NTPsec on OpenSwitch
Eric S. Raymond
esr at thyrsus.com
Thu Dec 24 03:44:28 UTC 2015
Srivatsan, Srinivasan <srinivasan.srivatsan at hpe.com>:
> Hi NTPsec team,
>
> I am Srinivasan and working with the OpenSwitch team at HPE. We are planning to use NTPsec as part of OpenSwitch. For the initial release we are planning to support only NTP client. I have some questions based off that.
>
> * Would you know if someone has integrated NTPsec into the yocto project with a bitbake recipe (.bb file). If its there then I could use that as reference for my integration with OpenSwitch because it uses Yocto/Bitbake framework.
I do not know of any such recipe.
> * Based on what we want to support in the initial release, the interaction with the daemon would include the following: For each of these scenarios, what is the best way to print/configure the info? Can I make a socket/api call to get this info OR is it through a command OR is it through a .conf file change and restarting the daemon?
I am in the very odd position that I can only tell you this: (a) the
answer to these questions have not changed from NTP Classic, and (b) I myself
am not sure what the answers are. At this point I know the code very well
from the inside but I don't have much experience configuring it from the
outside.
> * Daemon is up and we need to print the current ntp status info,
> * Daemon is up and we need to print the NTP associations info,
> * Daemon is up, but we need to allow runtime configuration for different NTP servers, along with “prefer” and “version” setting for that NTP server. Can we update the Daemon to pick up this new configuration or do we have to write to the .conf file and then restart the daemon ?
I believe these are all best done with the same options to ntpq you would have
used under NTP Classic.
> * Daemon is up, the user would provide the key-number and md5 clientpassword. We want to use this configuration for the specific server instead of using autokey. Can a restart of the Daemon be avoided when setting authentication with the ntp client.
I don't know. I have zero experience setting up authentication. Hal Murray
might be able to give you a better answer.
> * Based on the online material in your website, I have a few questions about the NTPsec support
> * Does the Daemon support configuring of Broadcast, Multicast or Manycasting clients.
> * Does the Daemon support Ipv6 Configuration ? If so does Daemon support mixed Ipv4 and Ipv6 NTP server configuration ?
All these are fully supported (as they are in NTP Classic).
--
<a href="http://www.catb.org/~esr/">Eric S. Raymond</a>
More information about the devel
mailing list