[要約] RFC 9249 は、NTPバージョン4およびバージョン3を設定および管理するために使用できるYANGデータモデルを定義しています。このデータモデルには、設定データと状態データが含まれています。
Internet Engineering Task Force (IETF) N. Wu
Request for Comments: 9249 D. Dhody, Ed.
Category: Standards Track Huawei
ISSN: 2070-1721 A. Sinha, Ed.
A. Kumar S N
RtBrick Inc.
Y. Zhao
Ericsson
July 2022
A YANG Data Model for NTP
NTPのYangデータモデル
Abstract
概要
This document defines a YANG data model that can be used to configure and manage Network Time Protocol (NTP) version 4. It can also be used to configure and manage version 3. The data model includes configuration data and state data.
このドキュメントでは、ネットワークタイムプロトコル(NTP)バージョン4の構成と管理に使用できるYangデータモデルを定義します。バージョン3の構成と管理にも使用できます。データモデルには、構成データと状態データが含まれます。
Status of This Memo
本文書の位置付け
This is an Internet Standards Track document.
これは、インターネット標準トラックドキュメントです。
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 7841.
このドキュメントは、インターネットエンジニアリングタスクフォース(IETF)の製品です。IETFコミュニティのコンセンサスを表しています。公開レビューを受けており、インターネットエンジニアリングステアリンググループ(IESG)からの出版が承認されています。インターネット標準の詳細については、RFC 7841のセクション2で入手できます。
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at https://www.rfc-editor.org/info/rfc9249.
このドキュメントの現在のステータス、任意のERRATA、およびそのフィードバックを提供する方法に関する情報は、https://www.rfc-editor.org/info/rfc9249で取得できます。
Copyright Notice
著作権表示
Copyright (c) 2022 IETF Trust and the persons identified as the document authors. All rights reserved.
著作権(c)2022 IETF Trustおよび文書著者として特定された人。全著作権所有。
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.
このドキュメントは、BCP 78およびIETFドキュメント(https://trustee.ietf.org/license-info)に関連するIETF Trustの法的規定の対象となります。この文書に関するあなたの権利と制限を説明するので、これらの文書を注意深く確認してください。このドキュメントから抽出されたコードコンポーネントには、セクション4.Eで説明されている法的規定のセクション4.Eで説明されており、修正されたBSDライセンスで説明されているように保証なしで提供される修正されたBSDライセンステキストを含める必要があります。
Table of Contents
目次
1. Introduction
1.1. Operational State
1.2. Terminology
1.3. Tree Diagrams
1.4. Prefixes in Data Node Names
1.5. References in the Model
1.6. Requirements Language
2. NTP Data Model
3. Relationship with NTPv4-MIB
4. Relationship with RFC 7317
5. Access Rules
6. Key Management
7. NTP Version
8. NTP YANG Module
9. Usage Example
9.1. Unicast Association
9.2. Refclock Master
9.3. Authentication Configuration
9.4. Access Configuration
9.5. Multicast Configuration
9.6. Manycast Configuration
9.7. Clock State
9.8. Get All Association
9.9. Global Statistic
10. IANA Considerations
10.1. IETF XML Registry
10.2. YANG Module Names
11. Security Considerations
12. References
12.1. Normative References
12.2. Informative References
Appendix A. Full YANG Tree
Acknowledgments
Authors' Addresses
This document defines a YANG data model [RFC7950] that can be used to configure and manage Network Time Protocol version 4 [RFC5905]. Note that the model could also be used to configure and manage NTPv3 [RFC1305] (see Section 7).
このドキュメントでは、ネットワークタイムプロトコルバージョン4 [RFC5905]の構成と管理に使用できるYangデータモデル[RFC7950]を定義します。モデルは、NTPV3 [RFC1305]の構成と管理にも使用できることに注意してください(セクション7を参照)。
The data model covers configuration of system parameters of NTP such as access rules, authentication and VPN Routing and Forwarding (VRF) binding, and various modes of NTP and per-interface parameters. It also provides access to information about running state of NTP implementations.
データモデルは、アクセスルール、認証、VPNルーティングおよび転送(VRF)バインディング、およびNTPおよびインターフェイスごとのパラメーターのさまざまなモードなど、NTPのシステムパラメーターの構成をカバーしています。また、NTP実装の状態の実行に関する情報へのアクセスも提供します。
NTP operational state is included in the same tree as NTP configuration, consistent with "Network Management Datastore Architecture (NMDA)" [RFC8342]. NTP current state and statistics are also maintained in the operational state. The operational state also includes the NTP association state.
NTPの動作状態は、「ネットワーク管理データストアアーキテクチャ(NMDA)」[RFC8342]と一致して、NTP構成と同じツリーに含まれています。NTP電流状態と統計も運用状態で維持されています。運用状態には、NTP協会の状態も含まれます。
The terminology used in this document is aligned with [RFC5905] and [RFC1305].
このドキュメントで使用されている用語は、[RFC5905]および[RFC1305]に沿っています。
A simplified graphical representation of the data model is used in this document. This document uses the graphical representation of data models defined in [RFC8340].
このドキュメントでは、データモデルの単純化されたグラフィカルな表現が使用されています。このドキュメントでは、[RFC8340]で定義されたデータモデルのグラフィカルな表現を使用しています。
In this document, names of data nodes and other data model objects are often used without a prefix, as long as it is clear from the context in which YANG module each name is defined. Otherwise, names are prefixed using the standard prefix associated with the corresponding YANG module, as shown in Table 1.
このドキュメントでは、Yangモジュールの各名前が定義されているコンテキストから明らかな限り、データノードおよびその他のデータモデルオブジェクトの名前はプレフィックスなしでよく使用されます。それ以外の場合、表1に示すように、対応するYangモジュールに関連付けられた標準のプレフィックスを使用して名前が付けられます。
+==========+==========================+===========+
| Prefix | YANG Module | Reference |
+==========+==========================+===========+
| yang | ietf-yang-types | [RFC6991] |
+----------+--------------------------+-----------+
| inet | ietf-inet-types | [RFC6991] |
+----------+--------------------------+-----------+
| if | ietf-interfaces | [RFC8343] |
+----------+--------------------------+-----------+
| sys | ietf-system | [RFC7317] |
+----------+--------------------------+-----------+
| acl | ietf-access-control-list | [RFC8519] |
+----------+--------------------------+-----------+
| rt-types | ietf-routing-types | [RFC8294] |
+----------+--------------------------+-----------+
| nacm | ietf-netconf-acm | [RFC8341] |
+----------+--------------------------+-----------+
Table 1: Prefixes and Corresponding YANG Modules
表1:プレフィックスと対応するヤンモジュール
The following documents are referenced in the model defined in this document.
次のドキュメントは、このドキュメントで定義されているモデルで参照されています。
+=======================================+===========+
| Title | Reference |
+=======================================+===========+
| Network Time Protocol Version 4: | [RFC5905] |
| Protocol and Algorithms Specification | |
+---------------------------------------+-----------+
| Common YANG Data Types | [RFC6991] |
+---------------------------------------+-----------+
| A YANG Data Model for System | [RFC7317] |
| Management | |
+---------------------------------------+-----------+
| Common YANG Data Types for the | [RFC8294] |
| Routing Area | |
+---------------------------------------+-----------+
| Network Configuration Access Control | [RFC8341] |
| Model | |
+---------------------------------------+-----------+
| A YANG Data Model for Interface | [RFC8343] |
| Management | |
+---------------------------------------+-----------+
| YANG Data Model for Network Access | [RFC8519] |
| Control Lists (ACLs) | |
+---------------------------------------+-----------+
| Message Authentication Code for the | [RFC8573] |
| Network Time Protocol | |
+---------------------------------------+-----------+
| The AES-CMAC Algorithm | [RFC4493] |
+---------------------------------------+-----------+
| The MD5 Message-Digest Algorithm | [RFC1321] |
+---------------------------------------+-----------+
| US Secure Hash Algorithm 1 (SHA1) | [RFC3174] |
+---------------------------------------+-----------+
| FIPS 180-4: Secure Hash Standard | [SHS] |
| (SHS) | |
+---------------------------------------+-----------+
Table 2: References in the YANG Module
表2:Yangモジュールの参照
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.
この文書のキーワード "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", および "OPTIONAL" はBCP 14 [RFC2119] [RFC8174]で説明されているように、すべて大文字の場合にのみ解釈されます。
This document defines the YANG module "ietf-ntp", which has the following condensed structure:
このドキュメントでは、次の凝縮構造を備えたYangモジュール「IETF-NTP」を定義します。
module: ietf-ntp
+--rw ntp!
+--rw port? inet:port-number {ntp-port}?
+--rw refclock-master!
| +--rw master-stratum? ntp-stratum
+--rw authentication {authentication}?
| +--rw auth-enabled? boolean
| +--rw authentication-keys* [keyid]
| +--rw keyid uint32
| +--...
+--rw access-rules {access-rules}?
| +--rw access-rule* [access-mode]
| +--rw access-mode identityref
| +--rw acl? -> /acl:acls/acl/name
+--ro clock-state
| +--ro system-status
| +--ro clock-state identityref
| +--ro clock-stratum ntp-stratum
| +--ro clock-refid refid
| +--...
+--rw unicast-configuration* [address type]
| {unicast-configuration}?
| +--rw address inet:ip-address
| +--rw type identityref
| +--...
+--rw associations
| +--ro association* [address local-mode isconfigured]
| +--ro address inet:ip-address
| +--ro local-mode identityref
| +--ro isconfigured boolean
| +--...
| +--ro ntp-statistics
| +--...
+--rw interfaces
| +--rw interface* [name]
| +--rw name if:interface-ref
| +--rw broadcast-server! {broadcast-server}?
| | +--...
| +--rw broadcast-client! {broadcast-client}?
| +--rw multicast-server* [address] {multicast-server}?
| | +--rw address
| | | rt-types:ip-multicast-group-address
| | +--...
| +--rw multicast-client* [address] {multicast-client}?
| | +--rw address rt-types:ip-multicast-group-address
| +--rw manycast-server* [address] {manycast-server}?
| | +--rw address rt-types:ip-multicast-group-address
| +--rw manycast-client* [address] {manycast-client}?
| +--rw address
| | rt-types:ip-multicast-group-address
| +--...
+--ro ntp-statistics
+--...
rpcs:
+---x statistics-reset
+---w input
+---w (association-or-all)?
+--:(association)
| +---w associations-address?
| | -> /ntp/associations/association/address
| +---w associations-local-mode?
| | -> /ntp/associations/association/local-mode
| +---w associations-isconfigured?
| -> /ntp/associations/association/isconfigured
+--:(all)
The full data model tree for the YANG module "ietf-ntp" is in Appendix A.
Yangモジュール「IETF-NTP」の完全なデータモデルツリーは、付録Aにあります。
This data model defines one top-level container that includes both the NTP configuration and the NTP running state including access rules, authentication, associations, unicast configurations, interfaces, system status, and associations.
このデータモデルは、アクセスルール、認証、アソシエーション、ユニキャスト構成、インターフェイス、システムステータス、および関連付けなど、NTP構成とNTP実行状態の両方を含む1つのトップレベルコンテナを定義します。
If the device implements the NTPv4-MIB [RFC5907], data nodes from the YANG module can be mapped to table entries in the NTPv4-MIB.
デバイスがNTPV4-MIB [RFC5907]を実装する場合、YangモジュールからのデータノードをNTPV4-MIBのテーブルエントリにマッピングできます。
The following tables list the YANG data nodes with corresponding objects in the NTPv4-MIB.
次の表には、ntpv4-mibの対応するオブジェクトを持つYangデータノードがリストされています。
+===========================+====================================+
| YANG Data Nodes in /ntp/ | NTPv4-MIB Objects |
| clock-state/system-status | |
+===========================+====================================+
| clock-state | ntpEntStatusCurrentMode |
+---------------------------+------------------------------------+
| clock-stratum | ntpEntStatusStratum |
+---------------------------+------------------------------------+
| clock-refid | ntpEntStatusActiveRefSourceId |
| | ntpEntStatusActiveRefSourceName |
+---------------------------+------------------------------------+
| clock-precision | ntpEntTimePrecision |
+---------------------------+------------------------------------+
| clock-offset | ntpEntStatusActiveOffset |
+---------------------------+------------------------------------+
| root-dispersion | ntpEntStatusDispersion |
+---------------------------+------------------------------------+
Table 3: YANG NTP Data Nodes in /ntp/clock-state/system-status
and Related NTPv4-MIB Objects
+=======================================+===========================+
| YANG Data Nodes in | NTPv4-MIB Objects |
| /ntp/associations/ | |
+=======================================+===========================+
| address | ntpAssocAddressType |
| | ntpAssocAddress |
+---------------------------------------+---------------------------+
| stratum | ntpAssocStratum |
+---------------------------------------+---------------------------+
| refid | ntpAssocRefId |
+---------------------------------------+---------------------------+
| offset | ntpAssocOffset |
+---------------------------------------+---------------------------+
| delay | ntpAssocStatusDelay |
+---------------------------------------+---------------------------+
| dispersion | ntpAssocStatusDispersion |
+---------------------------------------+---------------------------+
| ntp-statistics/ | ntpAssocStatOutPkts |
| packet-sent | |
+---------------------------------------+---------------------------+
| ntp-statistics/ | ntpAssocStatInPkts |
| packet-received | |
+---------------------------------------+---------------------------+
| ntp-statistics/ | ntpAssocStatProtocolError |
| packet-dropped | |
+---------------------------------------+---------------------------+
Table 4: YANG NTP Data Nodes in /ntp/associations/ and Related
NTPv4-MIB Objects
This section describes the relationship with definition of NTP in Section 3.2 (System Time Management) of [RFC7317]. YANG data nodes in /ntp/ also support per-interface configuration, which is not supported in /system/ntp. If the YANG data model defined in this document is implemented, then /system/ntp SHOULD NOT be used and MUST be ignored.
このセクションでは、[RFC7317]のセクション3.2(システム時間管理)のNTPの定義との関係について説明します。/ntpのYangデータノード /インターフェイスごとの構成もサポートしていますが、これは /system /ntpでサポートされていません。このドキュメントで定義されているYangデータモデルが実装されている場合、 /system /ntpを使用しないでください。無視する必要があります。
+==========================+================================+
| YANG Data Nodes in /ntp/ | YANG Data Nodes in /system/ntp |
+==========================+================================+
| ntp! | enabled |
+--------------------------+--------------------------------+
| unicast-configuration | server |
| | server/name |
+--------------------------+--------------------------------+
| unicast-configuration/ | server/transport/udp/address |
| address | |
+--------------------------+--------------------------------+
| unicast-configuration/ | server/transport/udp/port |
| port | |
+--------------------------+--------------------------------+
| unicast-configuration/ | server/association-type |
| type | |
+--------------------------+--------------------------------+
| unicast-configuration/ | server/iburst |
| iburst | |
+--------------------------+--------------------------------+
| unicast-configuration/ | server/prefer |
| prefer | |
+--------------------------+--------------------------------+
Table 5: YANG NTP Configuration Data Nodes and Counterparts from RFC 7317
表5:Yang NTP構成データノードとRFC 7317のカウンターパート
The access rules in this section refer to the on-the-wire access control to the NTP service and are completely independent of any management API access control, e.g., NETCONF Access Control Model (NACM) [RFC8341].
このセクションのアクセスルールは、NTPサービスへのオンザワイヤアクセスコントロールを参照しており、NetConf Access Controlモデル(NACM)[RFC8341]など、管理APIアクセスコントロールなどとは完全に独立しています。
An Access Control List (ACL) is one of the basic elements used to configure device-forwarding behavior. An ACL is a user-ordered set of rules that is used to filter traffic on a networking device.
アクセス制御リスト(ACL)は、デバイスフォードの動作を構成するために使用される基本要素の1つです。ACLは、ネットワークデバイスのトラフィックをフィルタリングするために使用されるユーザー順序のルールセットです。
As per [RFC1305] (for NTPv3) and [RFC5905] (for NTPv4), NTP could include an access-control feature that prevents unauthorized access and that controls which peers are allowed to update the local clock. Further, it is useful to differentiate between the various kinds of access and attach a different acl-rule to each. For this, the YANG module allows such configuration via /ntp/access-rules. The access-rule itself is configured via [RFC8519].
[RFC1305](NTPV3の場合)および[RFC5905](NTPV4の場合)によると、NTPには、不正アクセスを防ぎ、ピアがローカルクロックを更新できるようにするアクセス制御機能を含めることができます。さらに、さまざまな種類のアクセスを区別し、それぞれに異なるACLルールを取り付けることが役立ちます。このため、Yangモジュールは、 /ntp /アクセスルール経由でそのような構成を許可します。アクセスルール自体は[RFC8519]を介して構成されています。
The following access-modes are supported:
次のアクセスモードがサポートされています。
Peer: Permit others to synchronize their time with the NTP entity or vice versa. NTP control queries are also accepted.
ピア:他の人が自分の時間をNTPエンティティと同期させるか、その逆を許可します。NTP制御クエリも受け入れられます。
Server: Permit others to synchronize their time with the NTP entity, but vice versa is not supported. NTP control queries are accepted.
サーバー:他の人が自分の時間をNTPエンティティと同期させることを許可しますが、その逆もサポートされていません。NTP制御クエリは受け入れられます。
Server-only: Permit others to synchronize their time with the NTP entity, but vice versa is not supported. NTP control queries are not accepted.
サーバーのみ:他の人が自分の時間をNTPエンティティと同期させることを許可しますが、その逆もサポートされていません。NTP制御クエリは受け入れられません。
Query-only: Only control queries are accepted.
クエリのみ:コントロールクエリのみが受け入れられます。
Query-only is the most restricted whereas the peer is the full access authority. The ability to give different ACL rules for different access-modes allows for a greater control by the operator.
クエリのみが最も制限されているのに対し、ピアはフルアクセス機関です。さまざまなアクセスモードに対して異なるACLルールを提供する機能により、オペレーターによるより大きな制御が可能になります。
As per [RFC1305] (for NTPv3) and [RFC5905] (for NTPv4), when authentication is enabled, NTP employs a crypto-checksum, computed by the sender and checked by the receiver, together with a set of predistributed algorithms, and cryptographic keys indexed by a key identifier included in the NTP message. This keyid is a 32-bit unsigned integer that MUST be configured on the NTP peers before the authentication can be used. For this reason, this YANG module allows such configuration via /ntp/authentication/authentication-keys/. Further at the time of configuration of NTP association (for example, unicast server), the keyid is specified.
[rfc1305](ntpv3の場合)および[rfc5905](ntpv4の場合)に従って、認証が有効になると、NTPは、送信者によって計算され、受信者によってチェックされた暗号チェックサムを採用し、下院のアルゴリズムのセットとクリプトグラフィーを使用します。NTPメッセージに含まれるキー識別子によってインデックス付けされたキー。このkeyIDは、認証を使用する前にNTPピアで構成する必要がある32ビットの符号なし整数です。このため、このYangモジュールは、/ntp/authentication/authentication-keys/を介してそのような構成を許可します。さらに、NTP Associationの構成(ユニキャストサーバーなど)の構成時には、KeyIDが指定されています。
The 'nacm:default-deny-all' is used to prevent retrieval of the actual key information after it is set.
「NACM:Default-Deny-All」は、設定された後の実際のキー情報の取得を防ぐために使用されます。
This YANG data model allows a version to be configured for the NTP association, i.e., an operator can control the use of NTPv3 [RFC1305] or NTPv4 [RFC5905] for each association it forms. This allows backward compatibility with a legacy system. Note that NTPv3 [RFC1305] is obsoleted by NTPv4 [RFC5905].
このYangデータモデルを使用すると、NTPアソシエーション用にバージョンを構成できます。つまり、オペレーターは、それが形成する各関連性に対してNTPV3 [RFC1305]またはNTPV4 [RFC5905]の使用を制御できます。これにより、レガシーシステムとの後方互換性が可能になります。NTPV3 [RFC1305]はNTPV4 [RFC5905]によって廃止されていることに注意してください。
<CODE BEGINS> file "ietf-ntp@2022-07-05.yang"
module ietf-ntp {
yang-version 1.1;
namespace "urn:ietf:params:xml:ns:yang:ietf-ntp";
prefix ntp;
import ietf-yang-types {
prefix yang;
reference
"RFC 6991: Common YANG Data Types";
}
import ietf-inet-types {
prefix inet;
reference
"RFC 6991: Common YANG Data Types";
}
import ietf-interfaces {
prefix if;
reference
"RFC 8343: A YANG Data Model for Interface Management";
}
import ietf-system {
prefix sys;
reference
"RFC 7317: A YANG Data Model for System Management";
}
import ietf-access-control-list {
prefix acl;
reference
"RFC 8519: YANG Data Model for Network Access Control
Lists (ACLs)";
}
import ietf-routing-types {
prefix rt-types;
reference
"RFC 8294: Common YANG Data Types for the Routing Area";
}
import ietf-netconf-acm {
prefix nacm;
reference
"RFC 8341: Network Configuration Access Control Model";
}
organization
"IETF NTP (Network Time Protocol) Working Group";
contact
"WG Web: <https://datatracker.ietf.org/wg/ntp/>
WG List: <mailto: ntp@ietf.org
Editor: Dhruv Dhody
<mailto:dhruv.ietf@gmail.com>
Editor: Ankit Kumar Sinha
<mailto:ankit.ietf@gmail.com>";
description
"This document defines a YANG data model that can be used
to configure and manage Network Time Protocol (NTP) version 4.
It can also be used to configure and manage version 3.
The data model includes configuration data and state data.
The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document are to be interpreted as described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, they appear in all capitals, as shown here.
「必須」、「必要」、「必要」、「そうでなければ」、「そうでない」、「そうでない」、「そうではない」、「勧めない」、「推奨」、「5月」、オプション'このドキュメントでは、BCP 14(RFC 2119)(RFC 8174)で説明されているように解釈されます。
Copyright (c) 2022 IETF Trust and the persons identified as authors of the code. All rights reserved.
Copyright(c)2022 IETF TrustおよびCodeの著者として特定された人。全著作権所有。
Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the Revised BSD License set forth in Section 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info).
変更とバイナリ形式での再配布と使用は、変更の有無にかかわらず、IETF Trustの法的規定(IETFドキュメントに関する法的規定)のセクション4.Cに記載されている修正されたBSDライセンスに基づいて許可されており、ライセンス条件に従います。https://trustee.ietf.org/license-info)。
This version of this YANG module is part of RFC 9249; see the RFC itself for full legal notices.";
このYangモジュールのこのバージョンは、RFC 9249の一部です。完全な法的通知については、RFC自体を参照してください。」;
revision 2022-07-05 {
description
"Initial revision";
reference
"RFC 9249: A YANG Data Model for NTP";
}
/* Typedef Definitions */
typedef ntp-stratum {
type uint8 {
range "1..16";
}
description
"The level of each server in the hierarchy is defined by
a stratum. Primary servers are assigned with stratum
one; secondary servers at each lower level are assigned with
one stratum greater than the preceding level.";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 3";
}
typedef ntp-version {
type uint8 {
range "3..max";
}
default "4";
description
"The current NTP version supported by the corresponding
association";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 1";
}
typedef refid {
type union {
type inet:ipv4-address;
type uint32;
type string {
length "4";
}
}
description
"A code identifying the particular server or reference
clock. The interpretation depends upon stratum. It
could be an IPv4 address, the first 32 bits of the MD5 hash
of the IPv6 address, or a string for the Reference Identifier
and kiss codes. Some examples:
-- a refclock ID like '127.127.1.0' for local clock sync
- ローカルクロック同期のための「127.127.1.0」のようなrefcrockID
-- uni/multi/broadcast associations for IPv4 will look like '203.0.113.1' and '0x4321FEDC' for IPv6
-IPv4のUni/Multi/Broadcast Associationsは、IPv6の「203.0.113.1」および「0x4321FEDC」のように見えます
-- sync with a primary source will look like 'DCN', 'NIST', 'ATOM'
- 主要なソースと同期すると、「dcn」、「nist」、「atom」のように見えます
-- kiss codes will look like 'AUTH', 'DROP', or 'RATE'
- キスコードは「auth」、「ドロップ」、または「レート」のようになります
Note that the use of an MD5 hash for IPv6 addresses is not
for cryptographic purposes.";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 7.3";
}
typedef ntp-date-and-time {
type union {
type yang:date-and-time;
type uint8;
}
description
"Follows the date-and-time format when valid values exist.
Otherwise, allows for setting a special value such as
zero.";
reference
"RFC 6991: Common YANG Data Types";
}
typedef log2seconds {
type int8;
description
"An 8-bit signed integer that represents signed log2
seconds.";
}
/* features */
feature ntp-port {
description
"Support for NTP port configuration";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 7.2";
}
feature authentication {
description
"Support for NTP symmetric key authentication";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 7.3";
}
feature deprecated {
description
"Support deprecated MD5-based authentication (RFC 8573),
SHA-1, or any other deprecated authentication mechanism.
It is enabled to support legacy compatibility when secure
cryptographic algorithms are not available to use.
It is also used to configure keystrings in ASCII format.";
reference
"RFC 1321: The MD5 Message-Digest Algorithm,
RFC 3174: US Secure Hash Algorithm 1 (SHA1),
SHS: Secure Hash Standard (SHS) (FIPS PUB 180-4)";
}
feature hex-key-string {
description
"Support hexadecimal key string";
}
feature access-rules {
description
"Support for NTP access control";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 9.2";
}
feature unicast-configuration {
description
"Support for NTP client/server or active/passive
in unicast";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 3";
}
feature broadcast-server {
description
"Support for broadcast server";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 3";
}
feature broadcast-client {
description
"Support for broadcast client";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 3";
}
feature multicast-server {
description
"Support for multicast server";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 3.1";
}
feature multicast-client {
description
"Support for multicast client";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 3.1";
}
feature manycast-server {
description
"Support for manycast server";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 3.1";
}
feature manycast-client {
description
"Support for manycast client";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 3.1";
}
/* Identity */
/* unicast-configurations types */
identity unicast-configuration-type {
if-feature "unicast-configuration";
description
"This defines NTP unicast mode of operation as used
for unicast-configurations.";
}
identity uc-server {
if-feature "unicast-configuration";
base unicast-configuration-type;
description
"Use client association mode where the unicast server
address is configured.";
}
identity uc-peer {
if-feature "unicast-configuration";
base unicast-configuration-type;
description
"Use symmetric active association mode where the peer
address is configured.";
}
/* association-modes */
identity association-mode {
description
"The NTP association modes";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 3";
}
identity active {
base association-mode;
description
"Use symmetric active association mode (mode 1).
This device may synchronize with its NTP peer
or provide synchronization to a configured NTP peer.";
}
identity passive {
base association-mode;
description
"Use symmetric passive association mode (mode 2).
This device has learned this association dynamically.
This device may synchronize with its NTP peer.";
}
identity client {
base association-mode;
description
"Use client association mode (mode 3).
This device will not provide synchronization
to the configured NTP server.";
}
identity server {
base association-mode;
description
"Use server association mode (mode 4).
This device will provide synchronization to
NTP clients.";
}
identity broadcast-server {
base association-mode;
description
"Use broadcast server mode (mode 5).
This mode defines that it's either working
as a broadcast server or a multicast server.";
}
identity broadcast-client {
base association-mode;
description
"This mode defines that it's either working
as a broadcast client (mode 6) or a multicast client.";
}
/* access-mode */
identity access-mode {
if-feature "access-rules";
description
"This defines NTP access-modes. These identify
how the ACL is applied with NTP.";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 9.2";
}
identity peer-access-mode {
if-feature "access-rules";
base access-mode;
description
"Permit others to synchronize their time with this NTP
or vice versa.
NTP control queries are also accepted. This enables
full access authority.";
}
identity server-access-mode {
if-feature "access-rules";
base access-mode;
description
"Permit others to synchronize their time with this NTP
entity, but vice versa is not supported. NTP control
queries are accepted.";
}
identity server-only-access-mode {
if-feature "access-rules";
base access-mode;
description
"Permit others to synchronize their time with this NTP
entity, but vice versa is not supported. NTP control
queries are not accepted.";
}
identity query-only-access-mode {
if-feature "access-rules";
base access-mode;
description
"Only control queries are accepted.";
}
/* clock-state */
identity clock-state {
description
"This defines NTP clock status at a high level.";
}
identity synchronized {
base clock-state;
description
"Indicates that the local clock has been synchronized with
an NTP server or the reference clock.";
}
identity unsynchronized {
base clock-state;
description
"Indicates that the local clock has not been synchronized
with any NTP server.";
}
/* ntp-sync-state */
identity ntp-sync-state {
description
"This defines NTP clock sync state at a more granular
level. Referred to as 'Clock state definitions' in
RFC 5905.";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Appendix A.1.1";
}
identity clock-never-set {
base ntp-sync-state;
description
"Indicates the clock was never set.";
}
identity freq-set-by-cfg {
base ntp-sync-state;
description
"Indicates the clock frequency is set by
NTP configuration or file.";
}
identity spike {
base ntp-sync-state;
description
"Indicates a spike is detected.";
}
identity freq {
base ntp-sync-state;
description
"Indicates the frequency mode.";
}
identity clock-synchronized {
base ntp-sync-state;
description
"Indicates that the clock is synchronized.";
}
/* crypto-algorithm */
identity crypto-algorithm {
description
"Base identity of cryptographic algorithm options.";
}
identity md5 {
if-feature "deprecated";
base crypto-algorithm;
description
"The MD5 algorithm. Note that RFC 8573
deprecates the use of MD5-based authentication.";
reference
"RFC 1321: The MD5 Message-Digest Algorithm";
}
identity sha-1 {
if-feature "deprecated";
base crypto-algorithm;
description
"The SHA-1 algorithm";
reference
"RFC 3174: US Secure Hash Algorithm 1 (SHA1)";
}
identity hmac-sha-1 {
if-feature "deprecated";
base crypto-algorithm;
description
"HMAC-SHA-1 authentication algorithm";
reference
"SHS: Secure Hash Standard (SHS) (FIPS PUB 180-4)";
}
identity hmac-sha1-12 {
if-feature "deprecated";
base crypto-algorithm;
description
"The HMAC-SHA1-12 algorithm";
}
identity hmac-sha-256 {
description
"HMAC-SHA-256 authentication algorithm";
reference
"SHS: Secure Hash Standard (SHS) (FIPS PUB 180-4)";
}
identity hmac-sha-384 {
description
"HMAC-SHA-384 authentication algorithm";
reference
"SHS: Secure Hash Standard (SHS) (FIPS PUB 180-4)";
}
identity hmac-sha-512 {
description
"HMAC-SHA-512 authentication algorithm";
reference
"SHS: Secure Hash Standard (SHS) (FIPS PUB 180-4)";
}
identity aes-cmac {
base crypto-algorithm;
description
"The AES-CMAC algorithm -- required by
RFC 8573 for MAC for the NTP.";
reference
"RFC 4493: The AES-CMAC Algorithm,
RFC 8573: Message Authentication Code for the Network
Time Protocol";
}
/* Groupings */
grouping key {
description
"The key";
nacm:default-deny-all;
choice key-string-style {
description
"Key string styles";
case keystring {
leaf keystring {
if-feature "deprecated";
type string;
description
"Key string in ASCII format";
}
}
case hexadecimal {
if-feature "hex-key-string";
leaf hexadecimal-string {
type yang:hex-string;
description
"Key in hexadecimal string format. When compared
to ASCII, specification in hexadecimal affords
greater key entropy with the same number of
internal key-string octets. Additionally, it
discourages use of well-known words or
numbers.";
}
}
}
}
grouping authentication-key {
description
"To define an authentication key for an NTP
time source.";
leaf keyid {
type uint32 {
range "1..max";
}
description
"Authentication key identifier";
}
leaf algorithm {
type identityref {
base crypto-algorithm;
}
description
"Authentication algorithm. Note that RFC 8573
deprecates the use of MD5-based authentication
and recommends AES-CMAC.";
}
container key {
uses key;
description
"The key. Note that RFC 8573 deprecates the use
of MD5-based authentication.";
}
leaf istrusted {
type boolean;
description
"Keyid is trusted or not";
}
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Sections 7.3 and 7.4";
}
grouping authentication {
description
"Authentication";
choice authentication-type {
description
"Type of authentication";
case symmetric-key {
leaf keyid {
type leafref {
path "/ntp:ntp/ntp:authentication/"
+ "ntp:authentication-keys/ntp:keyid";
}
description
"Authentication key id referenced in this
association.";
}
}
}
}
grouping statistics {
description
"NTP packet statistic";
leaf discontinuity-time {
type ntp-date-and-time;
description
"The time on the most recent occasion at which any one or
more of these NTP counters suffered a discontinuity. If
no such discontinuities have occurred, then this node
contains the time the NTP association was
(re-)initialized.";
}
leaf packet-sent {
type yang:counter32;
description
"The total number of NTP packets delivered to the
transport service by this NTP entity for this
association.
Discontinuities in the value of this counter can occur
upon cold start, reinitialization of the NTP entity or the
management system, and at other times.";
}
leaf packet-sent-fail {
type yang:counter32;
description
"The number of times NTP packet sending failed.";
}
leaf packet-received {
type yang:counter32;
description
"The total number of NTP packets delivered to the
NTP entity from this association.
Discontinuities in the value of this counter can occur
upon cold start, reinitialization of the NTP entity or the
management system, and at other times.";
}
leaf packet-dropped {
type yang:counter32;
description
"The total number of NTP packets that were delivered
to this NTP entity from this association and that this
entity was not able to process due to an NTP error.
Discontinuities in the value of this counter can occur
upon cold start, reinitialization of the NTP entity or the
management system, and at other times.";
}
}
grouping common-attributes {
description
"NTP common attributes for configuration";
leaf minpoll {
type log2seconds;
default "6";
description
"The minimum poll interval used in this association";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 7.2";
}
leaf maxpoll {
type log2seconds;
default "10";
description
"The maximum poll interval used in this association";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 7.2";
}
leaf port {
if-feature "ntp-port";
type inet:port-number {
range "123 | 1024..max";
}
default "123";
description
"Specify the port used to send NTP packets.";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 7.2";
}
leaf version {
type ntp-version;
description
"NTP version";
}
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification";
}
grouping association-ref {
description
"Reference to NTP association mode";
leaf associations-address {
type leafref {
path "/ntp:ntp/ntp:associations/ntp:association"
+ "/ntp:address";
}
description
"Indicates the association's address
that results in clock synchronization.";
}
leaf associations-local-mode {
type leafref {
path "/ntp:ntp/ntp:associations/ntp:association"
+ "/ntp:local-mode";
}
description
"Indicates the association's local-mode
that results in clock synchronization.";
}
leaf associations-isconfigured {
type leafref {
path "/ntp:ntp/ntp:associations/ntp:association/"
+ "ntp:isconfigured";
}
description
"Indicates if the association (that resulted in the
clock synchronization) is explicitly configured.";
}
}
container ntp {
when 'false() = boolean(/sys:system/sys:ntp)' {
description
"Applicable when the system /sys/ntp/ is not used.";
}
presence "NTP is enabled and system should attempt to
synchronize the system clock with an NTP server
from the 'ntp/associations' list.";
description
"Configuration parameters for NTP";
leaf port {
if-feature "ntp-port";
type inet:port-number {
range "123 | 1024..max";
}
default "123";
description
"Specify the port used to send and receive NTP packets.";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 7.2";
}
container refclock-master {
presence "NTP master clock is enabled.";
description
"Configures the local clock of this device as NTP server.";
leaf master-stratum {
type ntp-stratum;
default "16";
description
"Stratum level from which NTP clients get their time
synchronized.";
}
}
container authentication {
if-feature "authentication";
description
"Configuration of authentication";
leaf auth-enabled {
type boolean;
default "false";
description
"Controls whether NTP authentication is enabled
or disabled on this device.";
}
list authentication-keys {
key "keyid";
uses authentication-key;
description
"List of authentication keys";
}
}
container access-rules {
if-feature "access-rules";
description
"Configuration to control access to NTP service
by using the NTP access-group feature.
The access-mode identifies how the ACL is
applied with NTP.";
list access-rule {
key "access-mode";
description
"List of access rules";
leaf access-mode {
type identityref {
base access-mode;
}
description
"The NTP access-mode. Some of the possible values
include peer, server, synchronization, query,
etc.";
}
leaf acl {
type leafref {
path "/acl:acls/acl:acl/acl:name";
}
description
"Control access configuration to be used.";
}
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 9.2";
}
}
container clock-state {
config false;
description
"Clock operational state of the NTP";
container system-status {
description
"System status of NTP";
leaf clock-state {
type identityref {
base clock-state;
}
mandatory true;
description
"The state of the system clock. Some of the possible
values include synchronized and unsynchronized.";
}
leaf clock-stratum {
type ntp-stratum;
mandatory true;
description
"The NTP entity's own stratum value. Should be one
greater than the preceding level.
16 if unsynchronized.";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 3";
}
leaf clock-refid {
type refid;
mandatory true;
description
"A code identifying the particular server or reference
clock. The interpretation depends upon stratum. It
could be an IPv4 address, the first 32 bits of the MD5
hash of the IPv6 address, or a string for the Reference
Identifier and kiss codes. Some examples:
-- a refclock ID like '127.127.1.0' for local clock sync
- ローカルクロック同期のための「127.127.1.0」のようなrefcrockID
-- uni/multi/broadcast associations for IPv4 will look like '203.0.113.1' and '0x4321FEDC' for IPv6
-IPv4のUni/Multi/Broadcast Associationsは、IPv6の「203.0.113.1」および「0x4321FEDC」のように見えます
-- sync with primary source will look like 'DCN', 'NIST', 'ATOM'
- プライマリソースと同期すると、「DCN」、「nist」、「atom」のように見えます
-- kiss codes will look like 'AUTH', 'DROP', 'RATE'
- キスコードは「auth」、「ドロップ」、「レート」のようになります
Note that the use of MD5 hash for IPv6 address is not
for cryptographic purposes.";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 7.3";
}
uses association-ref {
description
"Reference to association";
}
leaf nominal-freq {
type decimal64 {
fraction-digits 4;
}
units "Hz";
mandatory true;
description
"The nominal frequency of the local clock. An ideal
frequency with zero uncertainty.";
}
leaf actual-freq {
type decimal64 {
fraction-digits 4;
}
units "Hz";
mandatory true;
description
"The actual frequency of the local clock";
}
leaf clock-precision {
type log2seconds;
mandatory true;
description
"Clock precision of this system in signed integer format,
in log 2 seconds - (prec=2^(-n)). A value of 5 would
mean 2^-5 = 0.03125 seconds = 31.25 ms.";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 7.3";
}
leaf clock-offset {
type decimal64 {
fraction-digits 3;
}
units "milliseconds";
description
"The signed time offset to the current selected reference
time source, e.g., '0.032ms' or '1.232ms'. The negative
value indicates that the local clock is behind the
current selected reference time source.";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 9.1";
}
leaf root-delay {
type decimal64 {
fraction-digits 3;
}
units "milliseconds";
description
"Total delay along the path to the root clock";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Sections 4 and 7.3";
}
leaf root-dispersion {
type decimal64 {
fraction-digits 3;
}
units "milliseconds";
description
"The dispersion to the local clock
and the root clock, e.g., '6.927ms'.";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Sections 4, 7.3, and 10";
}
leaf reference-time {
type ntp-date-and-time;
description
"The reference timestamp. Time when the system clock was
last set or corrected.";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 7.3";
}
leaf sync-state {
type identityref {
base ntp-sync-state;
}
mandatory true;
description
"The synchronization status of the local clock. Referred
to as 'Clock state definitions' in RFC 5905.";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Appendix A.1.1";
}
}
}
list unicast-configuration {
if-feature "unicast-configuration";
key "address type";
description
"List of NTP unicast-configurations";
leaf address {
type inet:ip-address;
description
"Address of this association";
}
leaf type {
type identityref {
base unicast-configuration-type;
}
description
"The unicast configuration type, for example,
unicast-server";
}
container authentication {
if-feature "authentication";
description
"Authentication used for this association";
uses authentication;
}
leaf prefer {
type boolean;
default "false";
description
"Whether or not this association is preferred";
}
leaf burst {
type boolean;
default "false";
description
"If set, a series of packets are sent instead of a single
packet within each synchronization interval to achieve
faster synchronization.";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol
and Algorithms Specification, Section 13.1";
}
leaf iburst {
type boolean;
default "false";
description
"If set, a series of packets are sent instead of a single
packet within the initial synchronization interval to
achieve faster initial synchronization.";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol
and Algorithms Specification, Section 13.1";
}
leaf source {
type if:interface-ref;
description
"The interface whose IP address is used by this association
as the source address.";
}
uses common-attributes {
description
"Common attributes like port, version, and min and max
poll.";
}
}
container associations {
description
"Association parameters";
list association {
key "address local-mode isconfigured";
config false;
description
"List of NTP associations. Here address, local-mode,
and isconfigured are required to uniquely identify
a particular association. Let's take the following
examples:
1) If RT1 is acting as broadcast server and RT2 is acting as broadcast client, then RT2 will form a dynamic association with the address as RT1, local-mode as client, and isconfigured as false.
1) RT1がブロードキャストサーバーとして機能し、RT2がブロードキャストクライアントとして機能している場合、RT2はRT1としてアドレス、クライアントとしてローカルモード、およびfalseとしてISConfiguredとして動的な関連付けを形成します。
2) When RT2 is configured with unicast server RT1, then RT2 will form an association with the address as RT1, local-mode as client, and isconfigured as true.
2) RT2がUnicast Server RT1で構成されている場合、RT2はアドレスとRT1、クライアントとしてローカルモード、およびISConfiguredとの関連付けを形成します。
Thus, all three leaves are needed as key to uniquely
identify the association.";
leaf address {
type inet:ip-address;
description
"The remote address of this association. Represents the
IP address of a unicast/multicast/broadcast address.";
}
leaf local-mode {
type identityref {
base association-mode;
}
description
"Local-mode of this NTP association";
}
leaf isconfigured {
type boolean;
description
"Indicates if this association is configured (true) or
dynamically learned (false).";
}
leaf stratum {
type ntp-stratum;
description
"The association stratum value";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 3";
}
leaf refid {
type refid;
description
"A code identifying the particular server or reference
clock. The interpretation depends upon stratum. It
could be an IPv4 address or first 32 bits of the MD5
hash of the IPv6 address or a string for the Reference
Identifier and kiss codes. Some examples:
-- a refclock ID like '127.127.1.0' for local clock sync
- ローカルクロック同期のための「127.127.1.0」のようなrefcrockID
-- uni/multi/broadcast associations for IPv4 will look like '203.0.113.1' and '0x4321FEDC' for IPv6
-IPv4のUni/Multi/Broadcast Associationsは、IPv6の「203.0.113.1」および「0x4321FEDC」のように見えます
-- sync with primary source will look like 'DCN', 'NIST', or 'ATOM'
- プライマリソースと同期すると、「dcn」、「nist」、または 'atom'のように見えます
-- kiss codes will look like 'AUTH', 'DROP', or 'RATE'
- キスコードは「auth」、「ドロップ」、または「レート」のようになります
Note that the use of an MD5 hash for IPv6 address is
not for cryptographic purposes.";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 7.3";
}
leaf authentication {
if-feature "authentication";
type leafref {
path "/ntp:ntp/ntp:authentication/"
+ "ntp:authentication-keys/ntp:keyid";
}
description
"Authentication key used for this association";
}
leaf prefer {
type boolean;
default "false";
description
"Indicates if this association is preferred";
}
leaf peer-interface {
type if:interface-ref;
description
"The interface that is used for communication";
}
uses common-attributes {
description
"Common attributes like port, version, and min and
max poll";
}
leaf reach {
type uint8;
description
"An 8-bit shift register that tracks packet
generation and receipt. It is used to determine
whether the server is reachable and the data are
fresh.";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Sections 9.2 and 13";
}
leaf unreach {
type uint8;
units "seconds";
description
"A count of how long in second the server has been
unreachable, i.e., the reach value has been zero.";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Sections 9.2 and 13";
}
leaf poll {
type log2seconds;
description
"The polling interval for current association in signed
log2 seconds.";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 7.3";
}
leaf now {
type uint32;
units "seconds";
description
"The time since the last NTP packet was
received or last synchronized.";
}
leaf offset {
type decimal64 {
fraction-digits 3;
}
units "milliseconds";
description
"The signed offset between the local clock
and the peer clock, e.g., '0.032ms' or '1.232ms'. The
negative value indicates that the local clock is behind
the peer.";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 8";
}
leaf delay {
type decimal64 {
fraction-digits 3;
}
units "milliseconds";
description
"The network delay between the local clock
and the peer clock";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 8";
}
leaf dispersion {
type decimal64 {
fraction-digits 3;
}
units "milliseconds";
description
"The root dispersion between the local clock
and the peer clock.";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 10";
}
leaf originate-time {
type ntp-date-and-time;
description
"This is the local time, in timestamp format,
when the latest NTP packet was sent to the peer
(called T1).";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol and
Algorithms Specification, Section 8";
}
leaf receive-time {
type ntp-date-and-time;
description
"This is the local time, in timestamp format,
when the latest NTP packet arrived at the peer
(called T2). If the peer becomes unreachable,
the value is set to zero.";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol
and Algorithms Specification, Section 8";
}
leaf transmit-time {
type ntp-date-and-time;
description
"This is the local time, in timestamp format,
at which the NTP packet departed the peer
(called T3). If the peer becomes unreachable,
the value is set to zero.";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol
and Algorithms Specification, Section 8";
}
leaf input-time {
type ntp-date-and-time;
description
"This is the local time, in timestamp format,
when the latest NTP message from the peer arrived
(called T4). If the peer becomes unreachable,
value is set to zero.";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol
and Algorithms Specification, Section 8";
}
container ntp-statistics {
description
"Per peer packet send and receive statistics";
uses statistics {
description
"NTP send and receive packet statistics";
}
}
}
}
container interfaces {
description
"Configuration parameters for NTP interfaces";
list interface {
key "name";
description
"List of interfaces";
leaf name {
type if:interface-ref;
description
"The interface name";
}
container broadcast-server {
if-feature "broadcast-server";
presence "NTP broadcast-server is configured on this
interface.";
description
"Configuration of broadcast server";
leaf ttl {
type uint8;
description
"Specifies the time to live (TTL) for a
broadcast packet";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol
and Algorithms Specification, Section 3.1";
}
container authentication {
if-feature "authentication";
description
"Authentication used on this interface";
uses authentication;
}
uses common-attributes {
description
"Common attributes such as port, version, and min and
max poll";
}
reference
"RFC 5905: Network Time Protocol Version 4: Protocol
and Algorithms Specification, Section 3.1";
}
container broadcast-client {
if-feature "broadcast-client";
presence "NTP broadcast-client is configured on this
interface.";
description
"Configuration of broadcast client";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol
and Algorithms Specification, Section 3.1";
}
list multicast-server {
if-feature "multicast-server";
key "address";
description
"Configuration of multicast server";
leaf address {
type rt-types:ip-multicast-group-address;
description
"The IP address to send NTP multicast packets";
}
leaf ttl {
type uint8;
description
"Specifies the TTL for a multicast packet";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol
and Algorithms Specification, Section 3.1";
}
container authentication {
if-feature "authentication";
description
"Authentication used on this interface";
uses authentication;
}
uses common-attributes {
description
"Common attributes such as port, version, and min and
max poll";
}
reference
"RFC 5905: Network Time Protocol Version 4: Protocol
and Algorithms Specification, Section 3.1";
}
list multicast-client {
if-feature "multicast-client";
key "address";
description
"Configuration of a multicast client";
leaf address {
type rt-types:ip-multicast-group-address;
description
"The IP address of the multicast group to
join";
}
reference
"RFC 5905: Network Time Protocol Version 4: Protocol
and Algorithms Specification, Section 3.1";
}
list manycast-server {
if-feature "manycast-server";
key "address";
description
"Configuration of a manycast server";
leaf address {
type rt-types:ip-multicast-group-address;
description
"The multicast group IP address to receive
manycast client messages.";
}
reference
"RFC 5905: Network Time Protocol Version 4: Protocol
and Algorithms Specification, Section 3.1";
}
list manycast-client {
if-feature "manycast-client";
key "address";
description
"Configuration of manycast-client";
leaf address {
type rt-types:ip-multicast-group-address;
description
"The group IP address that the manycast client
broadcasts the request message to";
}
container authentication {
if-feature "authentication";
description
"Authentication used on this interface";
uses authentication;
}
leaf ttl {
type uint8;
description
"Specifies the maximum TTL for the expanding
ring search";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol
and Algorithms Specification, Section 3.1";
}
leaf minclock {
type uint8;
description
"The minimum manycast survivors in this
association";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol
and Algorithms Specification, Section 13.2";
}
leaf maxclock {
type uint8;
description
"The maximum manycast candidates in this
association";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol
and Algorithms Specification, Section 13.2";
}
leaf beacon {
type log2seconds;
description
"The beacon is the upper limit of the poll interval.
When the TTL reaches its limit without finding the
minimum number of manycast servers, the poll interval
increases until reaching the beacon value, when it
starts over from the beginning.";
reference
"RFC 5905: Network Time Protocol Version 4: Protocol
and Algorithms Specification, Section 13.2";
}
uses common-attributes {
description
"Common attributes like port, version, and min and
max poll";
}
reference
"RFC 5905: Network Time Protocol Version 4: Protocol
and Algorithms Specification, Section 3.1";
}
}
}
container ntp-statistics {
config false;
description
"Total NTP packet statistics";
uses statistics {
description
"NTP send and receive packet statistics";
}
}
}
rpc statistics-reset {
description
"Reset statistics collected.";
input {
choice association-or-all {
description
"Resets statistics for a particular association or
all.";
case association {
uses association-ref;
description
"This resets all the statistics collected for
the association.";
}
case all {
description
"This resets all the statistics collected.";
}
}
}
}
}
<CODE ENDS>
This section include examples for illustration purposes.
このセクションには、イラストの目的の例が含まれています。
Note: '\' indicates line wrapping per [RFC8792].
注:「\」は[RFC8792]ごとにラインラップを示します。
This example describes how to configure a preferred unicast server present at 192.0.2.1 running at port 1025 with authentication-key 10 and version 4 (default).
この例では、認証キー10およびバージョン4(デフォルト)でポート1025で実行されている192.0.2.1に存在する優先ユニキャストサーバーを構成する方法について説明します。
<edit-config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<target>
<running/>
</target>
<config>
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<unicast-configuration>
<address>192.0.2.1</address>
<type>uc-server</type>
<prefer>true</prefer>
<port>1025</port>
<authentication>
<symmetric-key>
<keyid>10</keyid>
</symmetric-key>
</authentication>
</unicast-configuration>
</ntp>
</config>
</edit-config>
An example with IPv6 would use an IPv6 address (say 2001:db8::1) in the "address" leaf with no change in any other data tree.
IPv6の例では、他のデータツリーに変更がなく、「アドレス」リーフでIPv6アドレス(2001:DB8 :: 1など)を使用します。
<edit-config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<target>
<running/>
</target>
<config>
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<unicast-configuration>
<address>2001:db8::1</address>
<type>uc-server</type>
<prefer>true</prefer>
<port>1025</port>
<authentication>
<symmetric-key>
<keyid>10</keyid>
</symmetric-key>
</authentication>
</unicast-configuration>
</ntp>
</config>
</edit-config>
This example is for retrieving unicast configurations:
この例は、ユニキャスト構成を取得するためのものです。
<get>
<filter type="subtree">
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<unicast-configuration>
</unicast-configuration>
</ntp>
</filter>
</get>
<data xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<unicast-configuration>
<address>192.0.2.1</address>
<type>uc-server</type>
<authentication>
<symmetric-key>
<keyid>10</keyid>
</symmetric-key>
</authentication>
<prefer>true</prefer>
<burst>false</burst>
<iburst>true</iburst>
<source/>
<minpoll>6</minpoll>
<maxpoll>10</maxpoll>
<port>1025</port>
<stratum>9</stratum>
<refid>203.0.113.1</refid>
<reach>255</reach>
<unreach>0</unreach>
<poll>128</poll>
<now>10</now>
<offset>0.025</offset>
<delay>0.5</delay>
<dispersion>0.6</dispersion>
<originate-time>10-10-2017 07:33:55.253 Z+05:30\
</originate-time>
<receive-time>10-10-2017 07:33:55.258 Z+05:30\
</receive-time>
<transmit-time>10-10-2017 07:33:55.300 Z+05:30\
</transmit-time>
<input-time>10-10-2017 07:33:55.305 Z+05:30\
</input-time>
<ntp-statistics>
<packet-sent>20</packet-sent>
<packet-sent-fail>0</packet-sent-fail>
<packet-received>20</packet-received>
<packet-dropped>0</packet-dropped>
</ntp-statistics>
</unicast-configuration>
</ntp>
</data>
This example describes how to configure reference clock with stratum 8:
この例では、Stratum 8で参照クロックを構成する方法について説明します。
<edit-config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<target>
<running/>
</target>
<config>
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<refclock-master>
<master-stratum>8</master-stratum>
</refclock-master>
</ntp>
</config>
</edit-config>
This example describes how to get reference clock configuration:
この例では、参照クロック構成を取得する方法について説明します。
<get>
<filter type="subtree">
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<refclock-master>
</refclock-master>
</ntp>
</filter>
</get>
<data xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<refclock-master>
<master-stratum>8</master-stratum>
</refclock-master>
</ntp>
</data>
This example describes how to enable authentication and configure trusted authentication key 10 with mode as AES-CMAC and a hexadecimal string key:
この例では、認証を有効にし、AES-CMACとしてモードを使用して信頼できる認証キー10を構成する方法について説明します。
<edit-config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<target>
<running/>
</target>
<config>
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<authentication>
<auth-enabled>true</auth-enabled>
<authentication-keys>
<keyid>10</keyid>
<algorithm>aes-cmac</algorithm>
<key>
<hexadecimal-string>
bb1d6929e95937287fa37d129b756746
</hexadecimal-string>
</key>
<istrusted>true</istrusted>
</authentication-keys>
</authentication>
</ntp>
</config>
</edit-config>
This example describes how to configure "peer-access-mode" associated with ACL 2000:
この例では、ACL 2000に関連付けられている「ピアアクセスモード」を構成する方法について説明します。
<edit-config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<target>
<running/>
</target>
<config>
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<access-rules>
<access-rule>
<access-mode>peer-access-mode</access-mode>
<acl>2000</acl>
</access-rule>
</access-rules>
</ntp>
</config>
</edit-config>
This example describes how to get access-related configuration:
この例では、アクセス関連の構成を取得する方法について説明します。
<get>
<filter type="subtree">
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<access-rules>
</access-rules>
</ntp>
</filter>
</get>
<data xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<access-rules>
<access-rule>
<access-mode>peer-access-mode</access-mode>
<acl>2000</acl>
</access-rule>
</access-rules>
</ntp>
</data>
This example describes how to configure a multicast server with an address of "224.0.1.1", port of 1025, version of 3, and authentication keyid of 10.
この例では、「224.0.1.1」、1025のポート、3のバージョン、および認証KeyID 10のアドレスでマルチキャストサーバーを構成する方法について説明します。
<edit-config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<target>
<running/>
</target>
<config>
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<interfaces>
<interface>
<name>Ethernet3/0/0</name>
<multicast-server>
<address>224.0.1.1</address>
<authentication>
<symmetric-key>
<keyid>10</keyid>
</symmetric-key>
</authentication>
<port>1025</port>
<version>3</version>
</multicast-server>
</interface>
</interfaces>
</ntp>
</config>
</edit-config>
This example describes how to get multicast-server-related configuration:
この例では、マルチキャストサーバー関連の構成を取得する方法について説明します。
<get>
<filter type="subtree">
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<interfaces>
<interface>
<multicast-server>
</multicast-server>
</interface>
</interfaces>
</ntp>
</filter>
</get>
<data xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<interfaces>
<interface>
<name>Ethernet3/0/0</name>
<multicast-server>
<address>224.0.1.1</address>
<ttl>8</ttl>
<authentication>
<symmetric-key>
<keyid>10</keyid>
</symmetric-key>
</authentication>
<minpoll>6</minpoll>
<maxpoll>10</maxpoll>
<port>1025</port>
<version>3</version>
</multicast-server>
</interface>
</interfaces>
</ntp>
</data>
This example describes how to configure a multicast client with an address of "224.0.1.1":
この例では、「224.0.1.1」のアドレスでマルチキャストクライアントを構成する方法について説明します。
<edit-config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<target>
<running/>
</target>
<config>
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<interfaces>
<interface>
<name>Ethernet3/0/0</name>
<multicast-client>
<address>224.0.1.1</address>
</multicast-client>
</interface>
</interfaces>
</ntp>
</config>
</edit-config>
This example describes how to get multicast-client-related configuration:
この例では、マルチキャストクライアント関連の構成を取得する方法について説明します。
<get>
<filter type="subtree">
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<interfaces>
<interface>
<multicast-client>
</multicast-client>
</interface>
</interfaces>
</ntp>
</filter>
</get>
<data xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<interfaces>
<interface>
<name>Ethernet3/0/0</name>
<multicast-client>
<address>224.0.1.1</address>
</multicast-client>
</interface>
</interfaces>
</ntp>
</data>
This example describes how to configure a manycast-client with an address of "224.0.1.1", port of 1025, and authentication keyid of 10:
この例では、「224.0.1.1」、1025のポート、および認証keyIDのアドレスを使用して、Manycast-clientを構成する方法について説明します。
<edit-config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<target>
<running/>
</target>
<config>
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<interfaces>
<interface>
<name>Ethernet3/0/0</name>
<manycast-client>
<address>224.0.1.1</address>
<authentication>
<symmetric-key>
<keyid>10</keyid>
</symmetric-key>
</authentication>
<port>1025</port>
</manycast-client>
</interface>
</interfaces>
</ntp>
</config>
</edit-config>
This example describes how to get manycast-client-related configuration:
この例では、Manycast-Client関連の構成を取得する方法について説明します。
<get>
<filter type="subtree">
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<interfaces>
<interface>
<manycast-client>
</manycast-client>
</interface>
</interfaces>
</ntp>
</filter>
</get>
<data xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<interfaces>
<interface>
<name>Ethernet3/0/0</name>
<manycast-client>
<address>224.0.1.1</address>
<authentication>
<symmetric-key>
<keyid>10</keyid>
</symmetric-key>
</authentication>
<ttl>8</ttl>
<minclock>3</minclock>
<maxclock>10</maxclock>
<beacon>6</beacon>
<minpoll>6</minpoll>
<maxpoll>10</maxpoll>
<port>1025</port>
</manycast-client>
</interface>
</interfaces>
</ntp>
</data>
This example describes how to configure a manycast-server with an address of "224.0.1.1":
この例では、「224.0.1.1」のアドレスでManycast-Serverを構成する方法について説明します。
<edit-config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<target>
<running/>
</target>
<config>
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<interfaces>
<interface>
<name>Ethernet3/0/0</name>
<manycast-server>
<address>224.0.1.1</address>
</manycast-server>
</interface>
</interfaces>
</ntp>
</config>
</edit-config>
This example describes how to get manycast-server-related configuration:
この例では、Manycast-Server関連の構成を取得する方法について説明します。
<get>
<filter type="subtree">
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<interfaces>
<interface>
<manycast-server>
</manycast-server>
</interface>
</interfaces>
</ntp>
</filter>
</get>
<data xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<interfaces>
<interface>
<name>Ethernet3/0/0</name>
<manycast-server>
<address>224.0.1.1</address>
</manycast-server>
</interface>
</interfaces>
</ntp>
</data>
This example describes how to get current clock state:
この例では、現在の時計状態を取得する方法について説明します。
<get>
<filter type="subtree">
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<clock-state>
</clock-state>
</ntp>
</filter>
</get>
<data xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<clock-state>
<system-status>
<clock-state>synchronized</clock-state>
<clock-stratum>7</clock-stratum>
<clock-refid>192.0.2.1</clock-refid>
<associations-address>192.0.2.1\
</associations-address>
<associations-local-mode>client\
</associations-local-mode>
<associations-isconfigured>yes\
</associations-isconfigured>
<nominal-freq>100.0</nominal-freq>
<actual-freq>100.0</actual-freq>
<clock-precision>18</clock-precision>
<clock-offset>0.025</clock-offset>
<root-delay>0.5</root-delay>
<root-dispersion>0.8</root-dispersion>
<reference-time>10-10-2017 07:33:55.258 Z+05:30\
</reference-time>
<sync-state>clock-synchronized</sync-state>
</system-status>
</clock-state>
</ntp>
</data>
This example describes how to get all associations present in the system:
この例では、システムにすべての関連付けを取得する方法について説明します。
<get>
<filter type="subtree">
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<associations>
</associations>
</ntp>
</filter>
</get>
<data xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<associations>
<association>
<address>192.0.2.1</address>
<stratum>9</stratum>
<refid>203.0.113.1</refid>
<local-mode>client</local-mode>
<isconfigured>true</isconfigured>
<authentication-key>10</authentication-key>
<prefer>true</prefer>
<peer-interface>Ethernet3/0/0</peer-interface>
<minpoll>6</minpoll>
<maxpoll>10</maxpoll>
<port>1025</port>
<version>4</version>
<reach>255</reach>
<unreach>0</unreach>
<poll>128</poll>
<now>10</now>
<offset>0.025</offset>
<delay>0.5</delay>
<dispersion>0.6</dispersion>
<originate-time>10-10-2017 07:33:55.253 Z+05:30\
</originate-time>
<receive-time>10-10-2017 07:33:55.258 Z+05:30\
</receive-time>
<transmit-time>10-10-2017 07:33:55.300 Z+05:30\
</transmit-time>
<input-time>10-10-2017 07:33:55.305 Z+05:30\
</input-time>
<ntp-statistics>
<packet-sent>20</packet-sent>
<packet-sent-fail>0</packet-sent-fail>
<packet-received>20</packet-received>
<packet-dropped>0</packet-dropped>
</ntp-statistics>
</association>
</associations>
</ntp>
</data>
This example describes how to get global statistics:
この例では、グローバル統計を取得する方法について説明します。
<get>
<filter type="subtree">
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<ntp-statistics>
</ntp-statistics>
</ntp>
</filter>
</get>
<data xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<ntp xmlns="urn:ietf:params:xml:ns:yang:ietf-ntp">
<ntp-statistics>
<packet-sent>30</packet-sent>
<packet-sent-fail>5</packet-sent-fail>
<packet-received>20</packet-received>
<packet-dropped>2</packet-dropped>
</ntp-statistics>
</ntp>
</data>
This document registers a URI in the "IETF XML Registry" [RFC3688]. Following the format in RFC 3688, the following registration has been made.
このドキュメントは、「IETF XMLレジストリ」[RFC3688]でURIを登録します。RFC 3688の形式に続いて、次の登録が行われました。
URI: urn:ietf:params:xml:ns:yang:ietf-ntp
Registrant Contact: The IESG.
登録者の連絡先:IESG。
XML: N/A; the requested URI is an XML namespace.
XML:n/a;要求されたURIはXMLネームスペースです。
This document registers a YANG module in the "YANG Module Names" registry [RFC6020].
このドキュメントは、「Yangモジュール名」レジストリ[RFC6020]のYangモジュールを登録します。
Name: ietf-ntp
名前:ietf-ntp
Namespace: urn:ietf:params:xml:ns:yang:ietf-ntp
Prefix: ntp
プレフィックス:ntp
Reference: RFC 9249
参照:RFC 9249
The YANG module specified in this document defines a schema for data that is designed to be accessed via network management protocols such as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer is the secure transport layer, and the mandatory-to-implement secure transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer is HTTPS, and the mandatory-to-implement secure transport is TLS [RFC8446].
このドキュメントで指定されたYangモジュールは、NetConf [RFC6241]やRestConf [RFC8040]などのネットワーク管理プロトコルを介してアクセスするように設計されたデータのスキーマを定義しています。最低のネットコン層は安全な輸送層であり、実装から実装の安全な輸送は安全なシェル(SSH)[RFC6242]です。最も低いRESTCONFレイヤーはHTTPSであり、実装対象の安全な輸送はTLS [RFC8446]です。
The Network Configuration Access Control Model (NACM) [RFC8341] provides the means to restrict access for particular NETCONF or RESTCONF users to a preconfigured subset of all available NETCONF or RESTCONF protocol operations and content. The 'nacm:default-deny-all' is used to prevent retrieval of the key information.
ネットワーク構成アクセス制御モデル(NACM)[RFC8341]は、利用可能なすべてのNetConfまたはRestConfプロトコル操作とコンテンツの事前に設定されたサブセットに特定のNetConfまたはRestConfユーザーのアクセスを制限する手段を提供します。「NACM:Default-Deny-All」は、主要な情報の取得を防ぐために使用されます。
There are a number of data nodes defined in this YANG module that are writable/creatable/deletable (i.e., config true, which is the default). These data nodes may be considered sensitive or vulnerable in some network environments. Write operations (e.g., edit-config) to these data nodes without proper protection can have a negative effect on network operations. These are the subtrees and data nodes and their sensitivity/vulnerability:
このYangモジュールには、書き込み可能/クリエーション/削除可能な(つまり、デフォルトである構成真実です)。これらのデータノードは、一部のネットワーク環境で敏感または脆弱と見なされる場合があります。適切な保護なしにこれらのデータノードに操作を書き込む(例:編集Config)は、ネットワーク操作に悪影響を与える可能性があります。これらは、サブツリーとデータノードとその感度/脆弱性です。
/ntp/port: This data node specifies the port number to be used to send NTP packets. Unexpected changes could lead to disruption and/or network misbehavior.
/NTP/ポート:このデータノードは、NTPパケットの送信に使用するポート番号を指定します。予期しない変更は、混乱やネットワークの不正行為につながる可能性があります。
/ntp/authentication and /ntp/access-rules: The entries in the list include the authentication and access control configurations. Care should be taken while setting these parameters.
/NTP/認証および/NTP/アクセスルール:リストのエントリには、認証とアクセス制御の構成が含まれます。これらのパラメーターを設定する際には、注意する必要があります。
/ntp/unicast-configuration: The entries in the list include all unicast configurations (server or peer mode) and indirectly creates or modifies the NTP associations. Unexpected changes could lead to disruption and/or network misbehavior.
/ntp/unicast-configuration:リストのエントリには、すべてのユニキャスト構成(サーバーまたはピアモード)が含まれ、間接的にNTP関連を作成または変更します。予期しない変更は、混乱やネットワークの不正行為につながる可能性があります。
/ntp/interfaces/interface: The entries in the list include all per-interface configurations related to broadcast, multicast, and manycast mode, and indirectly creates or modifies the NTP associations. Unexpected changes could lead to disruption and/or network misbehavior. It could also lead to synchronization over an untrusted source over trusted ones.
/ntp/interfaces/interface:リストのエントリには、ブロードキャスト、マルチキャスト、およびManycastモードに関連するすべてのインターフェイス構成が含まれ、間接的にNTPアソシエーションを作成または変更します。予期しない変更は、混乱やネットワークの不正行為につながる可能性があります。また、信頼できるソースよりも信頼されていないソースの同期につながる可能性があります。
Some of the readable data nodes in this YANG module may be considered sensitive or vulnerable in some network environments. It is thus important to control read access (e.g., via get, get-config, or notification) to these data nodes. These are the subtrees and data nodes and their sensitivity/vulnerability:
このYangモジュールの読み取り可能なデータノードの一部は、一部のネットワーク環境で敏感または脆弱と見なされる場合があります。したがって、これらのデータノードへの読み取りアクセス(get、get config、または通知を介して)を制御することが重要です。これらは、サブツリーとデータノードとその感度/脆弱性です。
/ntp/authentication/authentication-keys: The entries in the list include all the NTP authentication keys. Unauthorized access to the keys can be easily exploited to permit unauthorized access to the NTP service. This information is sensitive; thus, unauthorized access to this needs to be curtailed.
/ntp/authentication/authentication-keys:リストのエントリには、すべてのNTP認証キーが含まれます。キーへの不正アクセスは、NTPサービスへの不正アクセスを許可するために簡単に活用できます。この情報は敏感です。したがって、これへの不正アクセスを削減する必要があります。
/ntp/associations/association/: The entries in the list include all active NTP associations of all modes. Exposure of these nodes could reveal network topology or trust relationships. Unauthorized access to this also needs to be curtailed.
/NTP/Associations/Association/:リスト内のエントリには、すべてのモードのすべてのアクティブなNTP関連が含まれます。これらのノードを露出させると、ネットワークトポロジや信頼関係が明らかになる可能性があります。これへの不正アクセスも削減する必要があります。
/ntp/authentication and /ntp/access-rules: The entries in the list include the authentication and access control configurations. Exposure of these nodes could reveal network topology or trust relationships.
/NTP/認証および/NTP/アクセスルール:リストのエントリには、認証とアクセス制御の構成が含まれます。これらのノードを露出させると、ネットワークトポロジや信頼関係が明らかになる可能性があります。
Some of the RPC operations in this YANG module may be considered sensitive or vulnerable in some network environments. It is thus important to control access to these operations. These are the operations and their sensitivity/vulnerability:
このYangモジュールのRPC操作の一部は、一部のネットワーク環境で敏感または脆弱と見なされる場合があります。したがって、これらの操作へのアクセスを制御することが重要です。これらは、操作とその感度/脆弱性です。
statistics-reset: The RPC is used to reset statistics. Unauthorized reset could impact monitoring.
統計版:RPCは統計をリセットするために使用されます。不正なリセットは、監視に影響を与える可能性があります。
The leaf /ntp/authentication/authentication-keys/algorithm can be set to cryptographic algorithms that are no longer considered to be secure. As per [RFC8573], AES-CMAC is the recommended algorithm.
Leaf/NTP/Authentication/Authentication-Keys/Algorithmは、安全ではないと考えられていない暗号化アルゴリズムに設定できます。[RFC8573]によると、AES-CMACが推奨されるアルゴリズムです。
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, <https://www.rfc-editor.org/info/rfc2119>.
[RFC2119] Bradner、S。、「要件レベルを示すためにRFCで使用するためのキーワード」、BCP 14、RFC 2119、DOI 10.17487/RFC2119、1997年3月、<https://www.rfc-editor.org/info/RFC2119>。
[RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, DOI 10.17487/RFC3688, January 2004, <https://www.rfc-editor.org/info/rfc3688>.
[RFC3688] Mealling、M。、「IETF XMLレジストリ」、BCP 81、RFC 3688、DOI 10.17487/RFC3688、2004年1月、<https://www.rfc-editor.org/info/rfc3688>
[RFC5905] Mills, D., Martin, J., Ed., Burbank, J., and W. Kasch, "Network Time Protocol Version 4: Protocol and Algorithms Specification", RFC 5905, DOI 10.17487/RFC5905, June 2010, <https://www.rfc-editor.org/info/rfc5905>.
[RFC5905] Mills、D.、Martin、J.、Ed。、Burbank、J.、およびW. Kasch、「ネットワークタイムプロトコルバージョン4:プロトコルとアルゴリズムの仕様」、RFC 5905、DOI 10.17487/RFC5905、2010年6月、<https://www.rfc-editor.org/info/rfc5905>。
[RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for the Network Configuration Protocol (NETCONF)", RFC 6020, DOI 10.17487/RFC6020, October 2010, <https://www.rfc-editor.org/info/rfc6020>.
[RFC6020] Bjorklund、M.、ed。、 "Yang -Yang-ネットワーク構成プロトコル(NetConf)のデータモデリング言語、RFC 6020、DOI 10.17487/RFC6020、2010年10月、<https://www.rfc -editor。org/info/rfc6020>。
[RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., and A. Bierman, Ed., "Network Configuration Protocol (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, <https://www.rfc-editor.org/info/rfc6241>.
[RFC6241] Enns、R.、ed。、ed。、Bjorklund、M.、ed。、Schoenwaelder、J.、ed。、およびA. Bierman、ed。、「ネットワーク構成プロトコル(NetConf)」、RFC 6241、DOI 10.17487/RFC6241、2011年6月、<https://www.rfc-editor.org/info/rfc6241>。
[RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, <https://www.rfc-editor.org/info/rfc6242>.
[RFC6242] Wasserman、M。、「セキュアシェル(SSH)を介してNetConfプロトコルを使用」、RFC 6242、DOI 10.17487/RFC6242、2011年6月、<https://www.rfc-editor.org/info/rfc6242>。
[RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", RFC 6991, DOI 10.17487/RFC6991, July 2013, <https://www.rfc-editor.org/info/rfc6991>.
[RFC6991] Schoenwaelder、J.、ed。、 "Common Yang Data型"、RFC 6991、DOI 10.17487/RFC6991、2013年7月、<https://www.rfc-editor.org/info/rfc6991>。
[RFC7317] Bierman, A. and M. Bjorklund, "A YANG Data Model for System Management", RFC 7317, DOI 10.17487/RFC7317, August 2014, <https://www.rfc-editor.org/info/rfc7317>.
[RFC7317] Bierman、A。およびM. Bjorklund、「システム管理のためのYangデータモデル」、RFC 7317、DOI 10.17487/RFC7317、2014年8月、<https://www.rfc-editor.org/info/rfc7317>。
[RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", RFC 7950, DOI 10.17487/RFC7950, August 2016, <https://www.rfc-editor.org/info/rfc7950>.
[RFC7950] Bjorklund、M.、ed。、「Yang 1.1 Data Modeling Language」、RFC 7950、DOI 10.17487/RFC7950、2016年8月、<https://www.rfc-editor.org/info/rfc7950>。
[RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, <https://www.rfc-editor.org/info/rfc8040>.
[RFC8040] Bierman、A.、Bjorklund、M。、およびK. Watsen、「RestConf Protocol」、RFC 8040、DOI 10.17487/RFC8040、2017年1月、<https://www.rfc-editor.org/info/rfc8040>。
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[RFC8174] Leiba、B。、「RFC 2119キーワードの大文字と小文字のあいまいさ」、BCP 14、RFC 8174、DOI 10.17487/RFC8174、2017年5月、<https://www.rfc-editor.org/info/RFC8174>。
[RFC8294] Liu, X., Qu, Y., Lindem, A., Hopps, C., and L. Berger, "Common YANG Data Types for the Routing Area", RFC 8294, DOI 10.17487/RFC8294, December 2017, <https://www.rfc-editor.org/info/rfc8294>.
[RFC8294] Liu、X.、Qu、Y.、Lindem、A.、Hopps、C。、およびL. Berger、「ルーティングエリアの一般的なYangデータ型」、RFC 8294、DOI 10.17487/RFC8294、2017年12月、RFC8294、<https://www.rfc-editor.org/info/rfc8294>。
[RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, <https://www.rfc-editor.org/info/rfc8340>.
[RFC8340] Bjorklund、M。and L. Berger、ed。、「Yang Tree Diagrams」、BCP 215、RFC 8340、DOI 10.17487/RFC8340、2018年3月、<https://www.rfc-editor.org/info/RFC8340>。
[RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration Access Control Model", STD 91, RFC 8341, DOI 10.17487/RFC8341, March 2018, <https://www.rfc-editor.org/info/rfc8341>.
[RFC8341] Bierman、A。and M. Bjorklund、「ネットワーク構成アクセス制御モデル」、STD 91、RFC 8341、DOI 10.17487/RFC8341、2018年3月、<https://www.rfc-editor.org/info/RFC8341>。
[RFC8343] Bjorklund, M., "A YANG Data Model for Interface Management", RFC 8343, DOI 10.17487/RFC8343, March 2018, <https://www.rfc-editor.org/info/rfc8343>.
[RFC8343] Bjorklund、M。、「インターフェイス管理のためのYangデータモデル」、RFC 8343、DOI 10.17487/RFC8343、2018年3月、<https://www.rfc-editor.org/info/rfc8343>。
[RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, <https://www.rfc-editor.org/info/rfc8446>.
[RFC8446] Rescorla、E。、「輸送層セキュリティ(TLS)プロトコルバージョン1.3」、RFC 8446、DOI 10.17487/RFC8446、2018年8月、<https://www.rfc-editor.org/info/rfc846>
[RFC8519] Jethanandani, M., Agarwal, S., Huang, L., and D. Blair, "YANG Data Model for Network Access Control Lists (ACLs)", RFC 8519, DOI 10.17487/RFC8519, March 2019, <https://www.rfc-editor.org/info/rfc8519>.
[RFC8519] Jethanandani、M.、Agarwal、S.、Huang、L.、およびD. Blair、「ネットワークアクセス制御リスト(ACLS)のYangデータモデル」、RFC 8519、DOI 10.17487/RFC8519、2019年3月、<HTTPS <HTTPS://www.rfc-editor.org/info/rfc8519>。
[RFC8573] Malhotra, A. and S. Goldberg, "Message Authentication Code for the Network Time Protocol", RFC 8573, DOI 10.17487/RFC8573, June 2019, <https://www.rfc-editor.org/info/rfc8573>.
[RFC8573] Malhotra、A。およびS. Goldberg、「ネットワーク時間プロトコルのメッセージ認証コード」、RFC 8573、DOI 10.17487/RFC8573、2019年6月、<https://www.rfc-editor.org/info/RFC857333>。
[RFC1305] Mills, D., "Network Time Protocol (Version 3) Specification, Implementation and Analysis", RFC 1305, DOI 10.17487/RFC1305, March 1992, <https://www.rfc-editor.org/info/rfc1305>.
[RFC1305] Mills、D。、「ネットワークタイムプロトコル(バージョン3)仕様、実装、分析」、RFC 1305、DOI 10.17487/RFC1305、1992年3月、<https://www.rfc-editor.org/info/rfc1305555555555555555555555555>。
[RFC1321] Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321, DOI 10.17487/RFC1321, April 1992, <https://www.rfc-editor.org/info/rfc1321>.
[RFC1321] Rivest、R。、「The MD5 Message-Digest Algorithm」、RFC 1321、DOI 10.17487/RFC1321、1992年4月、<https://www.rfc-editor.org/info/rfc1321>。
[RFC3174] Eastlake 3rd, D. and P. Jones, "US Secure Hash Algorithm 1 (SHA1)", RFC 3174, DOI 10.17487/RFC3174, September 2001, <https://www.rfc-editor.org/info/rfc3174>.
[RFC3174] Eastlake 3rd、D。and P. Jones、「US Secure Hash Algorithm 1(SHA1)」、RFC 3174、DOI 10.17487/RFC3174、2001年9月、<https://www.rfc-editor.org/info/RFC3174>。
[RFC4493] Song, JH., Poovendran, R., Lee, J., and T. Iwata, "The AES-CMAC Algorithm", RFC 4493, DOI 10.17487/RFC4493, June 2006, <https://www.rfc-editor.org/info/rfc4493>.
[RFC4493] Song、JH。、Poovendran、R.、Lee、J。、およびT. Iwata、「AES-CMACアルゴリズム」、RFC 4493、DOI 10.17487/RFC4493、2006年6月、<https://www.rfc4493-editor.org/info/rfc4493>。
[RFC5907] Gerstung, H., Elliott, C., and B. Haberman, Ed., "Definitions of Managed Objects for Network Time Protocol Version 4 (NTPv4)", RFC 5907, DOI 10.17487/RFC5907, June 2010, <https://www.rfc-editor.org/info/rfc5907>.
[RFC5907] Gerstung、H.、Elliott、C。、およびB. Haberman、ed。、「ネットワーク時間プロトコルバージョン4(NTPV4)の管理オブジェクトの定義」、RFC 5907、DOI 10.17487/RFC5907、2010年6月、<://www.rfc-editor.org/info/rfc5907>。
[RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., and R. Wilton, "Network Management Datastore Architecture (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018, <https://www.rfc-editor.org/info/rfc8342>.
[RFC8342] Bjorklund、M.、Schoenwaelder、J.、Shafer、P.、Watsen、K。、およびR. Wilton、「ネットワーク管理データストアアーキテクチャ(NMDA)」、RFC 8342、DOI 10.17487/RFC8342、2018年3月、<<<<<https://www.rfc-editor.org/info/rfc8342>。
[RFC8792] Watsen, K., Auerswald, E., Farrel, A., and Q. Wu, "Handling Long Lines in Content of Internet-Drafts and RFCs", RFC 8792, DOI 10.17487/RFC8792, June 2020, <https://www.rfc-editor.org/info/rfc8792>.
[RFC8792] Watsen、K.、Auerswald、E.、Farrel、A。、およびQ. Wu、「インターネットドラフトとRFCのコンテンツの長いラインの扱い」、RFC 8792、DOI 10.17487/RFC8792、2020年6月、<HTTPSPSP://www.rfc-editor.org/info/rfc8792>。
[SHS] National Institute of Standards and Technology (NIST), "Secure Hash Standard (SHS)", DOI 10.6028/NIST.FIPS.180-4, FIPS PUB 180-4, August 2015, <https://doi.org/10.6028/NIST.FIPS.180-4>.
[SHS]国立標準技術研究所(NIST)、「Secure Hash Standard(SHS)」、doi 10.6028/nist.fips.180-4、Fips Pub 180-4、2015年8月、<https://doi.org/10.6028/NIST.FIPS.180-4>。
The full tree for the ietf-ntp YANG data model is as follows.
IETF-NTP Yangデータモデルのフルツリーは次のとおりです。
module: ietf-ntp
+--rw ntp!
+--rw port? inet:port-number {ntp-port}?
+--rw refclock-master!
| +--rw master-stratum? ntp-stratum
+--rw authentication {authentication}?
| +--rw auth-enabled? boolean
| +--rw authentication-keys* [keyid]
| +--rw keyid uint32
| +--rw algorithm? identityref
| +--rw key
| | +--rw (key-string-style)?
| | +--:(keystring)
| | | +--rw keystring? string {deprecated}?
| | +--:(hexadecimal) {hex-key-string}?
| | +--rw hexadecimal-string? yang:hex-string
| +--rw istrusted? boolean
+--rw access-rules {access-rules}?
| +--rw access-rule* [access-mode]
| +--rw access-mode identityref
| +--rw acl? -> /acl:acls/acl/name
+--ro clock-state
| +--ro system-status
| +--ro clock-state identityref
| +--ro clock-stratum ntp-stratum
| +--ro clock-refid refid
| +--ro associations-address?
| | -> /ntp/associations/association/address
| +--ro associations-local-mode?
| | -> /ntp/associations/association/local-mode
| +--ro associations-isconfigured?
| | -> /ntp/associations/association/isconfigured
| +--ro nominal-freq decimal64
| +--ro actual-freq decimal64
| +--ro clock-precision log2seconds
| +--ro clock-offset? decimal64
| +--ro root-delay? decimal64
| +--ro root-dispersion? decimal64
| +--ro reference-time? ntp-date-and-time
| +--ro sync-state identityref
+--rw unicast-configuration* [address type]
| {unicast-configuration}?
| +--rw address inet:ip-address
| +--rw type identityref
| +--rw authentication {authentication}?
| | +--rw (authentication-type)?
| | +--:(symmetric-key)
| | +--rw keyid? leafref
| +--rw prefer? boolean
| +--rw burst? boolean
| +--rw iburst? boolean
| +--rw source? if:interface-ref
| +--rw minpoll? log2seconds
| +--rw maxpoll? log2seconds
| +--rw port? inet:port-number {ntp-port}?
| +--rw version? ntp-version
+--rw associations
| +--ro association* [address local-mode isconfigured]
| +--ro address inet:ip-address
| +--ro local-mode identityref
| +--ro isconfigured boolean
| +--ro stratum? ntp-stratum
| +--ro refid? refid
| +--ro authentication?
| | -> /ntp/authentication/authentication-keys/keyid
| | {authentication}?
| +--ro prefer? boolean
| +--ro peer-interface? if:interface-ref
| +--ro minpoll? log2seconds
| +--ro maxpoll? log2seconds
| +--ro port? inet:port-number {ntp-port}?
| +--ro version? ntp-version
| +--ro reach? uint8
| +--ro unreach? uint8
| +--ro poll? log2seconds
| +--ro now? uint32
| +--ro offset? decimal64
| +--ro delay? decimal64
| +--ro dispersion? decimal64
| +--ro originate-time? ntp-date-and-time
| +--ro receive-time? ntp-date-and-time
| +--ro transmit-time? ntp-date-and-time
| +--ro input-time? ntp-date-and-time
| +--ro ntp-statistics
| +--ro discontinuity-time? ntp-date-and-time
| +--ro packet-sent? yang:counter32
| +--ro packet-sent-fail? yang:counter32
| +--ro packet-received? yang:counter32
| +--ro packet-dropped? yang:counter32
+--rw interfaces
| +--rw interface* [name]
| +--rw name if:interface-ref
| +--rw broadcast-server! {broadcast-server}?
| | +--rw ttl? uint8
| | +--rw authentication {authentication}?
| | | +--rw (authentication-type)?
| | | +--:(symmetric-key)
| | | +--rw keyid? leafref
| | +--rw minpoll? log2seconds
| | +--rw maxpoll? log2seconds
| | +--rw port? inet:port-number {ntp-port}?
| | +--rw version? ntp-version
| +--rw broadcast-client! {broadcast-client}?
| +--rw multicast-server* [address] {multicast-server}?
| | +--rw address
| | | rt-types:ip-multicast-group-address
| | +--rw ttl? uint8
| | +--rw authentication {authentication}?
| | | +--rw (authentication-type)?
| | | +--:(symmetric-key)
| | | +--rw keyid? leafref
| | +--rw minpoll? log2seconds
| | +--rw maxpoll? log2seconds
| | +--rw port? inet:port-number {ntp-port}?
| | +--rw version? ntp-version
| +--rw multicast-client* [address] {multicast-client}?
| | +--rw address rt-types:ip-multicast-group-address
| +--rw manycast-server* [address] {manycast-server}?
| | +--rw address rt-types:ip-multicast-group-address
| +--rw manycast-client* [address] {manycast-client}?
| +--rw address
| | rt-types:ip-multicast-group-address
| +--rw authentication {authentication}?
| | +--rw (authentication-type)?
| | +--:(symmetric-key)
| | +--rw keyid? leafref
| +--rw ttl? uint8
| +--rw minclock? uint8
| +--rw maxclock? uint8
| +--rw beacon? log2seconds
| +--rw minpoll? log2seconds
| +--rw maxpoll? log2seconds
| +--rw port? inet:port-number {ntp-port}?
| +--rw version? ntp-version
+--ro ntp-statistics
+--ro discontinuity-time? ntp-date-and-time
+--ro packet-sent? yang:counter32
+--ro packet-sent-fail? yang:counter32
+--ro packet-received? yang:counter32
+--ro packet-dropped? yang:counter32
rpcs:
+---x statistics-reset
+---w input
+---w (association-or-all)?
+--:(association)
| +---w associations-address?
| | -> /ntp/associations/association/address
| +---w associations-local-mode?
| | -> /ntp/associations/association/local-mode
| +---w associations-isconfigured?
| -> /ntp/associations/association/isconfigured
+--:(all)
Acknowledgments
謝辞
The authors would like to express their thanks to Sladjana Zoric, Danny Mayer, Harlan Stenn, Ulrich Windl, Miroslav Lichvar, Maurice Angermann, Watson Ladd, and Rich Salz for their review and suggestions.
著者は、Sladjana Zoric、Danny Mayer、Harlan Stenn、Ulrich Windl、Miroslav Lichvar、Maurice Angermann、Watson Ladd、Rich Salzにレビューと提案に感謝します。
Thanks to Andy Bierman for the YANG doctor review.
ヤンドクターレビューをしてくれたアンディビアマンに感謝します。
Thanks to Dieter Sibold for being the Document Shepherd and Erik Kline for being the Responsible AD.
Dieter Siboldに責任ある広告であるドキュメントシェパードとErik Klineに感謝します。
Thanks to Takeshi Takahashi for SECDIR review. Thanks to Tim Evens for GENART review.
SecdirレビューをしてくれたTakehi Takahashiに感謝します。GenArt ReviewのTim Evensに感謝します。
A special thanks to Tom Petch for a very detailed YANG review and providing great suggestions for improvements.
非常に詳細なYangレビューと改善のための素晴らしい提案を提供してくれたTom Petchに感謝します。
Thanks for the IESG review from Benjamin Kaduk, Francesca Palombini, Eric Vyncke, Murray Kucherawy, Robert Wilton, Roman Danyliw, and Zaheduzzaman Sarker.
Benjamin Kaduk、Francesca Palombini、Eric Vyncke、Murray Kucherawy、Robert Wilton、Roman Danyliw、Zaheduzzaman SarkerのIESGレビューをありがとう。
Authors' Addresses
著者のアドレス
Nan Wu Huawei Huawei Bld., No.156 Beiqing Rd. Beijing 100095 China Email: eric.wu@huawei.com
Nan Wu Huawei Huawei Bld。、No.156Beiqing Rd。北京100095中国メール:eric.wu@huawei.com
Dhruv Dhody (editor) Huawei Divyashree Techno Park, Whitefield Bangalore 560066 Kanataka India Email: dhruv.ietf@gmail.com
Dhruv Dhody(編集者)Huawei Divyashree Techno Park、Whitefield Bangalore 560066 Kanataka India:dhruv.ietf@gmail.com
Ankit Kumar Sinha (editor) RtBrick Inc. Bangalore Kanataka India Email: ankit.ietf@gmail.com
Ankit Kumar Sinha(編集者)Rtbrick Inc. Bangalore Kanataka Indiaメール:ankit.ietf@gmail.com
Anil Kumar S N RtBrick Inc. Bangalore Kanataka India Email: anil.ietf@gmail.com
Anil Kumar S N Rtbrick Inc.バンガロールカナタカインドメール:anil.ietf@gmail.com
Yi Zhao Ericsson China Digital Kingdom Bld., No.1 WangJing North Rd. Beijing 100102 China Email: yi.z.zhao@ericsson.com
Yi Zhao Ericsson China Digital Kingdom Bld。、No.1 Wangjing North Rd。Beijing 100102 China Email:yi.z.zhao@ericsson.com