Archive for the 'NTP Basics' Category

The NTP Server and Accurate Time

Accurate time on a network is essential for all businesses and institutions. Without an accurately synchronised system a computer network can be vulnerable to all sorts of problems, from malicious hackers and other security threats to fraud and data loss.

Network Time Protocol
is the key to keeping accurate time it is a software algorithm that has been constantly developed for over two decades. NTP takes a single time source that is received by the NTP server and distributes it across a network ensuring all machines in that network are running to exact same time.

Whilst NTP can maintain synchronisation of a network to within a few milliseconds it is only as good as the time source it receives. A dedicated NTP server will use a time signal from an external source and so keep the network secure as the firewall will not have to be disturbed.

The two preferred methods for most users of NTP servers is the GPS network (Global Positioning System) or specialist time and frequency transmissions put out be several national physics labs such as the UK’s NPL.

These time signals are UTC (Coordinated Universal Time) which is the world’s civil timescale. A NTP server receiving time source from either a frequency transmission or the GPS network can realistically provide accuracy to within a few milliseconds of UTC

The NTP Server – Selecting a Time Source Check List

In selecting a timing source to synchronise a computer network to using a NTP server (Network Time Protocol) it is important that the time source is accurate, secure and a source of UTC (Coordinated Universal Time). UTC is a global timescale used by computer networks, business and commerce across the globe.

Whilst UTC is freely available across the Internet it is neither accurate nor secure (being as it is external to your firewall).  Also Internet time sources cannot be authenticated which is NTP’s own method of ensuring a time source is what it says it is. There are two secure, accurate and reliable methods for receiving UTC via a NTP server and both come with their own advantages and drawbacks.

The first method is to use the GPS network (Global Positioning System).The main advantage of using the signals transmitted from a GPS satellite’s onboard atomic clock is that a signal is available anywhere on the planet. However it does come with a downside. As the signals are all line-of-sight it means that the GPS antenna needs to be placed on a roof to ensure connectivity with a satellite.

An alternative to the GPS signal but equally as accurate and reliable is to make use of the long wave radio transmissions broadcast by several national physics laboratories. These signals, such as the UK’s MSF, Germany’s DCF-77 and the United States’ WWVB transmissions, can often be picked up inside buildings making them ideal for a solution if a rooftop is unavailable for a GPS antenna. It must be noted that not every country broadcasts such a signal and whilst most transmissions can be picked up in neighbouring countries the signals are vulnerable to interference and local geography.

NTP Server the German DCF 77 signal

The NTP server is a tool for keeping computer networks synchronised. Without adequate synchronisation networks can be left vulnerable to security threats, data loss, fraud and may find it impossible to interact with other networks across the globe.

Computer networks are normally synchronised to the global timescale UTC (Coordinated Universal Time) enabling them to communicate effectively with other networks also running UTC.

In Europe there are several methods of receiving UTC time. The Internet is an obvious choice but as these time signals are external to the network firewall they can prove a security risk. Internet time sources can also be unreliable in their precision or too far away to make any useful synchronisation.

The GPS network is available everywhere on the planet as long as there is a good clear view of the sky and many NTP server devices are designed to receive such a signal.

In Europe there is another alternative, however, to provide accurate and reliable time. The National Physics Laboratory near Frankfurt, Germany broadcast a long wave frequency time signal based on a constellation of atomic clocks. This time signal is known as the DCF-77 signal and is available across much of Europe (as far as Portugal during the evening).

DCF 77 is an reliable and secure method of receiving UTC and as it is derived from a constellation for atomic clocks is highly accurate.  A NTP server received a DCF time signal can provide accuracy to within a few milliseconds of UTC.

NTP Server – common acronyms explained:

NTP – Network Time Protocol

SNTP – Simple Network Time Protocol

GPS – Global Positioning System

UTC – Coordinated Universal Time

MSF – Radio Time Signal for United Kingdom

WWVB – Radio Time Signal for American

DCF – Radio Time Signal for Germany

LAN – Local Area Network

UDP – User Datagram Protocol

TCP – Transmission Control Protocol

IP – Internet Protocol

TDF – Radio Time Signal for France

CHU – Radio Time Signal for Canada

JJY – Radio Time Signal for Japan

HBG – Radio Time Signal for Switzerland

USB – Universal Serial Bus

RTC – Real Time Clock

AM – Amplitude Modulation

APM – Automatic Power Management

DES – Data Encryption Standard

ESD – Electrostatic Discharge

FM – Frequency Modulation

IETF – Internet Engineering Task Force

IRIG – Inter-Range Instrumentation Group

MD5 – Message Digest

PPM – Part Per Million

PPS – Pulse Per Second

RFC – Request For Comments

SA – Selective Availability

TAI – International Atomic Time

SI – International System of Units

NTP Server – Using Stratum

NTP (Network Time Protocol) is the most prevalent time synchronisation software available. On of the reasons NTP is so successful is the way it organises its clients into a hierarchy.

The hierarchy of NTP is divided into stratum with each strata representing the distance from the original reference clock.  For instance an atomic clock that generates a UTC (coordinated universal time) signal is referred to as a stratum 0 device.

A NTP server that receives a stratum  1 time signal is referred to as a stratum 1 device and a device that receives a time source from a NTP server is a stratum 2 device. NTP can support up to 16 strata although the further away from the reference clock you get (stratum 0) the less accurate the device will be.

However, by arranging the network into stratum and allowing stratum 2 devices to pass on the time to a stratum 3 device (and so on) it reduced the demand on the NTP server and the network. By using a stratum based network, realistically thousands of machines can be synchronised to just one NTP server.

NTP Server –Telling the NTP Time

Network Time Protocol (NTP) is an Internet based protocol designed to distribute and synchronise time across a network.

NTP is in fact one of the oldest Internet protocols having been developed in the late 1980’s at Delaware University when the Internet was still in its infancy. It was devised by Professor David Mills and his team when they realised the need for accurate time synchronisation if computers were needed to communicate with each other.

A NTP server is a dedicated device that receives a single timing source and then distributes it amongst all network devices. A NTP server will receive the timing information through a number of ways but normally it is a UTC source (coordinated universal time) a global timescale based on the time as told by atomic clocks.

NTP handles the time in a different way to how humans perceive and deal with it. While we may split a time into seconds, minutes, hours, days, months and years; NTP regards time  as a single number which is the number of seconds since the ‘prime epoch’.

The prime epoch is a date set for when NTP began counting seconds. For NTP the prime Epoch is 00.01 on 1 January 1900 so that means on 1 January 2008 the time according to NTP will be 3405888000, which is the number of seconds since 1900.

The NTP Server – Trust in Time

Time synchronisation is vital for the modern computer network particularly when computer networks across the globe need to communicate with each other.

A lack of synchronisation would make impossible many online activities such as Internet auctions, seat reservation and trading in stocks and shares. It can also leave a system open to security threats and even fraud.

The NTP server (Network Time Protocol) can provide the most secure and accurate method of synchronising a network.  Many NTP servers are rack-mountable devices that can connect to a network and distributes time information between all devices on that system.

They work by using a single time reference, most commonly a source of UTC (Coordinated Universal Time), which NTP then checks all the system clocks to ensure all devices are keeping the same time. When it finds a computer or device that is drifting it advances or retreats the system clock until it matches UTC.

A NTP server will receive a timing source from either across the Internet (although not very secure or accurate), a specialist long-wave radio transmission or from the GPS network (global positioning system).

By utilising dedicated NTP server, not only can all devices on a network be synchronised together but also by using UTC the network will be synchronised with millions of computer networks all over the world.

The Radio Referenced NTP Server

Using a long wave time and frequency transmission is perhaps the simplest and most efficient way of receiving an accurate and secure UTC timing reference (coordinated universal time). Dedicated NTP servers are available that receive a time code this way and distribute the timing information to a network. Often these time servers are referred to as radio clocks, although this title is a little misleading.

The long wave transmissions are usually broadcast at 60 khz but are not available everywhere. Only certain countries have these broadcasts and most come from their country of origin’s national physics laboratory.

In the UK the signal is known as MSF as is broadcast by the NPL (National Physical Laboratory) in Cumbria. The USA signal, WWVB, is broadcast Near Fort Collins in Colorado while the signal in Germany is known as DCF and is broadcast near to Frankfurt. Other nations such as Switzerland, Japan and Finland also have their own signals.

These transmissions are not however, available everywhere. While in many neighbouring countries it is possible to receive one of these transmissions, the long-wave signal is finite in range and susceptible to interference from topography and other electrical devices

However, where they are available, these time and frequency signals make an ideal source for a NTP server to synchronise a network too making them a logical choice for securing UTC time.

NTP Server Solutions

The NTP server is now an essential part of the modern computer network. Without a dedicated NTP server administrators are forced to rely on unsecure and inaccurate Internet sources to synchronise their network clocks too.

The potential risks involved in this, namely leaving a hole open in the network firewall and the lack of the NTP security measure: authentication, means that networks that use an Internet based timing source are risking their system to attacks from malicious user and hackers.

It should also be noted that a survey of Internet based timing sources found less than a third were accurate to UTC time and those that were could still be too far away from client to make any useful synchronisation.

There are two types of dedicated NTP server, the GPS NTP server and the radio referenced NTP server. The difference between the two is based solely on the method they receive their UTC time source from. A GPS NTP server will use the signals broadcast from the GPS satellites above the Earth’s atmosphere. These signals are very reliable and can be picked up anywhere in the Worlds as long as the GPS antenna has a clear view of the sky.

The alternative is to use a dedicated NTP server that can receive a signal from the national time and frequency transmissions broadcast by several national physics laboratories. While not available in every country and quite vulnerable to interference these long-wave time signals are still an accurate and secure method of receiving UTC time. They are also ideally suited for network administrators who, for reasons of logistics can’t place a GPS antenna on the roof.

What is a NTP server?

A NTP server is really just a time server that utilises Network Time Protocol (NTP). Whilst other time protocols do exist, NTP is by far the most commonly used and is utilised in over ninety percent of time servers.

NTP server and time server are therefore interchangeable terms but describe the same thing: a device used to receive and distribute a timing signal.

The timing signal utilised by most NTP servers is a UTC time source. UTC (Coordinated Universal Time) is a global time scale based on the time told by atomic clocks. By utilising UTC a NTP server can in affect, synchronise a network to the same time as millions of other computer networks from around the world. This has made possible many online global transactions that just simply wouldn’t be possible without UTC.

The timing signal is received by the NTP server (or time server) via a number of ways; the Internet, national time and frequency transmission (long wave) or the GPS (global positioning system) network. Once received the time server (NTP server) checks the authenticity of this signal (except from Internet sources where authentication is not possible), evaluates its accuracy then distributes it amongst the network.

To prevent a possible overload of time requests to the time server, machines that receive a time signal from the NTP server, can themselves be used as a time reference and the machines that receive a time signal from those can again be used as a reference. This hierarchy is called stratum levels. A NTP server is a stratum 1 device, a machine that receives a signal directly from the time server is a stratum 2 device and if a machine receives a signal from that it becomes stratum 3.