ENTRE SUJETOS DE DERECHO MERCANTIL

Only for EWSD V13A and higher, and for hiQ/E9200.

LI management notifications (also called HI1 notifications) notify the LEA about events like observation activation, deactivation and modification. It can also provide information about alarms.

At present LIOS provides only notifications about observation activation and deactivation. Tickets must have originated from EWSD V13A and higher, or from hiQ/E9200, and must have the format ‘ETSI V2.1’ (with ‘ETSI National D’ format it does not work because the HI1 data is part of the national parameters). HI1 notifications are sent through the HI2 mechanism just like normal tickets. From the file name the LEA can identify if it is an HI1 or an HI2 notification.

To switch the support of LI management (HI1) notifications off or on, edit the ‘lios.properties’ configuration file (how to access the ‘lios.properties’ configuration file is described in Section 4.3).

HI1 support is ON: TicketRouter.ETSI_HI1 = 1 HI1 support is OFF: TicketRouter.ETSI_HI1 = 0

4.14 NTP Configuration for LIOS

NTP (Network Time Protocol) requires two types of machines to configure: NTP server and NTP client. The NTP server can be a stand-alone system (some computer outside of LIOS) or a LIOS server. NTP clients are all other LIOS servers existing in the network. If the NTP server is a stand-alone system, it is needed to know or administer some configuration data for NTP on this machine (this machine must be in time-packets broadcasting mode).

Generally there are three most common possibilities how to perform time synchronization in LIOS: ─ NTP is not used: Rely on the LIOS-proprietary time synchronization as it was prior to LIOS 7.4. ─ NTP is used:

─ The NTP server is some computer outside of LIOS. Both LIOS servers are configured as NTP clients. The LIOS-proprietary time synchronization must be turned off (see the Section 4.15) or ─ One of LIOS servers will act as NTP server and other as NTP client. The LIOS-proprietary time

synchronization must be turned off.

If NTP is going to be used, please refer to the next section for information how to configure NTP server and client. It is enough to create some configuration files and place them into the respective directory. These files will be automatically read by Solaris after reboot.

4.14.1 Multicast/Broadcast synchronization (automatic)

Multicast/Broadcast synchronization can be used when broadcasting (multicasting) over the network is possible.

Step-by-step configuration: 23. NTP server configuration

─ Create or copy and modify the file ‘/etc/inet/ntp.keys’

─ Insert the authentication key into the file in the format <key> <type> <password>

(the key identifies a line in the file and consists of <key> <type> <password>, this key id (and password) is checked by an NTP client when receiving a broadcasted time packet from the server)

key – key ID, numeric value, e.g. 1

type – one of S (64bit DES), N (64bit NTP number), A (1-8 characters ASCII), M (1-8 characters MD5)

password – any password e.g. ‘1 M mypass’

─ Copy/modify file ‘/etc/inet/ntp.conf’

─ At least one line with the command ‘server <address>’ has to exist to identify the address of the time source

e.g. ‘server 127.127.1.0’ for local computer clock source (clock can also be on any other server) ─ A line with the command ‘broadcast <address> key <key#> ttl <ttl#> has to exist, with proper

values set (see above creation of key) address – multicast or broadcast address key# – key ID to sign packets

ttl# – number of maximum network hops from NTP server to client e.g. ‘broadcast 224.0.1.1 key 1 ttl 10’

─ Restart server. (or simply start /usr/lib/inet/xntpd)

remark: start ‘/usr/lib/inet/xntpd –d >/tmp/xntpd.log 2>&1 &’ for logging output into file ‘/tmp/xntpd.log’

24. NTP client configuration

─ Create or copy and modify the file ‘etc/inet/ntp.keys’ with exact key line as configured on the NTP server (see above). Only the key which is used in the ‘broadcast’ command in the ‘ntp.conf’ file on the server, is needed.

─ Copy/modify file ‘/etc/inet/ntp.conf’

─ Line with command ‘multicastclient <address>’ has to exist

address – same address as configured on the NTP server in ‘broadcast’ command. Also command ‘broadcastclient’ can be entered instead of ‘multicastclient <address>’. ─ A line with the command ‘enable auth bclient’ has to exist.

─ A line with the command ‘keys /etc/inet/ntp.keys’ has to exist. ─ A line with the command ‘trustedKey <key#>’ has to exist

key# – key ID which is entered in ‘ntp.keys’ file on client and server. ─ Restart server. (or simply start /usr/lib/inet/xntpd).

remark: start ‘/usr/lib/inet/xntpd –d >/tmp/xntpd.log 2>&1 &’ for logging output into file ‘/tmp/xntpd.log’

In a closed network, where only LIOS servers exist and where there is no danger of an attack with false time packets, it is also possible not to create a file ntp.keys (on both – server and client) and not to fill in any information about authorization keys (commands broadcast and trustedKey).

4.14.2 Configuration check

4.14.2.1 NTP server

─ Run ‘ntpq’ utility.

─ The ‘associations’ command displays information about active associations of NTP (If association table is empty or state “condition” is faulty NTP does not work correctly). ─ Example:

ntpq>associations

ind assID status conf reach auth condition last_event cnt =========================================================== 1 46388 9614 yes yes none sys.peer reachable 1 2 46389 c000 yes no

─ The ‘pstatus <assID>’ command displays information about associations. ─ Example:

ntpq> pstatus 46388

status=9614 reach, conf, sel_sys.peer, 1 event, event_reach

srcadr=LOCAL(0), srcport=123, dstadr=127.0.0.1, dstport=123, keyid=0, stratum=3, precision=-14, rootdelay=0.00, rootdispersion=0.00,

refid=LOCAL(0),

reftime=c30b0296.a01f7000 Thu, Sep 11 2003 16:17:58.625,

delay= 0.00, offset= 0.00, dispersion=10.06, reach=377, valid=8, hmode=3, pmode=4, hpoll=6, ppoll=6, leap=00, flash=0x0<OK>,

org=c30b0296.a01f7000 Thu, Sep 11 2003 16:17:58.625, rec=c30b0296.a01f7000 Thu, Sep 11 2003 16:17:58.625, xmt=c30b0296.a01f1000 Thu, Sep 11 2003 16:17:58.625,

filtoffset= 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00, filterror= 10.06 11.03 12.01 12.99 13.96 14.94 15.91 16.89

4.14.2.2 NTP client

─ Run ‘ntpq’ utility

─ The ‘associations’ command displays information about associations of NTP. ─ Example:

ntpq> assoc

ind assID status conf reach auth condition last_event cnt =========================================================== 1 36407 7600 no yes ok sys.peer

─ The ‘pstatus <assID>’ command displays information about associations. ─ Example:

ntpq> pstatus 36407

status=7600 reach, auth, sel_sys.peer, no events

srcadr=gfts7, srcport=123, dstadr=224.0.1.1, dstport=123, keyid=1, stratum=4, precision=-14, rootdelay=0.00, rootdispersion=10.12, refid=LOCAL(0),

reftime=c30b0316.9ff21000 Thu, Sep 11 2003 16:20:06.624,

delay= 0.73, offset= -1.10, dispersion=1.22, reach=377, valid=8, hmode=8, pmode=5, hpoll=6, ppoll=6, leap=00, flash=0x0<OK>,

org=c30b0317.9ff40000 Thu, Sep 11 2003 16:20:07.624, rec=c30b0317.93342000 Thu, Sep 11 2003 16:20:07.575, xmt=c30af437.03c41000 Thu, Sep 11 2003 15:16:39.014,

filtdelay= 0.73 0.73 0.73 0.73 0.73 0.73 0.73 0.73, filtoffset= -1.11 -1.19 -1.37 -1.22 -1.25 -1.25 -1.25 -1.31, filterror= 1.10 2.08 3.05 4.03 5.00 5.98 6.96 7.93

4.14.3 Listing of NTP configuration files for LIOS >cat ntp.keys

1 M password

>cat ntp_server.conf

# @(#)ntp_server.conf LIOS broadcast server configuration #

# Place to /etc/inet/ntp.conf #

# An example file that could be copied over to /etc/inet/ntp.conf and # edited; it provides a configuration template for a server that

# listens to an external hardware clock, synchronizes the local clock, # and announces itself on the NTP multicast net.

#

# This is the external clock device. The following devices are # recognized by xntpd 3-5.93e:

#

# XType Device RefID Description

# --- # 1 local LCL Undisciplined Local Clock # 2 trak GPS TRAK 8820 GPS Receiver

# 3 pst WWV PSTI/Traconex WWV/WWVH Receiver # 4 wwvb WWVB Spectracom WWVB Receiver

# 6 irig IRIG IRIG Audio Decoder

# 7 chu CHU Scratchbuilt CHU Receiver # 8 parse ---- Generic Reference Clock Driver # 9 mx4200 GPS Magnavox MX4200 GPS Receiver # 10 as2201 GPS Austron 2201A GPS Receiver # 11 arbiter GPS Arbiter 1088A/B GPS Receiver # 12 tpro IRIG KSI/Odetics TPRO/S IRIG Interface

# 13 leitch ATOM Leitch CSD 5300 Master Clock Controller # 15 * * TrueTime GPS/TM-TMD Receiver

# 17 datum DATM Datum Precision Time System

# 18 acts ACTS NIST Automated Computer Time Service # 19 heath WWV Heath WWV/WWVH Receiver

# 20 nmea GPS Generic NMEA GPS Receiver # 22 atom PPS PPS Clock Discipline

# 23 ptb TPTB PTB Automated Computer Time Service # 24 usno USNO USNO Modem Time Service

# 25 * * TrueTime generic receivers

# 26 hpgps GPS Hewlett Packard 58503A GPS Receiver # 27 arc MSFa Arcron MSF Receiver

#

# * All TrueTime receivers are now supported by one driver, type 5. # Types 15 and 25 will be retained only for a limited time and may # be reassigned in future.

#

# Some of the devices benefit from "fudge" factors. See the xntpd # documentation.

# Either a peer or server. Replace "XType" with a value from the # table above. Address format: 127.127.XType.0

# At least one server is required. More servers is optimum.

# This means that device (hardware clock or any other server) at <address> is source of valid time for this server.

server 127.127.1.0 prefer

# Send time packets automatically

# multicast server with key=1 and ttl=100 broadcast 224.0.1.1 key 1 ttl 100

# Specify keys file for authentication keys /etc/inet/ntp.keys

>cat ntp_client.conf

# @(#)ntp_client.conf LIOS broadcast client configuration #

# Place to /etc/inet/ntp.conf #

# LIOS NTP multicast client configuration file #

# Choose a configuration which matches the NTP server settings # Possible configuration:

# multicastclient # broadcastclient

# Specify that client listen to broadcasted time packets #

# command: multicastclient <address> # set the NTP client to multicast client

# the address for multicast client can be modified, to meet actual settings. Must be same as multicast address on NTP server

# command: broadcastclient

# set the NTP client to broadcast client #broadcastclient

# Specify that authentication and broadcast listening are enabled enable auth bclient

# Specify keys file keys /etc/inet/ntp.keys

#Selected valid key, from which are time-packets accepted by this client trustedkey 1