manualshive.com logo in svg

TrueTime IRIG NTS-100, Руководство пользователя


Поделиться
Скачать
background image

1/20/97

N

N

T

T

S

S

-

-

2

2

0

0

1

1

.

.

M

M

A

A

N

N

6

6

-

-

1

1

R

R

e

e

v

v

.

.

 

 

A

A

SECTION VI

6. 

MD5 AUTHENTICATION PROTOCOL

6.1 MD5 

INTRODUCTION

6.1.1 

MD5 is a security protocol that can be used to authenticate NTP client - server
communications.  TrueTime’s version of MD5 is completely compatible with current
versions of NTP client software xntpd 3.XX and ntpdate 3.XX furnished by Dr. David Mills
at the University of Delaware.  MD5 was drafted into a standard by MIT Laboratory for
Computer Science and RSA Data Security, Inc.  MD5 authentication means the
information within the NTP packet is guaranteed to be unaltered and from a user having
privileged access.  Unlike other cryptographic ciphers, MD5 does not hide the data within
the packet.  The MD5 authenticated NTP packet is still readable.  This means MD5 is
faster to generate than other cryptographic protocols, and as Dr. Mills notes, there is no
reason to hide the actual time from anyone.  Further, MD5 does not suffer from any
export restrictions.  Think of MD5 as a very sophisticated NTP data checksum that is
extremely difficult to reverse generate.

6.1.2 

The MD5 cryptographic key identifier and cryptographic message digest are tacked on to
the end of a normal NTP packet and the two pieces of information are referred together
as an MD5 signature.  The key identifier is the first field in the signature and it is a 32 bit
integer in the range from 1 to 4294967295 (0xFFFFFFFF).  Note:  Zero is an illegal
value, and for TrueTime setup purposes, 0 internally means the key identification is
unused.  This number specifies an index into a table of many possible MD5 keys.  A key
is an ASCII alpha/numeric character string that is from 1 to 31 characters in length.  The
key is most secure when all 31 characters are filled with numbers and letters chosen at
random.  The ASCII key string is combined with the NTP packet data and results in a
secure message digest.  The MD5 message digest is 16 bytes in length and it follows the
key identifier in the signature.  A server authenticates the NTP packet from a client by
looking up the key by reference to the key identifier; generates the MD5 message digest
based on the key and the NTP data; and compares the resulting message digest to the
client packet’s MD5 message digest.  If the two compare, a NTP reply packet is
generated with a new MD5 signature.  If the MD5 message digests do not agree, then
the NTP client packet is ignored by the TrueTime server.

6.1.3 

For more technical information on MD5 see the MD5 RFC 1321, NTP RFC 1305, and the
release notes for NTP client software furnished by Dr. David Mills’ web site located at the
University of Delaware at http://www.eecis.udel.edu/~ntp, or http://www
.eecis.udel.edu/~ntp/software.html.

6.2 

TRUETIME NTP MD5 OPERATION

6.2.1 

A TrueTime NTP time server can handle both unauthenticated and MD5 authenticated
packets at the same time.  A packet is assumed to be MD5 authenticated if the total UDP
data size of the packet is equal to the size of a normal NTP packet plus the exact size of
an MD5 signature.  A normal unauthenticated NTP packet is one that has no extra bytes
beyond the last NTP timestamp.  The procedure used is functionally the one followed by
Dr. David Mills’ NTP software.  Packets without authentication are returned without
signatures and packets with authentication are returned with authentication signature

Содержание IRIG NTS-100

Страница 1: ...Network Time Server IRIG NTS 100 600 201 SERIAL NUMBER_______________ Revision A January 20 1997...

Страница 2: ...etailed in Section 3 Ethernet Address ____________________________________ IP Address ____________________________________ Subnet Mask ____________________________________ Default Gateway ____________...

Страница 3: ...ace 1 5 User RS 232 Serial I O Interface 1 5 LED Status Indicator 1 6 Optional Time Frequency Output Signals 1 6 IRIG B Time Code 1 6 1 PPS 1 6 10 MHz 1 6 Alarm Output 1 7 SECTION II 2 7 INSTALLATION...

Страница 4: ...TRY REQUEST 3 16 3 32 FUNCTION 05 TIME QUALITY ENABLE SETUP 3 17 3 33 FUNCTION 08 CONTINUOUS TIME ONCE PER SECOND ENABLE 3 17 3 34 FUNCTION 09 TIME ON REQUEST ENABLE 3 18 3 35 FUNCTION 11 TIME OUTPUT...

Страница 5: ...7 ntpSysHostMode 7 8 ntpSysStratum OBJECT TYPE 7 8 ntpSysPoll OBJECT TYPE 7 8 ntpSysPrecision OBJECT TYPE 7 9 ntpSysRootDelay OBJECT TYPE 7 9 ntpSysRootDisp OBJECT TYPE 7 9 ntpSysRefClockIdent OBJECT...

Страница 6: ...7 17 actsBadReply OBJECT TYPE 7 17 actsNoOnTimeMark OBJECT TYPE 7 17 APPENDIX A NTP v 3 0 DATA FORMAT per RFC1305 A 1 NTP DATA PACKET A 2 SNTP V 3 0 DATA FORMAT PER RFC1361 APPENDIX B TIME PROTOCOL pe...

Страница 7: ...ncy outputs whose accuracy s are commensurate with the synchronization source being input to the NTS 100 These optional outputs include 1PPS IRIG B and 10MPPS 1 2 LIMITED WARRANTY 1 2 1 Each new produ...

Страница 8: ...ct to products of similar description 1 3 LIMITATION OF LIABILITY 1 3 1 By purchasing any product from TrueTime the Buyer consents to and agrees that the Buyer s sole and exclusive remedy for any dama...

Страница 9: ...e input synchronization source The relative synchronization characteristics given here reflect the capabilities of the NTS 100 to preserve the time and frequency characteristics of the synchronization...

Страница 10: ...ned specifically to implement the NTP server function As such it was carefully designed to operate with the TrueTime Mark III real time operating system to minimize the unknown latencies in timestampi...

Страница 11: ...DI 6 GND 7 NC 8 GND 9 CI 10 DO 11 GND 12 DI 13 12V 14 GND 15 NC User RS 232 Serial I O Interface Data Time day of year through milliseconds in ASCII characters output once per second or on request Al...

Страница 12: ...correspond with the Open Collector Alarm Output high impedance or Alarm state The Blinking Green condition corresponds with the Open Collector Alarm Output low impedance or Normal state Optional Time...

Страница 13: ...il in Section 5 of this manual The network connection is made via the AUI connector and any required Media Access Unit MAU Once these connections have been made turn on the unit and follow the instruc...

Страница 14: ...tion When the synchronization option is GPS allow at least five minutes for the NTS 100 to acquire lock Once locked the character will change to a space character the Open Collector Alarm Output will...

Страница 15: ...option requires no operator input to maintain accurate UTC time and automatically handles leap second events 3 1 5 The final and most accurate option is to synchronize the NTS 100 module to the USNO b...

Страница 16: ...n the NTS 100 IRIG NTS 100 ACTS or NTS 100 1PPS All functions may be accessed via the front panel keypad and viewed on a front panel alphanumeric display or accessed via the Serial I O interface and v...

Страница 17: ...nput source See Section 5 of this manual for a detailed description of the status display for the synchronization input option in your unit 3 10 2 Additionally PRESSING THE STATUS BUTTON WILL ABORT AN...

Страница 18: ...cursor beneath the character that you wish to edit Use the up or down arrow keys to scroll through the possible choices for that character 3 13 SELECTING FUNCTIONS AND ENTERING DATA 3 13 1 The variou...

Страница 19: ...a function by pressing the TIME or STATUS button 3 16 FUNCTION 01 TIME ZONE SELECT 3 16 1 Use function 01 to enter your time zone offset The initial out of the box default is 00 00 UTC The default up...

Страница 20: ...ess the up or down arrow keys to toggle between 24 and 12 When the display shows the desired format press FUNC ENTR to enter your choice 3 18 FUNCTION 03 DATE AND TIME ENTRY 3 18 1 Use function 03 to...

Страница 21: ...vance to the next digit automatically Press FUNC ENTR to enter the data Only valid dates may be entered 3 19 FUNCTION 04 SERIAL I O SETUP 3 19 1 Use function 04 to configure the Serial I O port The in...

Страница 22: ...w keys to position the cursor beneath the digit that you wish to change Press the up or down arrow keys to scroll through the possible digit choices Alternately directly enter the numbers using the ke...

Страница 23: ...UNC ENTR then 0 6 The display will show Keypad Lock or Keypad Lock on off 3 21 3 Press up or down arrow keys to toggle between on and off When the display shows the desired choice press FUNC ENTR Afte...

Страница 24: ...Address 3 24 3 Use the up and down keys to scroll among the major selections for function 36 Display Ethernet Address Clock Type Display Setup Clock Accuracy Display Setup Network Type Display Setup D...

Страница 25: ...view and or change the Default Gateway of the NTS 100 unit The format of the Default Gateway display is shown here Default Gateway 255 054 000 033 Example 3 24 11 The Left and Right arrow keys move t...

Страница 26: ...ices When the display shows the desired choice press FUNC ENTR to enter your choice 3 25 4 The display and all other time outputs indicate UTC without any DST adjustment if a time zone offset of 00 00...

Страница 27: ...the first Sunday in April and the exit time will default to 2 00 a m on the last Sunday of October 3 25 7 The sequence of the count upon entry into DST is 01 59 58 01 59 59 03 00 00 03 00 01 assuming...

Страница 28: ...igured as a DTE interface and will require a null modem for operation with a terminal or computer The default factory settings for the Serial I O port are Baud Rate 9600 Parity Even Data Bits 7 Stop B...

Страница 29: ...string with the following format Sample entry F01 8 00 CR Response OK CR LF Sample Request F01 CR Response 8 00 CR LF 3 30 FUNCTION 02 12 24 HOUR FORMAT ENTRY REQUEST 3 30 1 Use Serial I O function F0...

Страница 30: ...line terminator either a carriage return and line feed for output strings or a carriage return only for input strings Sample request F03 CR Response F03 UTC 01 07 91 02 48 29 CR LF Sample entry F03 LO...

Страница 31: ...tab STATE ON or OFF FLAG one error threshold in nanoseconds 1 to 11 digits with or without leading zeros LT line terminator either a carriage return and line feed for output strings or a carriage retu...

Страница 32: ...equal to threshold 4 3 33 2 Refer to serial I O function 13 WORST CASE TIME ERROR REQUEST The carriage return character CR start bit begins on the second 0 to 1 bit time or 1 ms which ever is larger...

Страница 33: ...fore power down To request the return of the present format send F11 CR to the Serial I O port The string returned will contain X s in the positions that are omitted in the time output string 3 35 3 W...

Страница 34: ...F11 SEP is one character only either a space comma or tab Any character other than an upper case X in a numeric position will not affect the output of that position The colons or decimal point however...

Страница 35: ...SOH DDD HH MM SSQ CR LF F09 string output SOH DDD HH MM SS mmmQ CR LF 3 36 FUNCTION 13 WORST CASE TIME ERROR REQUEST 3 36 1 Use Serial I O Function F13 to request the estimated worst case time error...

Страница 36: ...ing the network related fields of the configuration will cause a reset of the NTS 100 module Ethernet Address 3 38 2 The ethernet address is a six byte hexadecimal value specific to each NTS 100 modul...

Страница 37: ...ult Gateway 3 38 9 To obtain the default gateway of the NTS 100 module send the string F36 G CR 3 38 10 The unit will respond with F36 G nnn nnn nnn nnn CR LF 3 38 11 To set the default gateway and re...

Страница 38: ...54 0 21 SM 255 255 255 240 G 206 54 0 17 N E CR 3 38 20 This example provides the NTS 100 card with an IP address Subnet Mask Default Gateway and Network Type Note that leading zeros may be omitted w...

Страница 39: ...tting and operator attempts to set it will be ignored 3 39 FUNCTION 66 DAYLIGHT SAVINGS ENABLE 3 39 1 Use Serial I O Function F66 to enable or disable or set the entry or exit times for DST The initia...

Страница 40: ...IN DAY day of week to enter DST 1 through 7 where Sunday is 1 IN MONTH month to enter DST 1 through 12 where 1 is January OUT HOUR hour to exit DST in 24 hour format OUT WEEK which week to exit DST 1...

Страница 41: ...0 module will return F67 06 30 96 1 CR LF 3 40 3 This response indicates a leap second addition during the last minute of June 30 1996 If there is no leap second pending the module will return F67 non...

Страница 42: ...1 20 97 N NT TS S 2 20 01 1 M MA AN N 4 4 1 1 R Re ev v A A 4 SECTION IV NOT USED...

Страница 43: ...imate time then press FUNC ENTR 5 1 6 Using Serial I O F03 in this manner does not affect the time Only after the date has been entered will the NTS 100 indicate a lock to the incoming IRIG B time cod...

Страница 44: ...ecify the accuracy of the clock which is being used to generate the IRIG B code Refer to Section 3 Function F36 and Appendix A for more detail on the setting of this parameter 5 1 10 In addition if th...

Страница 45: ...1 20 97 N NT TS S 2 20 01 1 M MA AN N 5 5 3 3 R Re ev v A A 5 1 15 To set the IRIG Lock Quality send a string of the form F36 IQ setting CR LF 5 1 16 F36 IQ None CR LF Example...

Страница 46: ...ble of many possible MD5 keys A key is an ASCII alpha numeric character string that is from 1 to 31 characters in length The key is most secure when all 31 characters are filled with numbers and lette...

Страница 47: ...l that time The Back one menu choice returns to the previous menu 6 3 3 Pressing the Modify MD5 keys menu takes you to the MD5 Edit Menu In this menu you may choose 1 Edit a Key 2 Add a Key 3 Delete a...

Страница 48: ...meric strings and the keypad interface does not allow easy entry of alpha characters You may add delete and view the MD5 keys using the serial interface 6 4 2 To view a particular NTP MD5 key type F36...

Страница 49: ...R Re ev v A A 6 4 8 To delete a NTP MD5 key type F36 MD x Where x is the key identification number ranging from 1 to 4294967295 The unit will respond with OK 6 4 9 To delete all NTP MD5 Keys type F36...

Страница 50: ...nition of SNMPv1 RFC 1213 definition of MIB II and RFC 1354 IP Forwarding table addition to MIB II All RFCs are published with approval by the Internet Activities Board and they are readily found on t...

Страница 51: ...he list of hosts that SNMP trap messages are sent to no matter what the state of Use Trusted IP flag is Use Trusted IP If this flag is set to yes then the Trusted IP Address table is used in addition...

Страница 52: ...is leads back to the main SNMP function window Save settings When SNMP Global Enable Traps is changed this becomes visible and answering yes immediately saves the change to TrueTime s SNMP Answering N...

Страница 53: ...gle through your settings options The left and right arrow keys move between digits and letters within an address or a string Note because the keypad has only numbers on the front panel the letters fo...

Страница 54: ...apMsg 1 trapMsgNtpAlarm OBJECT TYPE SYNTAX DisplayString SIZE 0 255 ACCESS read only STATUS mandatory 7 5 3 This is an ASCII string sent to UDP port 162 or user defined when the TrueTime time server s...

Страница 55: ...6 2 Total number of NTP packets delivered to the NTP application layer from the transport layer ntp 1 ntpOutPkts OBJECT TYPE SYNTAX Counter ACCESS read only STATUS mandatory 7 6 3 Total number of NTP...

Страница 56: ...ry synchronization is lost this value will slowly increase with time as the time server s oscillator flywheels away from true time Should ntpEstError be greater than ntpDesiredAcc the NTP alarm condit...

Страница 57: ...hat ranges from 1 to 255 indicating the stratum level of the local clock Note A primary time server sets outgoing NTP packets stratum field and ntpSysStratum to 1 ntp 9 ntpSysPoll OBJECT TYPE SYNTAX I...

Страница 58: ...n and skew Note A primary time server s outgoing NTP packet will have its root delay field set to ntpSysRootDelay ntp 12 ntpSysRootDisp OBJECT TYPE SYNTAX COUNTER 0 4294967295 ACCESS read only STATUS...

Страница 59: ...packet will have its reference identifier field set to ntpSysRefClockIdent ntp 14 7 7 THE NTSCONTROL GROUP PRELIMINARY 7 7 1 This group allows for complete control of TrueTime s products This group em...

Страница 60: ...eserver if it is connected to the Internet As a security precaution the timeserver can turn on off the remote configuration feature only through the keypad ntpControlInput OBJECT TYPE SYNTAX DisplaySt...

Страница 61: ...d only STATUS mandatory for GPS capable units 7 8 4 Current number of GPS satellites used in position and time fix calculations The number of satellites available depends on how long the time server h...

Страница 62: ...erence ellipsoid is a rotated ellipse that is centered on the Earth s center of mass The surface of the ellipsoid is not necessarily the same as sea level The ellipsoid surface may be as much as 100 m...

Страница 63: ...es gpsLatitude 90 2 31 1 latitude in degrees Note latitude varies from PI 2 to PI 2 in radians and 90 to 90 in degrees gps 8 7 9 ACTS GROUP VARIABLES 7 9 1 The ACTS group is present in all TrueTime ne...

Страница 64: ...ting for the ACTS modem The ACTS dial up service accepts 300 or 1200 baud Note this is a rare case where faster is not better and 300 baud yields the best time accuracy acts 2 actsFailRedial OBJECT TY...

Страница 65: ...S mandatory for ACTS capable units 7 9 8 Number of times the time server called the ACTS dial up service and successfully received the time acts 7 actsBadCalls OBJECT TYPE SYNTAX COUNTER 0 4294967295...

Страница 66: ...OBJECT TYPE SYNTAX COUNTER 0 4294967295 ACCESS read only STATUS mandatory for ACTS capable units 7 9 13 Time server s internal modem found ACTS line busy acts 12 actsNoAnswer OBJECT TYPE SYNTAX COUNTE...

Страница 67: ...1 20 97 N NT TS S 2 20 01 1 M MA AN N 7 7 1 18 8 R Re ev v A A 7 9 16 The reply from remote modem had no on time mark possibly due to line noise acts 15...

Страница 68: ...ear codes and their corresponding meanings are shown in the table below Bit 0 Bit 1 Meaning 0 0 Normal Operation 0 1 61 second last minute 1 0 59 second last minute 1 1 Clock not synchronized A 1 3 Th...

Страница 69: ...esolution of the NTS 100 which is 10 s So the precision byte is set to 16 which is equivalent to a precision of 15 26 s Synchronizing Distance Root Delay Version 3 A 1 9 The root delay is a signed 32...

Страница 70: ...was present Originate Timestamp A 1 13 The originate timestamp is a 64 bit timestamp format representing the time that the request left the client host Receive Timestamp A 1 14 The receive timestamp i...

Страница 71: ...to the time that the reply left the NTS 100 server host Receive Timestamp A 13S This filed is set to the time that the reply left the NTS 100 server host Transmit Timestamp A 15S This field is set to...

Страница 72: ...3 When used via UDP the TIME service works as follows Server Listen on port 37 45 octal Client Send an empty datagram to port 37 Server Send a datagram containing the UTC time as a 32 bit binary numb...

Страница 73: ...B is divided into three segments The first segment encodes time of year in binary coded decimal BCD notation The second segment encodes control functions This segment is generally available for data...

Страница 74: ...nt P5 70ms is a binary 1 when the worst case time error exceeds threshold 2 Element P5 80ms encodes a binary 1 when the error exceeds threshold 3 and P5 90ms when the error exceeds threshold 4 Figure...

Страница 75: ...1 20 97 N NT TS S 2 20 01 1 M MA AN N C C 1 1 R Re ev v A A APPENDIX D DETAILED DRAWINGS BILL OF MATERIALS...

Отзывы:

Нет отзывов

Похожие инструкции для IRIG NTS-100

IBM 5100 User Reference Manual preview
5100
Бренд: IBM Страницы: 214
NEC Univerge SV9100 System Maintenance Manual preview
Univerge SV9100
Бренд: NEC Страницы: 78
NEC UNIVERGE SL2100 Manual preview
UNIVERGE SL2100
Бренд: NEC Страницы: 34
NEC SV8500 Overview preview
SV8500
Бренд: NEC Страницы: 2
NEC SV8500 Operation And Maintenance Manual preview
SV8500
Бренд: NEC Страницы: 975
Qlogic iSR6200 Quick Start Manual preview
iSR6200
Бренд: Qlogic Страницы: 20
IBM HS21 XM BLADECENTER - L5408 FOR SPEC CPU2006 Supplementary Manual preview
HS21 XM BLADECENTER - L5408 FOR SPEC CPU2006
Бренд: IBM Страницы: 1
LaCie 301300U - Ethernet Disk NAS Server User Manual preview
301300U - Ethernet Disk NAS Server
Бренд: LaCie Страницы: 62
IBM eServer BladeCenter HS40 Type 8839 Installation And User Manual preview
eServer BladeCenter HS40 Type 8839
Бренд: IBM Страницы: 120
H3C UniServer R2700 G3 User Manual preview
UniServer R2700 G3
Бренд: H3C Страницы: 226
Belkin F1UP0002 Quick Installation Manual preview
F1UP0002
Бренд: Belkin Страницы: 2
MAXDATA PLATINUM 1500 IR M5 User Manual preview
PLATINUM 1500 IR M5
Бренд: MAXDATA Страницы: 44
HP ProLiant DL380 Gen10 Plus Disassembly Instructions Manual preview
ProLiant DL380 Gen10 Plus
Бренд: HP Страницы: 16
HP ProLiant DL365 Quickspecs preview
ProLiant DL365
Бренд: HP Страницы: 43
HP ProLiant DL385p Generation 8 Quickspecs preview
ProLiant DL385p Generation 8
Бренд: HP Страницы: 57
HP ProLiant DL380 Generation9 Quickspecs preview
ProLiant DL380 Generation9
Бренд: HP Страницы: 76
HP ProLiant DL360p Gen8 Datasheet preview
ProLiant DL360p Gen8
Бренд: HP Страницы: 4
HP ProLiant DL380 Generation 6 Specification preview
ProLiant DL380 Generation 6
Бренд: HP Страницы: 50

Бренды по названию

Популярные бренды

Загрузить еще бренды