Skip to content

Commit

Permalink
Update Configuration reference
Browse files Browse the repository at this point in the history 
Signed-off-by: Yevhen Fastiuk <yfastiuk@nvidia.com>
  • Loading branch information
@fastiuk
fastiuk committed Jul 4, 2023
1 parent ee6ee4d commit 2cbcae9
Showing 1 changed file with 124 additions and 6 deletions.
130 changes: 124 additions & 6 deletions src/sonic-yang-models/doc/Configuration.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1474,6 +1474,35 @@ These configuration options are used to modify the way that
ntp binds to the ports on the switch and which port it uses to
make ntp update requests from.

***NTP Admin state***

If this option is set to `enabled` then ntp client will try to sync system time with configured NTP servers.
Otherwise, NTP client feature will be disabled.
```
{
"NTP": {
"global": {
"admin_state": "enabled"
}
}
}
```

***NTP Server role***

This option is used to control NTP server state on the switch.
If this option is set to `enabled` switch will act as NTP server.
By default `server_role` is `disabled`.
```
{
"NTP": {
"global": {
"server_role": "enabled"
}
}
}
```

***NTP VRF***

If this option is set to `default` then ntp will run within the default vrf
Expand Down Expand Up @@ -1511,6 +1540,36 @@ for that address.
}
```

***NTP Authentication***

If this option is set to `enabled` then ntp will try to verify NTP servers it connects to.
This option **has no effect** if key is not set for NTP server.
By default it is `disabled`
```
{
"NTP": {
"global": {
"authentication": "enabled"
}
}
}
```

***NTP DHCP leases***

If this option is set to `enabled` then ntp client will try to use NTP servers provided by DHCP server.
If this option is set to `disabled` you will be able to use the user-configured NTP servers.
By default it is `enabled`
```
{
"NTP": {
"global": {
"dhcp": "enabled"
}
}
}
```

### NTP and SYSLOG servers

These information are configured in individual tables. Domain name or IP
Expand All @@ -1521,18 +1580,77 @@ attributes in those objects.
```
{
"NTP_SERVER": {
"2.debian.pool.ntp.org": {},
"1.debian.pool.ntp.org": {},
"3.debian.pool.ntp.org": {},
"0.debian.pool.ntp.org": {}
"2.debian.pool.ntp.org": {
"association_type": "pool",
"iburst": "on",
"admin_state": "enabled",
"version": 4
},
"1.debian.pool.ntp.org": {
"association_type": "pool",
"iburst": "off",
"admin_state": "enabled",
"version": 3
},
"3.debian.pool.ntp.org": {
"association_type": "pool",
"iburst": "on",
"admin_state": "disabled",
"version": 4
},
"0.debian.pool.ntp.org": {
"association_type": "pool",
"iburst": "off",
"admin_state": "disabled",
"version": 3
}
},
"NTP_SERVER": {
"23.92.29.245": {},
"204.2.134.164": {}
"23.92.29.245": {
"association_type": "server",
"iburst": "on",
"admin_state": "enabled",
"version": 4,
"key": 3,
"trusted": "yes"
},
"204.2.134.164": {
"association_type": "server",
"iburst": "on",
"admin_state": "enabled",
"version": 3
}
}
}
```
* `association_type` - is used to control the type of the server. It can be `server` or `pool`.
* `iburst` - agressive server polling `{on, off}`.
* `version` - NTP protool version to use `[3..4]`.
* `key` - authentication key id `[1..65535]` to use to auth the server.
* `admin_state` - enable or disable specific server.
* `trusted` - trust this server when auth is enabled.

***NTP keys***
```
{
"NTP_KEY": {
"1": {
"type": "md5",
"value": "bXlwYXNzd29yZA==",
"trusted": "yes"
},
"42": {
"type": "sha1",
"value": "dGhlYW5zd2Vy",
"trusted": "no"
}
}
}
```
* `type` - key type to use `{md5, sha1, sha256, sha384, sha512}`.
* `value` - base64 encoded key value.
* `trusted` - trust this NTP key `{yes, no}`.

***Syslog server***
```
Expand Down

0 comments on commit 2cbcae9

Please sign in to comment.