Re: 1.0.1 and ntpsnmpd

[Jason Azze via devel]

On Thu, Mar 15, 2018 at 7:09 PM, Sanjeev Gupta  wrote:

> Jason, yes, that is the result of the bounty offer.
>
> I have not had a chance to play with it, but the offer included a
> requirement to upstream into cacti and provide a working example.
>

For reasons I can't explain yet, my Cacti server started collecting data
presented by ntpsnmpd at about 2030 UTC last night. I may have restarted a
service while flailing around before leaving the office.

To expand on Ian's answer to my question "How do I know I've got ntpsnmpd
working?", you should be able to get back data from snmp walking like this
(assuming you're using public as your community string because, like me,
you were too lazy to change it.):

:~ $ snmpwalk -v 2c -c public localhost .1.3.6.1.2.1.197.1.3.1.1.1
iso.3.6.1.2.1.197.1.3.1.1.1.1 = Gauge32: 13212
iso.3.6.1.2.1.197.1.3.1.1.1.2 = Gauge32: 13214
iso.3.6.1.2.1.197.1.3.1.1.1.3 = Gauge32: 13216
iso.3.6.1.2.1.197.1.3.1.1.1.4 = Gauge32: 13217
iso.3.6.1.2.1.197.1.3.1.1.1.5 = Gauge32: 13218
iso.3.6.1.2.1.197.1.3.1.1.1.6 = Gauge32: 13219
iso.3.6.1.2.1.197.1.3.1.1.1.7 = Gauge32: 13220
iso.3.6.1.2.1.197.1.3.1.1.1.8 = Gauge32: 13221
iso.3.6.1.2.1.197.1.3.1.1.1.9 = Gauge32: 13222
iso.3.6.1.2.1.197.1.3.1.1.1.10 = Gauge32: 13223
:~ $ snmpwalk -v 2c -c public localhost .1.3.6.1.2.1.197.1.3.1.1.2
iso.3.6.1.2.1.197.1.3.1.1.2.1 = STRING: "0.0.0.0"
iso.3.6.1.2.1.197.1.3.1.1.2.2 = STRING: "208.88.126.235"
iso.3.6.1.2.1.197.1.3.1.1.2.3 = STRING: "129.250.35.251"
iso.3.6.1.2.1.197.1.3.1.1.2.4 = STRING: "209.242.224.97"
iso.3.6.1.2.1.197.1.3.1.1.2.5 = STRING: "162.210.111.4"
iso.3.6.1.2.1.197.1.3.1.1.2.6 = STRING: "38.229.71.1"
iso.3.6.1.2.1.197.1.3.1.1.2.7 = STRING: "174.138.107.37"
iso.3.6.1.2.1.197.1.3.1.1.2.8 = STRING: "69.164.213.136"
iso.3.6.1.2.1.197.1.3.1.1.2.9 = STRING: "35.171.237.77"
iso.3.6.1.2.1.197.1.3.1.1.2.10 = STRING: "65.19.142.137"

etc.

Or, for the whole deal, just do snmpwalk -v 2c -c public localhost
.1.3.6.1.2.1.197.1.3.1.1

I've got graphs!
https://imgur.com/a/uXMdK
___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Re: 1.0.1 and ntpsnmpd

[Sanjeev Gupta via devel]

Jason, yes, that is the result of the bounty offer.

I have not had a chance to play with it, but the offer included a
requirement to upstream into cacti and provide a working example.


-- 
Sanjeev Gupta
+65 98551208 http://www.linkedin.com/in/ghane

On Fri, Mar 16, 2018 at 3:35 AM, Jason Azze via devel 
wrote:

> On Fri, Mar 2, 2018 at 12:17 AM, Sanjeev Gupta  wrote:
>
>> Please see
>>
>> https://github.com/netniV/cacti-templates/tree/master/NTP
>>
>
> Sanjeev, was this template created in response to your bounty? I finally
> worked through getting ntpsnmpd up and talking to AgentX on my test
> machine, but all of my Cacti graphs from netniV's template come up NaN.
>
> Ian, could you recommend an snmpwalk command or something similar that
> will help answer the question: "How do I know I've got ntpsnmpd working?"
>
>
> ___
> devel mailing list
> devel@ntpsec.org
> http://lists.ntpsec.org/mailman/listinfo/devel
>
___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Re: 1.0.1 and ntpsnmpd

[Ian Bruene via devel]

On 03/15/2018 02:35 PM, Jason Azze via devel wrote:
Sanjeev, was this template created in response to your bounty? I 
finally worked through getting ntpsnmpd up and talking to AgentX on my 
test machine, but all of my Cacti graphs from netniV's template come 
up NaN.


Ian, could you recommend an snmpwalk command or something similar that 
will help answer the question: "How do I know I've got ntpsnmpd working?"


Command I've been using for this:

snmpwalk -v 2c -c public localhost | grep NTP

The most likely problem (given that I don't know cacti) is that after he 
got cacti working I discovered that scalar SNMP values need to go in 
.0 rather than just . I fixed that issue, but cacti 
may not automatically check it.


--
/"In the end; what separates a Man, from a Slave? Money? Power? No. A 
Man Chooses, a Slave Obeys."/ -- Andrew Ryan


/"Utopia cannot precede the Utopian. It will exist the moment we are fit 
to occupy it."/ -- Sophia Lamb


___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Re: 1.0.1 and ntpsnmpd

[Jason Azze via devel]

On Fri, Mar 2, 2018 at 12:17 AM, Sanjeev Gupta  wrote:

> Please see
>
> https://github.com/netniV/cacti-templates/tree/master/NTP
>

Sanjeev, was this template created in response to your bounty? I finally
worked through getting ntpsnmpd up and talking to AgentX on my test
machine, but all of my Cacti graphs from netniV's template come up NaN.

Ian, could you recommend an snmpwalk command or something similar that will
help answer the question: "How do I know I've got ntpsnmpd working?"
___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Re: 1.0.1 and ntpsnmpd

[Ian Bruene via devel]

On 03/02/2018 03:47 PM, Hal Murray via devel wrote:

It wouldn't surprise me if we had added something interesting.  I'm pretty
sure I have added things.  The only question is did we fill in a gap in
classic and/or will ntpsnmpd do the right thing if it encounters something
like that.


ntpsnmpd can handle when ntpd isn't running at all, so missing data 
isn't a problem.


--
/"In the end; what separates a Man, from a Slave? Money? Power? No. A 
Man Chooses, a Slave Obeys."/ -- Andrew Ryan


/"Utopia cannot precede the Utopian. It will exist the moment we are fit 
to occupy it."/ -- Sophia Lamb


___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Re: 1.0.1 and ntpsnmpd

[Hal Murray via devel]

Eric said:
>> I could imagine that we have tweaked mode6 enough to be interesting.
> There's really only one possible point of breakage - driver IDs for
> reclocks.  I think we're safe there. 

It wouldn't surprise me if we had added something interesting.  I'm pretty 
sure I have added things.  The only question is did we fill in a gap in 
classic and/or will ntpsnmpd do the right thing if it encounters something 
like that.

In any case, we should have a classic setup where we can test things like 
this.  We'll also need it for testing authentication.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Re: 1.0.1 and ntpsnmpd

[Eric S. Raymond via devel]

Hal Murray via devel :
> I could imagine that we have tweaked mode6 enough to be interesting.

There's really only one possible point of breakage - driver IDs for
reclocks.  I think we're safe there.
-- 
http://www.catb.org/~esr/;>Eric S. Raymond

My work is funded by the Internet Civil Engineering Institute: https://icei.org
Please visit their site and donate: the civilization you save might be your own.


___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Re: 1.0.1 and ntpsnmpd

[Richard Laager via devel]

On 03/01/2018 05:54 PM, Mark Atwood wrote:
> ntpsnmpd should be it's own Debian package, please.  It's useful to both
> NTPsec and to NTP Classic installations.

Unless this is going to be actively supported and tested upstream, I'm
not interested in supporting that combination.

I'm going a little out-of-my-way to allow ntp + ntpsec-ntpviz, though
I'm not actively testing that the stats work (though they should). If
you made ntpviz officially supported with NTP Classic, I'd probably
pursue a package name change from ntpsec-ntpviz to ntpviz.

-- 
Richard
___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Re: 1.0.1 and ntpsnmpd

[Sanjeev Gupta via devel]

Please see

https://github.com/netniV/cacti-templates/tree/master/NTP



On 27 Feb 2018 7:45 pm, "Sanjeev Gupta"  wrote:

Apologies.

I checked an hour ago, and the guy who assured me that we were using
'native' SNMP has come back saying he setup the cacti script that talks
over ntpq

I have posted a bounty offer on the cacti forum.

Apologies for raising hopes.

On 27 Feb 2018 7:40 pm, "Jason Azze via devel"  wrote:

> On Mon, Feb 26, 2018 at 7:18 PM, Richard Laager via devel
>  wrote:
> > On 02/26/2018 06:16 PM, Sanjeev Gupta wrote:
> >> Richard, I am using cacti.
> >
> > That's what I was hoping to hear, since I also run Cacti. Are you
> > willing to share your templates?
>
> I'm also a Cacti user, though it has been years since I logged on to
> the Cacti forums to search for a template. If you have one that works,
> Sanjeev, I'd also like to get in on the action.
> ___
> devel mailing list
> devel@ntpsec.org
> http://lists.ntpsec.org/mailman/listinfo/devel
>
___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Re: 1.0.1 and ntpsnmpd

[Ian Bruene via devel]

On 03/01/2018 07:40 PM, Hal Murray via devel wrote:

Mark Atwood said:

ntpsnmpd should be it's own Debian package, please.  It's useful to both
NTPsec and to NTP Classic installations.

Has anybody tried it with NTP Classic?  Do we have a classic server running
that we can test against?  (other things as well as ntpsnmpd)

I could imagine that we have tweaked mode6 enough to be interesting.


In principle it should work. However there are hardcoded responses 
reporting "NTPsec" because there was no known way of getting the data 
and it was never expected to work with another ntpd.


--
/"In the end; what separates a Man, from a Slave? Money? Power? No. A 
Man Chooses, a Slave Obeys."/ -- Andrew Ryan


/"Utopia cannot precede the Utopian. It will exist the moment we are fit 
to occupy it."/ -- Sophia Lamb


___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Re: 1.0.1 and ntpsnmpd

[Mark Atwood via devel]

ntpsnmpd should be it's own Debian package, please.  It's useful to both
NTPsec and to NTP Classic installations.

On Tue, Feb 27, 2018 at 3:45 AM Sanjeev Gupta via devel 
wrote:

> Apologies.
>
> I checked an hour ago, and the guy who assured me that we were using
> 'native' SNMP has come back saying he setup the cacti script that talks
> over ntpq
>
> I have posted a bounty offer on the cacti forum.
>
> Apologies for raising hopes.
>
> On 27 Feb 2018 7:40 pm, "Jason Azze via devel"  wrote:
>
>> On Mon, Feb 26, 2018 at 7:18 PM, Richard Laager via devel
>>  wrote:
>> > On 02/26/2018 06:16 PM, Sanjeev Gupta wrote:
>> >> Richard, I am using cacti.
>> >
>> > That's what I was hoping to hear, since I also run Cacti. Are you
>> > willing to share your templates?
>>
>> I'm also a Cacti user, though it has been years since I logged on to
>> the Cacti forums to search for a template. If you have one that works,
>> Sanjeev, I'd also like to get in on the action.
>> ___
>> devel mailing list
>> devel@ntpsec.org
>> http://lists.ntpsec.org/mailman/listinfo/devel
>>
> ___
> devel mailing list
> devel@ntpsec.org
> http://lists.ntpsec.org/mailman/listinfo/devel

-- 

Mark Atwood
http://about.me/markatwood
+1-206-604-2198
___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Re: 1.0.1 and ntpsnmpd

[Sanjeev Gupta via devel]

Apologies.

I checked an hour ago, and the guy who assured me that we were using
'native' SNMP has come back saying he setup the cacti script that talks
over ntpq

I have posted a bounty offer on the cacti forum.

Apologies for raising hopes.

On 27 Feb 2018 7:40 pm, "Jason Azze via devel"  wrote:

> On Mon, Feb 26, 2018 at 7:18 PM, Richard Laager via devel
>  wrote:
> > On 02/26/2018 06:16 PM, Sanjeev Gupta wrote:
> >> Richard, I am using cacti.
> >
> > That's what I was hoping to hear, since I also run Cacti. Are you
> > willing to share your templates?
>
> I'm also a Cacti user, though it has been years since I logged on to
> the Cacti forums to search for a template. If you have one that works,
> Sanjeev, I'd also like to get in on the action.
> ___
> devel mailing list
> devel@ntpsec.org
> http://lists.ntpsec.org/mailman/listinfo/devel
>
___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Re: 1.0.1 and ntpsnmpd

[Jason Azze via devel]

On Mon, Feb 26, 2018 at 7:18 PM, Richard Laager via devel
 wrote:
> On 02/26/2018 06:16 PM, Sanjeev Gupta wrote:
>> Richard, I am using cacti.
>
> That's what I was hoping to hear, since I also run Cacti. Are you
> willing to share your templates?

I'm also a Cacti user, though it has been years since I logged on to
the Cacti forums to search for a template. If you have one that works,
Sanjeev, I'd also like to get in on the action.
___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Re: 1.0.1 and ntpsnmpd

[Sanjeev Gupta via devel]

> Related to point 2; do you have rough numbers of how long / many
instances of this have been running?

A few weeks now on at least one.  You may recall I had a bug report about
IPv6 addresses.



-- 
Sanjeev Gupta
+65 98551208 http://www.linkedin.com/in/ghane

On Tue, Feb 27, 2018 at 2:08 PM, Ian Bruene via devel 
wrote:

>
>
> On 02/26/2018 06:13 PM, Sanjeev Gupta via devel wrote:
>
> Hi,
>
> For what it is worth, I am running the ntpsnmpd code on a number of debian
> and ubuntu machines for some time, including one with an actual GPS.  No
> issues so far.
>
> I just like to see graphs.
>
>
> Hooray! Someone is using the code!
>
> 1. This means it is useful.
>
> 2. This gives some confirmation of stability.
>
> Related to point 2; do you have rough numbers of how long / many instances
> of this have been running?
>
> --
> *"In the end; what separates a Man, from a Slave? Money? Power? No. A Man
> Chooses, a Slave Obeys."* -- Andrew Ryan
>
> *"Utopia cannot precede the Utopian. It will exist the moment we are fit
> to occupy it."* -- Sophia Lamb
>
> ___
> devel mailing list
> devel@ntpsec.org
> http://lists.ntpsec.org/mailman/listinfo/devel
>
___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Re: 1.0.1 and ntpsnmpd

[Ian Bruene via devel]

On 02/26/2018 06:13 PM, Sanjeev Gupta via devel wrote:

Hi,

For what it is worth, I am running the ntpsnmpd code on a number of 
debian and ubuntu machines for some time, including one with an actual 
GPS.  No issues so far.


I just like to see graphs.


Hooray! Someone is using the code!

1. This means it is useful.

2. This gives some confirmation of stability.

Related to point 2; do you have rough numbers of how long / many 
instances of this have been running?


--
/"In the end; what separates a Man, from a Slave? Money? Power? No. A 
Man Chooses, a Slave Obeys."/ -- Andrew Ryan


/"Utopia cannot precede the Utopian. It will exist the moment we are fit 
to occupy it."/ -- Sophia Lamb


___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Re: 1.0.1 and ntpsnmpd

[Richard Laager via devel]

On 02/26/2018 06:16 PM, Sanjeev Gupta wrote:
> Richard, I am using cacti.

That's what I was hoping to hear, since I also run Cacti. Are you
willing to share your templates?

1) That'd probably be good for the project in general.
2) That would give me a way to test, both short-term and long-term, the
ntpsnmpd packaging.

-- 
Richard
___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Re: 1.0.1 and ntpsnmpd

[Sanjeev Gupta via devel]

(apologies for the top posts)

Richard, I am using cacti.  Have been planning to add it to observium as
well, will try tonight.


-- 
Sanjeev Gupta
+65 98551208 http://www.linkedin.com/in/ghane

On Tue, Feb 27, 2018 at 8:14 AM, Richard Laager  wrote:

> On 02/26/2018 06:13 PM, Sanjeev Gupta wrote:
> > For what it is worth, I am running the ntpsnmpd code on a number of
> > debian and ubuntu machines for some time, including one with an actual
> > GPS.  No issues so far.
> >
> > I just like to see graphs.
>
> What are you using to graph the NTP SNMP data?
>
> --
> Richard
>
___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Re: 1.0.1 and ntpsnmpd

[Richard Laager via devel]

On 02/26/2018 06:13 PM, Sanjeev Gupta wrote:
> For what it is worth, I am running the ntpsnmpd code on a number of
> debian and ubuntu machines for some time, including one with an actual
> GPS.  No issues so far.
> 
> I just like to see graphs.

What are you using to graph the NTP SNMP data?

-- 
Richard
___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Re: 1.0.1 and ntpsnmpd

[Sanjeev Gupta via devel]

Hi,

For what it is worth, I am running the ntpsnmpd code on a number of debian
and ubuntu machines for some time, including one with an actual GPS.  No
issues so far.

I just like to see graphs.


-- 
Sanjeev Gupta
+65 98551208 http://www.linkedin.com/in/ghane

On Tue, Feb 27, 2018 at 8:09 AM, Richard Laager via devel 
wrote:

> On 02/26/2018 09:50 AM, Mark Atwood via devel wrote:
> > Does the Debian packaging have it be it's own package?
>
> It's unclear to me what exactly you're asking, so I'll give various
> information which may help:
>
> No NTPsec ntpsnmpd has shipped in a released version, so the Debian
> package doesn't do anything with it currently, because it doesn't exist.
>
> The ntp package (NTP Classic) does not ship any ntpsnmpd. It explicitly
> configures with --without-ntpsnmpd. It does ship a documentation file
> for it, presumably for lack of special-casing that.
>
> If ntpsnmpd is experimental and there is no precedent from NTP Classic,
> my first inclination is to not bother shipping it at all, for now. That
> just punts the problem to the future, though, when it's not marked
> experimental.
>
> From the "d" at the end of the name, I assume ntpsnmpd has to run as a
> daemon, as opposed to being invoked as a script by snmpd. Off the top of
> my head, I'd probably ship it in a separate package. I assume most
> people using ntpd will not want ntpsnmpd.
>
> If that's the route I plan to go, then I'll probably do it sooner,
> rather than later, as adding new binary package names requires extra
> review (which can take a long time). That way, we start the clock on
> ntpsec-snmp (or whatever) while it is still experimental.
>
> --
> Richard
> ___
> devel mailing list
> devel@ntpsec.org
> http://lists.ntpsec.org/mailman/listinfo/devel
>
___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Re: 1.0.1 and ntpsnmpd

[Richard Laager via devel]

On 02/26/2018 09:50 AM, Mark Atwood via devel wrote:
> Does the Debian packaging have it be it's own package?

It's unclear to me what exactly you're asking, so I'll give various
information which may help:

No NTPsec ntpsnmpd has shipped in a released version, so the Debian
package doesn't do anything with it currently, because it doesn't exist.

The ntp package (NTP Classic) does not ship any ntpsnmpd. It explicitly
configures with --without-ntpsnmpd. It does ship a documentation file
for it, presumably for lack of special-casing that.

If ntpsnmpd is experimental and there is no precedent from NTP Classic,
my first inclination is to not bother shipping it at all, for now. That
just punts the problem to the future, though, when it's not marked
experimental.

>From the "d" at the end of the name, I assume ntpsnmpd has to run as a
daemon, as opposed to being invoked as a script by snmpd. Off the top of
my head, I'd probably ship it in a separate package. I assume most
people using ntpd will not want ntpsnmpd.

If that's the route I plan to go, then I'll probably do it sooner,
rather than later, as adding new binary package names requires extra
review (which can take a long time). That way, we start the clock on
ntpsec-snmp (or whatever) while it is still experimental.

-- 
Richard
___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Re: 1.0.1 and ntpsnmpd

[Ian Bruene via devel]

ntpsnmpd is now fully part of the build. Manpage installs properly. 
make-tarball includes it (mostly because it slurps up everything).


--
/"In the end; what separates a Man, from a Slave? Money? Power? No. A 
Man Chooses, a Slave Obeys."/ -- Andrew Ryan


/"Utopia cannot precede the Utopian. It will exist the moment we are fit 
to occupy it."/ -- Sophia Lamb


___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Re: 1.0.1 and ntpsnmpd

[Ian Bruene via devel]

On 02/25/2018 07:18 PM, Hal Murray via devel wrote:

Is there a HOWTO that tells me how to set things up?

I'll get to work on that.

There may be two targets for that document.  One is SNMP wizards who don't
know much about ntpd.  The other is NTP wizards who don't know much about
SNMP.


Unfortunately I am neither. I know the intersection of the two, and some 
of the basics needed to get SNMP running.



"Why SNMP?" I'm not sure I can tell you much more that a few minutes of
quality time with a wiki could.

There is a lot of stuff out there.  A few good URLs would help people like me
get started.  I think "curated" is the right term.


These are decent. Unfortunately proper documentation about SNMP is not 
exactly commonplace; early on I had to reverse engineer more than I'd 
like by poking the master agent and seeing what it did.


https://en.wikipedia.org/wiki/Simple_Network_Management_Protocol

https://www.thegeekstuff.com/2012/09/snmp-introduction/

http://www.net-snmp.org/wiki/index.php/TUT:snmpd_configuration


I assume I also have to setup a system to collect the data and show status or
email alerts or whatever.  What do you call that?  I think there are several
packages available.  Do they all support NTP?  Do they monitor NTP servers
directly with NTP packets?


I... am not sure what you are talking about.

Rough structure of an SNMP system:

SNMP daemon (like snmpd): Master agent. Everything routes through this, 
and it handles the permissions.


Sub-agent daemon (ntpsnmpd): responds to commands and data requests 
relayed to it by the master.


Clients: Includes utilities like snmpwalk/get/set, as well as more 
sophisticated software. Talks to the master agent to send or retrieve 
data, and does something with that data.


Management Information Base (MIB): Document specifying the structure and 
meaning of a subset of the data tree. Usually the client will have a 
copy of this so that it knows what to look for.



At any rate, I/we need the HOWTO level info for setting up the NTP side and I
need a HOWTO for getting the collection end off the ground.

(In case it's not obvious, I don't mean you have to write them.  Links to
existing info is fine.)



In case it's not on your list...

ntpd can monitor other ntp servers.  Just put "noselect" on a server line
pointed at the system you want to monitor.  Then ntpq -p will give you a line
of info and logging to peerstats and rawstats will get the normal data.




--
/"In the end; what separates a Man, from a Slave? Money? Power? No. A 
Man Chooses, a Slave Obeys."/ -- Andrew Ryan


/"Utopia cannot precede the Utopian. It will exist the moment we are fit 
to occupy it."/ -- Sophia Lamb


___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Re: 1.0.1 and ntpsnmpd

[Ian Bruene via devel]

On 02/26/2018 09:50 AM, Mark Atwood via devel wrote:

Does waf build it by default?

Does the Debian packaging have it be it's own package?


It is built as part of the other python utilities. The manpage isn't 
part of the build yet as I do not know which section it should go in.


--
/"In the end; what separates a Man, from a Slave? Money? Power? No. A 
Man Chooses, a Slave Obeys."/ -- Andrew Ryan


/"Utopia cannot precede the Utopian. It will exist the moment we are fit 
to occupy it."/ -- Sophia Lamb


___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Re: 1.0.1 and ntpsnmpd

[Mark Atwood via devel]

Re ntpsnmpd

My inclination is to include it, but document it as experimental, but also
document in the release announcement as worth trying.

Does waf build it by default?

Does the Debian packaging have it be it's own package?

..m

On Sun, Feb 25, 2018 at 5:18 PM Hal Murray via devel 
wrote:

>
> > You need to be running an SNMP daemon and an NTP daemon.
>
> I've got plenty of ntp servers to experiment with.
>
> >> Is there a HOWTO that tells me how to set things up?
> > I'll get to work on that.
>
> There may be two targets for that document.  One is SNMP wizards who don't
> know much about ntpd.  The other is NTP wizards who don't know much about
> SNMP.
>
> > "Why SNMP?" I'm not sure I can tell you much more that a few minutes of
> > quality time with a wiki could.
>
> There is a lot of stuff out there.  A few good URLs would help people like
> me
> get started.  I think "curated" is the right term.
>
> I assume I also have to setup a system to collect the data and show status
> or
> email alerts or whatever.  What do you call that?  I think there are
> several
> packages available.  Do they all support NTP?  Do they monitor NTP servers
> directly with NTP packets?
>
> At any rate, I/we need the HOWTO level info for setting up the NTP side
> and I
> need a HOWTO for getting the collection end off the ground.
>
> (In case it's not obvious, I don't mean you have to write them.  Links to
> existing info is fine.)
>
> 
>
> In case it's not on your list...
>
> ntpd can monitor other ntp servers.  Just put "noselect" on a server line
> pointed at the system you want to monitor.  Then ntpq -p will give you a
> line
> of info and logging to peerstats and rawstats will get the normal data.
>
>
> --
> These are my opinions.  I hate spam.
>
>
>
> ___
> devel mailing list
> devel@ntpsec.org
> http://lists.ntpsec.org/mailman/listinfo/devel
>
-- 

Mark Atwood
http://about.me/markatwood
+1-206-604-2198
___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Re: 1.0.1 and ntpsnmpd

[Hal Murray via devel]

> You need to be running an SNMP daemon and an NTP daemon.

I've got plenty of ntp servers to experiment with.

>> Is there a HOWTO that tells me how to set things up?
> I'll get to work on that.

There may be two targets for that document.  One is SNMP wizards who don't 
know much about ntpd.  The other is NTP wizards who don't know much about 
SNMP.

> "Why SNMP?" I'm not sure I can tell you much more that a few minutes of
> quality time with a wiki could.

There is a lot of stuff out there.  A few good URLs would help people like me 
get started.  I think "curated" is the right term.

I assume I also have to setup a system to collect the data and show status or 
email alerts or whatever.  What do you call that?  I think there are several 
packages available.  Do they all support NTP?  Do they monitor NTP servers 
directly with NTP packets?

At any rate, I/we need the HOWTO level info for setting up the NTP side and I 
need a HOWTO for getting the collection end off the ground.

(In case it's not obvious, I don't mean you have to write them.  Links to 
existing info is fine.)



In case it's not on your list...

ntpd can monitor other ntp servers.  Just put "noselect" on a server line 
pointed at the system you want to monitor.  Then ntpq -p will give you a line 
of info and logging to peerstats and rawstats will get the normal data.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Re: 1.0.1 and ntpsnmpd

[Ian Bruene via devel]

On 02/25/2018 04:39 PM, Hal Murray via devel wrote:

devel@ntpsec.org said:

The only real blocker that I can see at this time is the need for broad
testing. [reiteration of me requesting testers / reviewers goes here.]

Is there a HOWTO that tells me how to set things up?


I'll get to work on that.


Actually, I need something before that.  Why is it interesting?  What will it
tell me?  Why would I want to use it?


It will tell you the same information as mode 6 (more or less), but 
through a different channel. Beyond that for the general question of 
"Why SNMP?" I'm not sure I can tell you much more that a few minutes of 
quality time with a wiki could.


For the specific relevance to NTPsec see this devlist mail: 
https://lists.ntpsec.org/pipermail/devel/2018-January/005760.html



What will it cost me?  (I know next to nothing about SNMP.)


You need to be running an SNMP daemon and an NTP daemon.

--
/"In the end; what separates a Man, from a Slave? Money? Power? No. A 
Man Chooses, a Slave Obeys."/ -- Andrew Ryan


/"Utopia cannot precede the Utopian. It will exist the moment we are fit 
to occupy it."/ -- Sophia Lamb


___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Re: 1.0.1 and ntpsnmpd

[Ian Bruene via devel]

On 02/25/2018 04:43 PM, Eric S. Raymond via devel wrote:

Gary E. Miller via devel :

On Sun, 25 Feb 2018 16:02:00 -0600
Ian Bruene via devel  wrote:


[...]

OTOH, people will not test it until it is easy to test.  So I'd suggest
putting it in 1.0.1, and mark "experimental".

[...]  By marking it "experimental" we can mitigate the
reputation risk if it does.


This seems the best option.


So...you get to tell us if it's ready, and commit the change to
include in the tarball if it is.  Don't sweat the decision, you
have more important things to spend your think time on.


Well I just pushed a commit that takes care of the most finicky option. 
So I will be marking it for ship once I do some more cleanup and figure 
out how to include it.


--
/"In the end; what separates a Man, from a Slave? Money? Power? No. A 
Man Chooses, a Slave Obeys."/ -- Andrew Ryan


/"Utopia cannot precede the Utopian. It will exist the moment we are fit 
to occupy it."/ -- Sophia Lamb


___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Re: 1.0.1 and ntpsnmpd

[Eric S. Raymond via devel]

Gary E. Miller via devel :
> On Sun, 25 Feb 2018 16:02:00 -0600
> Ian Bruene via devel  wrote:
> 
> > The only real blocker that I can see at this time is the need for
> > broad testing. [reiteration of me requesting testers / reviewers goes
> > here.]
> 
> OTOH, people will not test it until it is easy to test.  So I'd suggest
> putting it in 1.0.1, and mark "experimental".

Good plan.

Ian, you have an unusual degree of freedom in this situation.  SNMP would
be nice to ship in a checklist-feature sort of way, but it's not urgent.
By your account it needs some polishing, but is unlikely to break in any
obvious and horrible way.  By marking it "experimental" we can mitigate the
reputation risk if it does.

Taken all together, this means there isn't really any wrong decision,
just alternatives that are all low-risk and low-gain.  In the longer
term the gain might be higher as more people find it useful, but that's not
now.

So...you get to tell us if it's ready, and commit the change to
include in the tarball if it is.  Don't sweat the decision, you
have more important things to spend your think time on.
-- 
http://www.catb.org/~esr/;>Eric S. Raymond

My work is funded by the Internet Civil Engineering Institute: https://icei.org
Please visit their site and donate: the civilization you save might be your own.




signature.asc
Description: PGP signature
___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Re: 1.0.1 and ntpsnmpd

[Hal Murray via devel]

devel@ntpsec.org said:
> The only real blocker that I can see at this time is the need for broad
> testing. [reiteration of me requesting testers / reviewers goes here.] 

Is there a HOWTO that tells me how to set things up?

Actually, I need something before that.  Why is it interesting?  What will it 
tell me?  Why would I want to use it?  What will it cost me?  (I know next to 
nothing about SNMP.)


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel

Re: 1.0.1 and ntpsnmpd

[Gary E. Miller via devel]

Yo Ian!

On Sun, 25 Feb 2018 16:02:00 -0600
Ian Bruene via devel  wrote:

> The only real blocker that I can see at this time is the need for
> broad testing. [reiteration of me requesting testers / reviewers goes
> here.]

OTOH, people will not test it until it is easy to test.  So I'd suggest
putting it in 1.0.1, and mark "experimental".

RGDS
GARY
---
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
g...@rellim.com  Tel:+1 541 382 8588

Veritas liberabit vos. -- Quid est veritas?
"If you can’t measure it, you can’t improve it." - Lord Kelvin


pgpUoq8f60uOo.pgp
Description: OpenPGP digital signature
___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel