draft-ietf-ntp-yang-data-model-06.txt   draft-ietf-ntp-yang-data-model-07.txt 
NTP Working Group N. Wu NTP Working Group N. Wu
Internet-Draft D. Dhody Internet-Draft D. Dhody
Intended status: Standards Track Huawei Intended status: Standards Track Huawei
Expires: December 28, 2019 A. Sinha Expires: December 29, 2019 A. Sinha
A. Kumar S N A. Kumar S N
RtBrick Inc. RtBrick Inc.
Y. Zhao Y. Zhao
Ericsson Ericsson
June 26, 2019 June 27, 2019
A YANG Data Model for NTP A YANG Data Model for NTP
draft-ietf-ntp-yang-data-model-06 draft-ietf-ntp-yang-data-model-07
Abstract Abstract
This document defines a YANG data model for Network Time Protocol This document defines a YANG data model for Network Time Protocol
(NTP) implementations. The data model includes configuration data (NTP) implementations. The data model includes configuration data
and state data. and state data.
Requirements Language Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
skipping to change at page 1, line 45 skipping to change at page 1, line 45
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on December 28, 2019. This Internet-Draft will expire on December 29, 2019.
Copyright Notice Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 34 skipping to change at page 2, line 34
1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3
1.3. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . 3 1.3. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . 3
1.4. Prefixes in Data Node Names . . . . . . . . . . . . . . . 3 1.4. Prefixes in Data Node Names . . . . . . . . . . . . . . . 3
1.5. Refrences in the Model . . . . . . . . . . . . . . . . . 4 1.5. Refrences in the Model . . . . . . . . . . . . . . . . . 4
2. NTP data model . . . . . . . . . . . . . . . . . . . . . . . 4 2. NTP data model . . . . . . . . . . . . . . . . . . . . . . . 4
3. Relationship with NTPv4-MIB . . . . . . . . . . . . . . . . . 9 3. Relationship with NTPv4-MIB . . . . . . . . . . . . . . . . . 9
4. Relationship with RFC 7317 . . . . . . . . . . . . . . . . . 9 4. Relationship with RFC 7317 . . . . . . . . . . . . . . . . . 9
5. Access Rules . . . . . . . . . . . . . . . . . . . . . . . . 10 5. Access Rules . . . . . . . . . . . . . . . . . . . . . . . . 10
6. Key Management . . . . . . . . . . . . . . . . . . . . . . . 10 6. Key Management . . . . . . . . . . . . . . . . . . . . . . . 10
7. NTP YANG Module . . . . . . . . . . . . . . . . . . . . . . . 10 7. NTP YANG Module . . . . . . . . . . . . . . . . . . . . . . . 10
8. Usage Example . . . . . . . . . . . . . . . . . . . . . . . . 35 8. Usage Example . . . . . . . . . . . . . . . . . . . . . . . . 36
8.1. Unicast association . . . . . . . . . . . . . . . . . . . 36 8.1. Unicast association . . . . . . . . . . . . . . . . . . . 36
8.2. Refclock master . . . . . . . . . . . . . . . . . . . . . 37 8.2. Refclock master . . . . . . . . . . . . . . . . . . . . . 37
8.3. Authentication configuration . . . . . . . . . . . . . . 38 8.3. Authentication configuration . . . . . . . . . . . . . . 38
8.4. Access configuration . . . . . . . . . . . . . . . . . . 40 8.4. Access configuration . . . . . . . . . . . . . . . . . . 40
8.5. Multicast configuration . . . . . . . . . . . . . . . . . 40 8.5. Multicast configuration . . . . . . . . . . . . . . . . . 40
8.6. Manycast configuration . . . . . . . . . . . . . . . . . 44 8.6. Manycast configuration . . . . . . . . . . . . . . . . . 44
8.7. Clock state . . . . . . . . . . . . . . . . . . . . . . . 47 8.7. Clock state . . . . . . . . . . . . . . . . . . . . . . . 47
8.8. Get all association . . . . . . . . . . . . . . . . . . . 47 8.8. Get all association . . . . . . . . . . . . . . . . . . . 47
8.9. Global statistic . . . . . . . . . . . . . . . . . . . . 49 8.9. Global statistic . . . . . . . . . . . . . . . . . . . . 49
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 49 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 49
skipping to change at page 4, line 15 skipping to change at page 4, line 15
+-----------+--------------------------+-----------+ +-----------+--------------------------+-----------+
| Prefix | YANG module | Reference | | Prefix | YANG module | Reference |
+-----------+--------------------------+-----------+ +-----------+--------------------------+-----------+
| yang | ietf-yang-types | [RFC6991] | | yang | ietf-yang-types | [RFC6991] |
| inet | ietf-inet-types | [RFC6991] | | inet | ietf-inet-types | [RFC6991] |
| if | ietf-interfaces | [RFC8343] | | if | ietf-interfaces | [RFC8343] |
| ianach | iana-crypt-hash | [RFC7317] | | ianach | iana-crypt-hash | [RFC7317] |
| key-chain | ietf-key-chain | [RFC8177] | | key-chain | ietf-key-chain | [RFC8177] |
| acl | ietf-access-control-list | [RFC8519] | | acl | ietf-access-control-list | [RFC8519] |
| rt-types | ietf-routing-types | [RFC8294] | | rt-types | ietf-routing-types | [RFC8294] |
| nacm | ietf-netconf-acm | [RFC8341] |
+-----------+--------------------------+-----------+ +-----------+--------------------------+-----------+
Table 1: Prefixes and corresponding YANG modules Table 1: Prefixes and corresponding YANG modules
1.5. Refrences in the Model 1.5. Refrences in the Model
Following documents are refrenced in the model defined in this Following documents are refrenced in the model defined in this
document - document -
+-------------------------------------------------------+-----------+ +-------------------------------------------------------+-----------+
| Title | Reference | | Title | Reference |
+-------------------------------------------------------+-----------+ +-------------------------------------------------------+-----------+
| Network Time Protocol Version 4: Protocol and | [RFC5905] | | Network Time Protocol Version 4: Protocol and | [RFC5905] |
| Algorithms Specification | | | Algorithms Specification | |
| Common YANG Data Types | [RFC6991] | | Common YANG Data Types | [RFC6991] |
| A YANG Data Model for System Management | [RFC7317] | | A YANG Data Model for System Management | [RFC7317] |
| YANG Data Model for Key Chains | [RFC8177] | | YANG Data Model for Key Chains | [RFC8177] |
| Common YANG Data Types for the Routing Area | [RFC8294] | | Common YANG Data Types for the Routing Area | [RFC8294] |
| Network Configuration Access Control Model | [RFC8341] |
| A YANG Data Model for Interface Management | [RFC8343] | | A YANG Data Model for Interface Management | [RFC8343] |
| YANG Data Model for Network Access Control Lists | [RFC8519] | | YANG Data Model for Network Access Control Lists | [RFC8519] |
| (ACLs) | | | (ACLs) | |
+-------------------------------------------------------+-----------+ +-------------------------------------------------------+-----------+
Table 2: Refrences in the YANG modules Table 2: Refrences in the YANG modules
2. NTP data model 2. NTP data model
This document defines the YANG module "ietf-ntp", which has the This document defines the YANG module "ietf-ntp", which has the
skipping to change at page 10, line 46 skipping to change at page 10, line 46
cryptographic keys indexed by a key identifier included in the NTP cryptographic keys indexed by a key identifier included in the NTP
message. This key-id is 32-bits unsigned integer that MUST be message. This key-id is 32-bits unsigned integer that MUST be
configured on the NTP peers before the authentication could be used. configured on the NTP peers before the authentication could be used.
For this reason, this YANG modules allow such configuration via For this reason, this YANG modules allow such configuration via
/ntp/authentication/authentication-keys/. Further at the time of /ntp/authentication/authentication-keys/. Further at the time of
configuration of NTP association (for example unicast-server), the configuration of NTP association (for example unicast-server), the
key-id is specefied. key-id is specefied.
7. NTP YANG Module 7. NTP YANG Module
<CODE BEGINS> file "ietf-ntp@2019-06-26.yang" <CODE BEGINS> file "ietf-ntp@2019-06-28.yang"
module ietf-ntp { module ietf-ntp {
yang-version 1.1; yang-version 1.1;
namespace "urn:ietf:params:xml:ns:yang:ietf-ntp"; namespace "urn:ietf:params:xml:ns:yang:ietf-ntp";
prefix "ntp"; prefix "ntp";
import ietf-yang-types { import ietf-yang-types {
prefix "yang"; prefix "yang";
reference "RFC 6991: Common YANG Data Types"; reference "RFC 6991: Common YANG Data Types";
skipping to change at page 11, line 43 skipping to change at page 11, line 43
reference "RFC 8519: YANG Data Model for Network Access Control reference "RFC 8519: YANG Data Model for Network Access Control
Lists (ACLs)"; Lists (ACLs)";
} }
import ietf-routing-types { import ietf-routing-types {
prefix "rt-types"; prefix "rt-types";
reference "RFC 8294: Common YANG Data Types for the Routing Area"; reference "RFC 8294: Common YANG Data Types for the Routing Area";
} }
import ietf-netconf-acm {
prefix nacm;
reference
"RFC 8341: Network Configuration Protocol (NETCONF) Access
Control Model";
}
organization organization
"IETF NTP (Network Time Protocol) Working Group"; "IETF NTP (Network Time Protocol) Working Group";
contact contact
"WG Web: <http://tools.ietf.org/wg/ntp/> "WG Web: <http://tools.ietf.org/wg/ntp/>
WG List: <mailto: ntpwg@lists.ntp.org WG List: <mailto: ntpwg@lists.ntp.org
Editor: Eric Wu Editor: Eric Wu
<mailto:eric.wu@huawei.com> <mailto:eric.wu@huawei.com>
Editor: Anil Kumar S N Editor: Anil Kumar S N
<mailto:anil.ietf@gmail.com> <mailto:anil.ietf@gmail.com>
skipping to change at page 12, line 29 skipping to change at page 12, line 36
Redistribution and use in source and binary forms, Redistribution and use in source and binary forms,
with or without modification, is permitted pursuant to, with or without modification, is permitted pursuant to,
and subject to the license terms contained in, the and subject to the license terms contained in, the
Simplified BSD License set forth in Section 4.c of the Simplified BSD License set forth in Section 4.c of the
IETF Trust's Legal Provisions Relating to IETF Documents IETF Trust's Legal Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info). (https://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX; This version of this YANG module is part of RFC XXXX;
see the RFC itself for full legal notices."; see the RFC itself for full legal notices.";
revision 2019-06-26 { revision 2019-06-28 {
description description
"Initial revision."; "Initial revision.";
reference reference
"RFC XXXX: A YANG Data Model for NTP."; "RFC XXXX: A YANG Data Model for NTP.";
} }
/* Note: The RFC Editor will replace XXXX with the number assigned /* Note: The RFC Editor will replace XXXX with the number assigned
to this document once it becomes an RFC.*/ to this document once it becomes an RFC.*/
/* Typedef Definitions */ /* Typedef Definitions */
skipping to change at page 19, line 15 skipping to change at page 19, line 21
"Authentication key identifier."; "Authentication key identifier.";
} }
leaf algorithm { leaf algorithm {
type identityref { type identityref {
base key-chain:crypto-algorithm; base key-chain:crypto-algorithm;
} }
description description
"Authentication algorithm."; "Authentication algorithm.";
} }
leaf key { leaf key {
nacm:default-deny-all;
type ianach:crypt-hash; type ianach:crypt-hash;
description description
"The key"; "The key";
} }
leaf istrusted { leaf istrusted {
type boolean; type boolean;
description description
"Key-id is trusted or not"; "Key-id is trusted or not";
} }
reference reference
skipping to change at page 51, line 7 skipping to change at page 51, line 7
manycast mode, and indirectly creates or modify the NTP manycast mode, and indirectly creates or modify the NTP
associations. Unexpected changes could lead to disruption and/or associations. Unexpected changes could lead to disruption and/or
network misbehavior. network misbehavior.
Some of the readable data nodes in this YANG module may be considered Some of the readable data nodes in this YANG module may be considered
sensitive or vulnerable in some network environments. It is thus sensitive or vulnerable in some network environments. It is thus
important to control read access (e.g., via get, get-config, or important to control read access (e.g., via get, get-config, or
notification) to these data nodes. These are the subtrees and data notification) to these data nodes. These are the subtrees and data
nodes and their sensitivity/vulnerability: nodes and their sensitivity/vulnerability:
/ntp/authentication/authentication-keys - The entries in the list
includes all the NTP authentication keys. This information is
sensitive and can be exploited and thus unauthorized access to
this needs to be curtailed.
/ntp/associations - The entries in the list includes all active /ntp/associations - The entries in the list includes all active
NTP associations of all modes. Unauthorized access to this needs NTP associations of all modes. Unauthorized access to this also
to be curtailed. needs to be curtailed.
11. Acknowledgments 11. Acknowledgments
The authors would like to express their thanks to Sladjana Zoric, The authors would like to express their thanks to Sladjana Zoric,
Danny Mayer, Harlan Stenn, Ulrich Windl, Miroslav Lichvar, and Danny Mayer, Harlan Stenn, Ulrich Windl, Miroslav Lichvar, Maurice
Maurice Angermann for their review and suggestions. Angermann, and Watson Ladd for their review and suggestions.
12. References 12. References
12.1. Normative References 12.1. Normative References
[RFC1305] Mills, D., "Network Time Protocol (Version 3) [RFC1305] Mills, D., "Network Time Protocol (Version 3)
Specification, Implementation and Analysis", RFC 1305, Specification, Implementation and Analysis", RFC 1305,
DOI 10.17487/RFC1305, March 1992, DOI 10.17487/RFC1305, March 1992,
<https://www.rfc-editor.org/info/rfc1305>. <https://www.rfc-editor.org/info/rfc1305>.
 End of changes. 14 change blocks. 
11 lines changed or deleted 26 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/