:params:xml:ns:yang:ietf-ntp"> <sys:ntp xmlns:sys="urn:ietf:params:xml:ns:yang:ietf-ntp">
<sys:associations> <sys:associations>
</sys:associations> </sys:associations>
</sys:ntp> </sys:ntp>
</filter> </filter>
</get> </get>
<data xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <data xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp"> <ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<associations> <associations>
<address>1.1.1.1</address> <address>192.0.2.1</address>
<stratum>9</stratum> <stratum>9</stratum>
<refid>20.1.1.1</refid> <refid>20.1.1.1</refid>
<local-mode>client</local-mode> <local-mode>client</local-mode>
<isConfigured>true</isConfigured> <isConfigured>true</isConfigured>
<authentication-key>10</authentication-key> <authentication-key>10</authentication-key>
<prefer>true</prefer> <prefer>true</prefer>
<peer-interface>Ethernet3/0/0</peer-interface> <peer-interface>Ethernet3/0/0</peer-interface>
<minpoll>6</minpoll> <minpoll>6</minpoll>
<maxpoll>10</maxpoll> <maxpoll>10</maxpoll>
<port>1025</port> <port>1025</port>
skipping to change at page 42, line 15 skipping to change at page 44, line 15
8. Security Considerations 8. Security Considerations
The YANG module specified in this document defines a schema for data The YANG module specified in this document defines a schema for data
that is designed to be accessed via network management protocols such that is designed to be accessed via network management protocols such
as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer
is the secure transport layer, and the mandatory-to-implement secure is the secure transport layer, and the mandatory-to-implement secure
transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer
is HTTPS, and the mandatory-to-implement secure transport is TLS is HTTPS, and the mandatory-to-implement secure transport is TLS
[RFC5246]. [RFC5246].
The NETCONF access control model [RFC6536] provides the means to The NETCONF access control model [RFC8341] provides the means to
restrict access for particular NETCONF or RESTCONF users to a restrict access for particular NETCONF or RESTCONF users to a
preconfigured subset of all available NETCONF or RESTCONF protocol preconfigured subset of all available NETCONF or RESTCONF protocol
operations and content. operations and content.
There are a number of data nodes defined in this YANG module that are There are a number of data nodes defined in this YANG module that are
writable/creatable/deletable (i.e., config true, which is the writable/creatable/deletable (i.e., config true, which is the
default). These data nodes may be considered sensitive or vulnerable default). These data nodes may be considered sensitive or vulnerable
in some network environments. Write operations (e.g., edit-config) in some network environments. Write operations (e.g., edit-config)
to these data nodes without proper protection can have a negative to these data nodes without proper protection can have a negative
effect on network operations. These are the subtrees and data nodes effect on network operations. These are the subtrees and data nodes
skipping to change at page 43, line 19 skipping to change at page 45, line 19
9. Acknowledgments 9. Acknowledgments
The authors would like to express their thanks to Sladjana Zoric, The authors would like to express their thanks to Sladjana Zoric,
Danny Mayer, Harlan Stenn, Ulrich Windl, Miroslav Lichvar, and Danny Mayer, Harlan Stenn, Ulrich Windl, Miroslav Lichvar, and
Maurice Angermann for their review and suggestions. Maurice Angermann for their review and suggestions.
10. References 10. References
10.1. Normative References 10.1. Normative References
[I-D.ietf-netmod-yang-tree-diagrams] [I-D.ietf-netmod-acl-model]
Bjorklund, M. and L. Berger, "YANG Tree Diagrams", draft- Jethanandani, M., Huang, L., Agarwal, S., and D. Blair,
ietf-netmod-yang-tree-diagrams-06 (work in progress), "Network Access Control List (ACL) YANG Data Model",
February 2018. draft-ietf-netmod-acl-model-19 (work in progress), April
2018.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688,
DOI 10.17487/RFC3688, January 2004, DOI 10.17487/RFC3688, January 2004,
<https://www.rfc-editor.org/info/rfc3688>. <https://www.rfc-editor.org/info/rfc3688>.
skipping to change at page 44, line 14 skipping to change at page 46, line 14
[RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed.,
and A. Bierman, Ed., "Network Configuration Protocol and A. Bierman, Ed., "Network Configuration Protocol
(NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011,
<https://www.rfc-editor.org/info/rfc6241>. <https://www.rfc-editor.org/info/rfc6241>.
[RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure
Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011,
<https://www.rfc-editor.org/info/rfc6242>. <https://www.rfc-editor.org/info/rfc6242>.
[RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types",
Protocol (NETCONF) Access Control Model", RFC 6536, RFC 6991, DOI 10.17487/RFC6991, July 2013,
DOI 10.17487/RFC6536, March 2012, <https://www.rfc-editor.org/info/rfc6991>.
<https://www.rfc-editor.org/info/rfc6536>.
[RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF
Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017,
<https://www.rfc-editor.org/info/rfc8040>. <https://www.rfc-editor.org/info/rfc8040>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>. May 2017, <https://www.rfc-editor.org/info/rfc8174>.
10.2. Informative References [RFC8177] Lindem, A., Ed., Qu, Y., Yeung, D., Chen, I., and J.
Zhang, "YANG Data Model for Key Chains", RFC 8177,
DOI 10.17487/RFC8177, June 2017,
<https://www.rfc-editor.org/info/rfc8177>.
[I-D.ietf-netmod-revised-datastores] [RFC8294] Liu, X., Qu, Y., Lindem, A., Hopps, C., and L. Berger,
Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., "Common YANG Data Types for the Routing Area", RFC 8294,
and R. Wilton, "Network Management Datastore DOI 10.17487/RFC8294, December 2017,
Architecture", draft-ietf-netmod-revised-datastores-10 <https://www.rfc-editor.org/info/rfc8294>.
(work in progress), January 2018.
[RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams",
BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018,
<https://www.rfc-editor.org/info/rfc8340>.
[RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration
Access Control Model", STD 91, RFC 8341,
DOI 10.17487/RFC8341, March 2018,
<https://www.rfc-editor.org/info/rfc8341>.
[RFC8343] Bjorklund, M., "A YANG Data Model for Interface
Management", RFC 8343, DOI 10.17487/RFC8343, March 2018,
<https://www.rfc-editor.org/info/rfc8343>.
10.2. Informative References
[RFC7317] Bierman, A. and M. Bjorklund, "A YANG Data Model for [RFC7317] Bierman, A. and M. Bjorklund, "A YANG Data Model for
System Management", RFC 7317, DOI 10.17487/RFC7317, August System Management", RFC 7317, DOI 10.17487/RFC7317, August
2014, <https://www.rfc-editor.org/info/rfc7317>. 2014, <https://www.rfc-editor.org/info/rfc7317>.
[RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K.,
and R. Wilton, "Network Management Datastore Architecture
(NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018,
<https://www.rfc-editor.org/info/rfc8342>.
Authors' Addresses Authors' Addresses
Nan Wu Nan Wu
Huawei Huawei
Huawei Bld., No.156 Beiqing Rd. Huawei Bld., No.156 Beiqing Rd.
Beijing 100095 Beijing 100095
China China
Email: eric.wu@huawei.com Email: eric.wu@huawei.com
Anil Kumar S N Anil Kumar S N
RtBrick Inc. RtBrick Inc.
Bangalore, Kanataka Bangalore, Kanataka
India India
Email: anil.ietf@gmail.com Email: anil.ietf@gmail.com
Yi Zhao Yi Zhao
Ericsson Ericsson
China Digital Kingdom Bld., No.1 WangJing North Rd. China Digital Kingdom Bld., No.1 WangJing North Rd.
 End of changes. 108 change blocks. 
1049 lines changed or deleted 1135 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/