manualshive.com logo in svg

hopf 4985LAN, Technical Manual, Page: 57 / 84

Share
Download
hopf 4985LAN Technical Manual Download Page 57

 

HTTP

 

W

EB

GUI

 

 

W

EB 

B

ROWSER 

C

ONFIGURATION 

I

NTERFACE

 

 

 

 4985LAN Large Matrix Display 4985 - V08.00 

57 / 84 

hopf 

Elektronik GmbH   

Nottebohmstr. 41 

• D-58511 Lüdenscheid • Tel.: +49 (0)2351 9386-86 • Fax: +49 (0)2351 9386-93 • Internet: http://www.hopf.com • E-Mail: [email protected] 

5.3.4.8  Symmetric Key 

 

5.3.4.8.1 Why Authentication? 

Most NTP users do not require authentication as the protocol contains several filters (for bad 
time).  

Despite this, however, the use of authentication is common. There are certain reasons for this: 

 

Time should only be used from safe sources 

 

An attacker broadcasts false time signals 

 

An attacker poses as another time server 

 

5.3.4.8.2 How is Authentication used in the NTP Service? 

Client and server can execute an authentication whereby a code word is used on the client 
side and a restriction on the server side. 

NTP  uses  keys  to  implement  the  authentication.  These  keys  are  used  when  data  are 
exchanged between two machines. 

In  principle  both  sides  must  know  this  key.  The  key  can  generally  be  found  in  the 
"*.*/etc/ntp.keys" directory. It is unencrypted and hidden from public view. This means that the 
key  has  to  be  distributed  on  a  safe  route  to  all  communication  partners.  The  key  can  be 
downloaded for distribution under "Downloads / Configuration Files" on the DEVICE tab. It is 
necessary to be logged in as "Master" in order to access this. 

The keyword of a client’s ntp.conf determines the key that is used to communicate with the 
designated server (e.g. the 

hopf 

NTP Time Server 8030NTS/GPS). The key must be reliable 

if time is to be synchronised. Authentication causes a delay. This delay is automatically taken 
into account and adjusted in the current versions. 

5.3.4.8.3 How is a key created? 

A key is a sequence of up to 31 ASCII characters. Some characters with special significance 
cannot be used (alphanumeric characters and the following symbols can be used:

[ ] ( ) * - _ ! 

$ % & / = ?

).  

A new line can be inserted by pressing the   

ADD

  key. The key which is stored in the key file 

is entered on this line. The key ID is used to identify the key and is in the range from 1 

– 65534. 

This means that 65534 different keys can be defined.  

 

 

Summary of Contents for 4985LAN

Page 1: ...l Large Matrix Display 4985 with integrated LAN Interface Model 4985LAN ENGLISH Version 08 00 15 10 2018 _____________________________________________________________ Valid for Devices 4985LAN with FI...

Page 2: ...4985LAN Large Matrix Display 4985 V08 00 2 84 hopf Elektronik GmbH Nottebohmstr 41 D 58511 L denscheid Tel 49 0 2351 9386 86 Fax 49 0 2351 9386 93 Internet http www hopf com E Mail info hopf com...

Page 3: ...THEY INDICATE THE FUNCTIONAL CORRELATION BETWEEN DEVICE AND TECHNICAL MANUAL THE DIGITS AFTER THE POINT IN THE VERSION NUMBER INDICATE CORRECTIONS IN THE FIRMWARE MANUAL THAT ARE OF NO SIGNIFICANCE F...

Page 4: ...the voltage supply indicated on the identification label The device should only be operated by qualified staff or employees who have received specific instruction If a device must be opened for repai...

Page 5: ...atrix Display 18 3 1 Connection Failure 18 3 2 System and Grid Time 18 3 2 1 System and Grid Time small 42mm 18 3 2 2 Grid and System Time 42mm 18 3 2 3 System Time large 84mm 18 3 2 4 Grid Time large...

Page 6: ...ximum Transmission Unit MTU 37 5 3 3 2 8 IPv6 37 5 3 3 2 9 DHCP IPv6 37 5 3 3 2 10 IPv6 Address 37 5 3 3 2 11 IPv6 Subnet Prefix Length 37 5 3 3 2 12 VLAN Activation Key necessary 38 5 3 3 3 Routing A...

Page 7: ...te SSL Server Certificate 66 5 3 6 7 Customized Security Banner 67 5 3 6 8 Product Activation 68 5 3 6 9 Diagnostics Function 69 5 3 6 10 Passwords Master Device 69 5 3 6 11 Downloading SNMP MIB Confi...

Page 8: ...OF CONTENTS 4985LAN Large Matrix Display 4985 V08 00 8 84 hopf Elektronik GmbH Nottebohmstr 41 D 58511 L denscheid Tel 49 0 2351 9386 86 Fax 49 0 2351 9386 93 Internet http www hopf com E Mail info ho...

Page 9: ...or one line of 84 mm alphanumeric characters can be displayed on this matrix Time and date can be displayed in different formats 1 1 Function Principle 1 2 Housing The large display is set up in a bl...

Page 10: ...ng and Closing of Housing For installation of the display the right side panel of the housing needs to be removed The right side panel is fixed into the housing by spring locks Opening of housing a Pu...

Page 11: ...ackets of the side panel in the appropriate guiding rails of the housing at the top and bottom ATTENTION DO NO JAM c When snapping the side panel into the housing pay attention to the fact that the fr...

Page 12: ...nings available Backside Housing After connection the cables should be fixed with the according strain relief into the housing Installation and commissioning may only be carried out by suitable specia...

Page 13: ...to setup the board 4985 and can be found on the hopf CD or in our download area http www hopf com hmc_en html Please look at the description of the hmc remote software for the minimum system requirem...

Page 14: ...ribed in Chapter 5 3 3 5 Management Management Protocols HTTP SNMP SNMP Traps etc Subsequently make a request about the device name and the firmware of the large matrix display via these settings Afte...

Page 15: ...Time and Date This page is necessary for adjusting and displaying the time zone summer and winter time points of time changeovers and the current time To enable a correct functionality it is necessar...

Page 16: ...opf com 2 2 3 System On this page you can adjust which information of the large matrix display should be outputted Furthermore you can configure the synchronization behaviour of the large matrix displ...

Page 17: ...onik GmbH Nottebohmstr 41 D 58511 L denscheid Tel 49 0 2351 9386 86 Fax 49 0 2351 9386 93 Internet http www hopf com E Mail info hopf com 2 2 5 Outputs This page enables to configure the output interf...

Page 18: ...stem Tab Timeout for F string activated 5 seconds after F string failure the message CONNECTION LOST appears Timeout for F string disabled The last indicated display is permanently shown 3 2 System an...

Page 19: ...low 99 999 is displayed 3 4 Frequency Difference Frequency 3 4 1 Frequency Difference Frequency 42mm 1st line f1 frequency with 2 pre and 3 post comma digits Hz 2nd line df difference frequency with 2...

Page 20: ...s configured in the card to regulate the internal clock 4 2 1 NTP Adjustment Process NTP Stratum Accuracy NTP is a regulation process After starting the NTP services automatically processed during boo...

Page 21: ...off during the update and the network connection to the device not be interrupted All programs of a SET need to be uploaded to ensure a defined operation condition The program releases assigned to a...

Page 22: ...I the successful update is indicated after 2 3 minutes with the request to release a reboot of the board 8 After activation and successful reboot of the board the image update process is finished H8 F...

Page 23: ...under the menu item Product Activation Please find an overview of the above mentioned functions here Static Routing Tables This function is suitable for configuring static routes based on special net...

Page 24: ...lorer in the sub network of Large Scale Display 4985LAN 5 1 2 Configuration Steps Create the connection to the Large Scale Display with a web browser Login as a master user default password master is...

Page 25: ...ser if it has been set up correctly Enter the IP address as set up in the Large Scale Display earlier or the DNS name on the address line http xxx xxx xxx xxx and the following screen should appear Wh...

Page 26: ...ice user default password on delivery device Differentiation is made between upper and lower case characters in the password Alphanumeric characters and the following symbols can be used _ The passwor...

Page 27: ...r password Diagnostics Download configuration files 5 2 2 Navigation via the Web Interface The WebGUI is divided into functional tabs Click on one of these tabs to navigate through the board The selec...

Page 28: ...system off After an entry with Apply is made the configured field is marked with a star This means that a value has been entered or changed but not yet been stored in the flash memory Meaning of the...

Page 29: ...ronization state of the Module 8029NTC furthermore a Login is possible enter username and password which is necessary to configure the Module 8029NTC and the Large Matrix Display 4985 via WebGUI Login...

Page 30: ...ault the accuracy must be at least HIGH so that the module supplies time information for synchronization This value can be set by the user if required Announcements LEAP SECOND announcement for insert...

Page 31: ...e Offset from UTC to the local standard time winter time The difference time to be entered always relates to the local standard time winter time even though the commissioning or rather the input of th...

Page 32: ...f the year the changeover times for summer winter time are automatically recalculated without any user intervention DST Activation enabled disabled Changeover times for summer winter time DST Begin Ch...

Page 33: ...h the new network parameters again and to save the data with Save permanently 5 3 3 1 Host Name Service Setting for the unique network identification 5 3 3 1 1 Hostname The standard setting for the Ho...

Page 34: ...erver if not known If no DNS server is available special case enter 0 0 0 0 in the input field or leave the field blank 5 3 3 1 4 Use Manual Gateway Entries With this setting you can select if the man...

Page 35: ...http www hopf com E Mail info hopf com 5 3 3 2 Network Interface ETH0 Configuration of the Ethernet interface ETH0 of the Time Client 8029NTC 5 3 3 2 1 Default Hardware Address MAC The factory default...

Page 36: ...imal form with a colon to separate as described in the below example e g 00 03 c7 55 55 02 The MAC address assigned by hopf can be activated at any time by disabling this function There are no MAC mul...

Page 37: ...an IPv6 network To enable IPv6 Use IPv6 Settings must be set to enable IPv6 addresses are 128 bits long and they are recorded in eight 4 character hexadecimal blocks For example 2001 0db8 0000 08d3 13...

Page 38: ...lated VLAN ID This method is called VLAN Tagging The network application at the other end of the line e g network switch router etc can allocate the data packet to the correct VLAN by checking the mar...

Page 39: ...he local sub network range of the module in order to use the static routes The parameterization of this feature is a critical process as an incorrect configuration may lead to considerable problems on...

Page 40: ...ing File Syntax Each line of the routing file must be either a valid routing line or a comment line A comment line starts with a hash sign and can contain any text behind it A routing line has the for...

Page 41: ...led for security reasons A correctly configured module is always accessible via the web interface Changes to the availability of a protocol enable disable take effect immediately For SNMP functionalit...

Page 42: ...Display 4985 V08 00 42 84 hopf Elektronik GmbH Nottebohmstr 41 D 58511 L denscheid Tel 49 0 2351 9386 86 Fax 49 0 2351 9386 93 Internet http www hopf com E Mail info hopf com WebGUI with Alarming act...

Page 43: ...MP Read Only Community and SNMP Read Write Community must remain empty SNMPv2c SNMPv2c enabled SNMPv2c disabled Read Only Community set e g public empty Read Write Community set e g secret empty In or...

Page 44: ...play 4985 Display Mode With this drop down menu you can adjust which data should be outputted by the large matrix display 4985 NTP Time display on two sections System Time Grid Time Grid Time Differen...

Page 45: ...frequency data function Afterwards detected 7274RC boards can be chosen via three drop down menus In the drop down menus you can select priority levels 1 to 3 whereby 1 means highest priority If you...

Page 46: ...urs until long term accuracy is obtained normally 5 10 minutes During this time the NTP algorithm adjusts the internal accuracy parameters After all changes relating to NTP a restart of the NTP servic...

Page 47: ...s The Peers summary is used to track the performance of the configured NTP server driver and the NTP algorithm itself The information displayed is identical with the information available via NTPQ or...

Page 48: ...or Network Time Client 8029NTC Care should be taken to ensure that the correct broadcast address is used for the sub network usually xxx xxx xxx 255 e g 192 168 1 255 If the broadcast address is not k...

Page 49: ...Y in the security settings of the NTP tab A key must be defined if the Symmetric Key is selected 5 3 4 5 Extended Configuration The synchronisation behaviour of Module 8029NTC can be adjusted followin...

Page 50: ...29NTC should be synchronized on a more inaccurate NTP server the threshold accuracy value for lambda can be adjusted by this function The actually calculated lambda value is shown in the General tab T...

Page 51: ...3 4 5 1 Definition Accuracy Low Medium High Calculation LAMBDA root delay 2 Rootdispersion 1000 LOW LAMBDA Accuracy value or No system peer available or Stratum 16 or Internal NTP clock not sync or C...

Page 52: ...ently reachable stability and accuracy are lost due to this restart After a restart of the NTP service it takes a few minutes until the NTP service on Module 8029NTC is adjusted on an available NTP Se...

Page 53: ...he configuration the points 5 3 4 7 1 to 5 3 4 7 4 must be checked by the user 5 3 4 7 1 NAT or Firewall Are incoming connections to the NTP Service blocked by NAT or a Stateful Inspection Firewall No...

Page 54: ...r 5 3 4 7 6 Access Control Options kod notrap nopeer noquery Yes In this case select from the following standard restrictions See Chapter 5 3 4 7 6 Access Control Options kod notrap nopeer If a standa...

Page 55: ...in the form of restriction lines An unrestricted access of the Time Client 8029NTC to its own NTP service is always allowed irrespective of whether standard restrictions are ignored or not This is ne...

Page 56: ...uld be ignored it should be noted that this is a change from ntp 4 1 x The notrust option MUST NOT be used unless NTP Crypto e g symmetric key or Autokey has been correctly configured on both sides of...

Page 57: ...st know this key The key can generally be found in the etc ntp keys directory It is unencrypted and hidden from public view This means that the key has to be distributed on a safe route to all communi...

Page 58: ...es out the same calculation and compares the results Authentication has been successful if the results agree 5 3 4 9 Autokey Public Key Cryptography NTPv4 offers a new Autokey scheme based on public k...

Page 59: ...ux Unix Syslog If everything is configured correctly and enabled dependent on the Syslog level every message is transmitted to the Syslog server and stored in the Syslog file there Syslog uses Port 51...

Page 60: ...E mail addresses which each have different alarm levels Dependent on the configured level an E mail is sent after an error has occurred on the respective receiver A valid E mail server SMTP server mus...

Page 61: ...e based on UDP and therefore it is not certain that they will reach the configured host Several hosts can be configured However all have the same alarm level The private hopf enterprise MIB is also av...

Page 62: ...ail info hopf com 5 3 5 4 Alarm Messages Every message shown in the image can be configured with the displayed alarm levels If level NONE is selected this means that this message is completely ignored...

Page 63: ...oftware firmware Password administration and the update services for the module are also made accessible via this website The complete download zone is also a component of this site 5 3 6 1 Device Inf...

Page 64: ...User By pressing Reset now factory default values are set There is NO chance to restore the deleted configuration once this process is triggered After a Factory Default a complete verification and a...

Page 65: ...Check that the update on hand is suitable for your Board If in doubt please consult the support of the hopf company In order to guarantee a correct update the New version of saved site function must b...

Page 66: ...re successful A success page is displayed and shows the number of bytes that have been transferred and installed A restart of the Board with the new Firmware is done automatically after the H8 Firmwar...

Page 67: ...formatted text as well as in HTML format There are 2000 characters available to write failsafe into the device When saving the text only the following characters are accepted all other characters are...

Page 68: ...needs to be provided The serial number can be found under the tab DEVICE Device info serial number 8029 The settings for activation keys e g an entered activation key are neither deleted nor restored...

Page 69: ...the output is processed as SYSLOG message This function should only be used enabled in case a problem arises and after consulting the hopf support 5 3 6 10 Passwords Master Device Differentiation is m...

Page 70: ...id Tel 49 0 2351 9386 86 Fax 49 0 2351 9386 93 Internet http www hopf com E Mail info hopf com 5 3 6 11 Downloading SNMP MIB Configuration Files The private hopf enterprise MIB is available via the We...

Page 71: ...It is just as easy to use SSH Port 22 or Telnet Port 23 as the WebGUI Both protocols use the same user interface and menu structure The user names and passwords are the same as on the WebGUI and are k...

Page 72: ...output RS422 hardware Temperature range Operating 0 to 55 C Storage 20 to 75 C Readability in 2 lines each with 42mm high characters 20m in 1 line each with 84mm high characters 40m Humidity Max 95 no...

Page 73: ...IPv6 Adresse Blank Network Interface ETH0 Setting WebGUI Use Custom Hardware Address MAC Disabled Disabled Custom Hardware Address MAC Blank DHCP Disabled Disabled IPv4 192 168 0 1 192 168 0 1 IPv4 Ne...

Page 74: ...g WebGUI Request Key Blank Control Key Blank Symmetric Keys Blank NTP Autokey Setting WebGUI Autokey Disabled Disabled Password Blank 8 3 ALARM Syslog Configuration Setting WebGUI Syslog Disabled Disa...

Page 75: ...imum error of the local clock relative to the reference clock Jitter The estimated time error of the system clock measured as the average exponential value of the time offset 9 2 Tally Codes NTP speci...

Page 76: ...local daylight and sunlight coincide at different times in the individual time zones The zero meridian runs through the British city of Greenwich Time Offset This is the difference between UTC and the...

Page 77: ...N Local Area Network LED Light Emitting Diode NTP Network Time Protocol NE Network Element OEM Original Equipment Manufacturer OS Operating System RFC Request for Comments SNMP Simple Network Manageme...

Page 78: ...et based communication networks Although it is processed mainly over UDP it can also be transported by other layer 4 protocols such as TCP It was specially developed to facilitate reliable timing via...

Page 79: ...to represent the hierarchical structure of the data of any SNMP agent and to request data from them In addition to the MIB s defined in the RFC s every software and hardware manufacturer can define hi...

Page 80: ...ly as long as the return path The NTP algorithm can only filter out changes on a statistical basis The use of several servers makes it possible for the combining algorithm to pick up and filter out an...

Page 81: ...rotocol NTP NTP v2 RFC 1119 NTP v3 RFC 1305 NTP v4 no RFC Symmetric Key and Autokey Authentication Simple Network Time Protocol SNTP SNTP v3 RFC 1769 SNTP v4 RFC 2030 Time Protocol TIME Time Protocol...

Page 82: ...stable 3 clause BSD no libopenssl 1 0 2n Dual http www openssl org source license html no libpcap 1 8 1 BSD no libzlib 1 2 11 Copyright C 1995 2017 Jean loup Gailly and Mark Adler This software is pro...

Page 83: ...LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OU...

Page 84: ...s of source code in whole or in part must retain the above copyright notice definition disclaimer and this list of conditions 2 Redistributions in binary form compiled executables and libraries must r...

Reviews:

No comments