Home > Uncategorized

Archive for the ‘Uncategorized’ Category

Why the Need for NTP

Saturday, December 20th, 2008

Network Time Protocol is an Internet protocol used to synchronize computer clocks to a stable and precise time reference. NTP was originally developed by Professor David L. Mills at the University of Delaware in 1985 and is an Internet standard protocol.

NTP was developed to solve the problem of multiple computers working together and having the different time. Whilst, time usually just advances, if programs are running on different computers time should advance even if you switch from one computer to another. However, if one system is ahead of the other, switching between these systems would cause time to jump forward and back.

As a consequence, networks may run their own time, but as soon as you connect to the Internet, effects become visible. Just Email messages arrive before they were sent, and are even replied to before they were mailed!

Whilst this sort of problem may seem innocuous when it comes to receiving email, however, in some environments a lack of synchronisation can have disastrous results this is why air traffic control was one of the first applications for NTP.

NTP uses a single time source and distributes it amongst all devices on a network it does this by using an algorithm that works out how much to adjust a system clock to ensure synchronisation.

NTP works on a hierarchical basis to ensure there are no network traffic and bandwidth problems. It uses a single time source, normally UTC (coordinated universal time) and receives time requests from the machines on the top of the hierarch which then pass the time on further down the chain.

Most networks that utilise NTP will use a dedicated network time server to receive their UTC time signal. These can receive the time from the GPS network or radio transmissions broadcast by national physics laboratories. These dedicated NTP time servers are ideal as they receive time direct from an atomic clock source they are also secure as they are situated externally and therefore do not require interruptions in the network firewall.

UTC Radio References from Around the World

Friday, October 17th, 2008

UTC (Coordinated Universal Time) is the global civil timescale used by millions of people, businesses and authorities across the globe. UTC is based on the time told by caesium atomic clocks. These clocks are the most reliably accurate chronometers on Earth, able to maintain accurate time for several millions of years whilst neither losing nor gaining a second.

Unfortunately caesium clocks are far too expensive and delicate pieces of machinery to make it practical for us all to have one but fortunately the time that they tell is transmitted by several countries. These nation’s national physics laboratories tend to broadcast the UTC time from these clocks by long-wave.

In the UK the 60 kHz transmission is broadcast by the National Physical Laboratory from a transmitter in Anthorn in Cumbria (it was based in Rugby until 2007). NPL constantly maintain the transmissions and assess its accuracy. Whilst the MSF signal is a British based transmission is possible to receive the signal in some parts of northern Europe and Scandinavia.

However, in mainland Europe, the strongest time and frequency signal is the German transmission broadcast from Frankfurt in Germany. This signal known as the DCF is controlled and maintained by the German National Physics Laboratory. While Switzerland also has its own time and frequency signal, the German DCF signal is by far the most widely used in Europe.

In the USA a similar system is maintained by NIST (National Institute for Standards and Time) and is broadcast from Fort Collins, Colorado. This signal is known as WWVB and is available in most parts of Northern America (including Canada).

Japan maintains its own timing broadcast (JJY) also which is popular in the south pacific and several other countries (such as France) maintain their own signals too although these tend to have only minor coverage.

All these times signals operate in a similar fashion. The strength of the signal is either reduced by between 6 and 10 dB or switched off for a specific amount of time before being restored at the start of each second. The amount of time the signal is reduced indicates a stream of binary numbers with positioning markers.
The signals operate on a 60 kHz frequency and carry a time and date code which relays the following information in binary format: Year, month, day of month,  day of week,  hour,  minute,  DUT1 (the difference between UTC and UT1 which is based on the Earths rotation). The signals also relay information about local time such as British Summer Time.

How to Configure an Authoritative Time Server in Windows Server 2008

Thursday, October 16th, 2008

Time synchronisation in modern computer networks is essential, all computers need to know the time as many applications, from sending an email to storing information are reliant on the PC knowing when the event took place.

Microsoft Windows Server from 2000 onwards has a time synchronisation utility built into the operating system called Windows Time (w32time.exe) which can be configured to operate as a network time server.

Windows Server 2008 can easily set the system clock to use UTC (Coordinated Universal Time, the World’s time standard) by accessing an Internet source (either: time.windows.com or time.nist.gov).

To achieve this, a user merely has to double click the clock on their desktop and adjust the settings in the Internet Time tab.

It must be noted however, that Microsoft and other operating system manufacturers strongly advise that external timing references should be used as Internet sources can’t be authenticated.

To configure the Windows Time service to use an external time source, click Start, Run and type regedit then click OK.

Locate the following subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\Type
In the right pane, right-click Type then click Modify, in edit Value type NTP in the Value data box then click OK.

Locate the following subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\AnnounceFlags.
In the right pane, right-click AnnounceFlags and click Modify. The ‘AnnounceFlags’ registry entry indicates whether the server is a trusted time reference, 5 indicates a trusted source so in the Edit DWORD Value box, under Value Data, type 5, then click OK.

Network Time Protocol (NTP) is an Internet protocol used for the transfer of accurate time, providing time information along so that a precise time can be obtained
To enable the Network Time Protocol; NTPserver, locate and click:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer\
In the right pane, right-click Enabled, then click Modify.

In the Edit DWord Value box, type 1 under Value data, then click OK.

Now go back and click on
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\NtpServer
In the right pane, right-click NtpServer, then Modify, in the Edit DWORD Value under Value Data type In the right pane, right-click NtpServer, then Modify, in the Edit DWORD Value under Value Data type the Domain Name System (DNS), each DNS must be unique and you must append 0x1 to the end of each DNS name otherwise changes will not take effect.

Now click Ok.

Locate and click the following
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient\SpecialPollInterval
In the right pane, right-click SpecialPollInterval, then click Modify.

In the Edit DWORD Value box, under Value Data, type the number of seconds you want for each poll, ie 900 will poll every 15 minutes, then click OK.
To configure the time correction settings, locate:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\config
In the right pane, right-click MaxPosPhaseCorrection, then Modify, in the Edit DWORD Value box, under Base, click Decimal, under Value Data, type a time in seconds such as 3600 (an hour) then click OK.
Now go back and click:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\config
In the right pane, right-click MaxNegPhaseCorrection, then Modify.

In the Edit DWORD box under base, click Decimal, under value data type the time in seconds you want to poll such as 3600 (polls in one hour)
Exit Registry Editor
Now, to restart windows time service, click Start, Run (or alternatively use the command prompt facility) and type:

net stop w32time && net start w32time
And that’s it your time server should be now up and running.

Network Time Protocol (NTP), Understanding Synchronisation.

Tuesday, October 7th, 2008

Network Time Protocol seems to have been around for ever. In fact it is indeed one of the Internet’s oldest protocols having been developed in the 1980’s by Professor David Mills and his team from Delaware University.

In a laid-back world it perhaps doesn’t matter if computer networks are not synchronised. The only consequences of timing errors could be that an email arrives before it was sent but in industries such as airline seat reservation, the stock exchange or satellite communication, fractions of a second can cause serious errors such as selling seats more than once, the loss of millions of dollars or even fraud.

Computers are logical machines and as time is linear to a computer any event that happens on one machine must happen before news of that event reaches another. When networks are not synchronised computers struggle to deal with events that have obviously occurred (such as an email being sent) but according to their clock and time stamp it hasn’t yet, just think back to the millennium bug where it was feared clocks would jump back to 1900!

For this very reason NTP was developed.  NTP uses an algorithm (Marzullo’s algorithm) to synchronise the time with the current version of NTP can maintain time over the public Internet to within 10 milliseconds and can perform even better over LANs. NTP time servers work within the TCP/IP suite and rely on UDP (User Datagram Protocol).

NTP servers are normally dedicated NTP devices that use a single time reference to synchronise a network to. This time reference is most often a UTC (Coordinated Universal Time) source. UTC is a global time scale distributed by atomic clocks via the Internet, specialist long wave radio transmissions or via the GPS (Global Positioning System) network.

The NTP algorithm uses this time reference to determine the amount to advance or retreat the system or network clock. NTP analyses the timestamp’s values including the frequency of errors and its stability. A NTP server will maintain an estimate the quality of both the reference clocks and itself.

NTP is hierarchical. The distance from the timing reference is divided into strata. Stratum 0 is the atomic clock reference; Stratum 1 is the NTP server, while Stratum 2 is a server that receives timing information from the NTP server. NTP can support almost limitless strata although the further away from the timing reference you go the less accurate it will be.

As each stratum level can both receive and send timing signals, the advantage of this hierarchical system is that thousands of machines can be synchronised with only the need for one NTP server.

NTP contains its a security measure called authentication. Authentication verifies that each timestamp has come from the intended time reference by analysing a set of encryption keys that are sent with the time reference.  NTP analyses it and confirms whether it has come from the time source by verifying it against a set of trusted keys in its configuration files.

However, authentication is unavailable from timing sources from across the Internet which is why Microsoft and Novell amongst others strongly recommend only external time references are used such as a dedicated GPS NTP server or one that receives the national time and frequency long wave transmission.

Receiving a Time Source

Thursday, September 18th, 2008

A NTP Server connects to a computer network with the purpose of synchronising all computers, routers and other devices to the exact same time. NTP servers use Network Time Protocol to adjust the drift of different machines to match the reference time.

NTP servers rely on using a reference clock; most networks that use a NTP server will use a UTC (Coordinated Universal Time) time source. UTC is based on the time told by the incredibly accurate and expensive atomic clocks.

Atomic clocks work on the principle that a single atom (in most cases the caesium -133) will resonate at an exact rate at certain energy levels. The accuracy of atomic clocks is so proficient that UTC was developed to allow international Atomic Time (TAI) and Greenwich Meantime (GMT) to be combined, allowing for the slowing of the Earth’s rotation by adding leap seconds and therefore keeping the Sun at the Earth’s meridian at noon.

Failure to account for this slowing in the Earth’s spin would result in the eventual drift of day and night (albeit in many millennia).
A NTP server can be set to receive a UTC time signal from across the Internet although these can vary tremendously in accuracy and are reliant on reasonably close distances from client and server.

Relying on an Internet based timing references can also leave a network open to malicious users as they can not utilise NTP authentication which is a security measure used to ensure a timing reference is what it says it is.

Many dedicated NTP servers are designed to receive a more accurate and authenticated timing reference. One method utilises radio transmissions that are broadcast by several national physics laboratories such as NIST (National Institute for Standards and Technology) in the US (WWVB signal) and NPL (National Physical Laboratory) in the UK (MSF signal). These signals are broadcast in long wave and can be picked up within the broadcast area although the signals can be blocked by local geographical features.

Another method to receive a UTC timing reference is to use the onboard atomic clocks on GPS (Global Positioning System) network. While GPS is most commonly known as a positioning system the satellite actually relays timing information which is used by GPS receivers to calculate the time it has travelled and therefore the distance.
While the GPS signals are not broadcast in UTC format they are highly accurate and NTP has no problem in converting them.

The NTP server checks the time stamp from the UTC source and uses the information to calculate if the network clocks are drifting and adds or subtracts a second to match the reference clock. The NTP server will do this at set intervals, normally every fifteen minutes to ensure perfect accuracy.

NTP is accurate to within 1/100th of a second (10 milliseconds) over the public Internet and can perform even better over LANs and WANS with accuracies of 1/5000th of a second (200 microseconds) not unheard of.

To ensure further accuracy the NTP service (or daemon on Linux) runs in the background and does not believe the time it is told until after several exchanges and each one has passed a protocol specification (a test), the server is then considered. It usually takes about five good samples) until a NTP server is accepted as a timing source.

A Brief History of NTP Time

Wednesday, September 17th, 2008

NTP (network time protocol) is an Internet protocol. Protocols are simply a set of instructions that a computer will follow and NTP has been designed and developed to synchronize computer networks.

It was developed in the 1985 by Professor David Mills from the University of Delaware when the Internet was still in its infancy. Professor Mills realised the need for synchronisation amongst computers when they were talking to each other.

NTP uses Marzullo’s Algorithm which is an agreement algorithm used to select sources for estimating accurate time from a number of noisy time sources.  NTP works by distributing a single time source. Whilst this time reference can be anything such as a wrist watch, it makes little sense to synchronise a network to anything other than UTC time.

UTC (Coordinated Universal Time) is a global time scale based on the time told by atomic clocks. Atomic clocks boast such high levels of accuracy that they do not lose or gain a second in over a million years.

By synchronizing to a UTC time source a network can in affect be synchronised to every other network that uses UTC time.

Once a time source has been selected the NTP daemon (or service on Windows) not only distributes the time reference it also continually checks for accuracy and errors.

NTP is a hierarchical system. The distance from a time server is referred to as a stratum level. A stratum 0 server is a time source itself such as an atomic clock, a stratum 1 server is the NTP time server whilst a stratum 2 server is  a device that receives the time from the time server and stratum 3 servers receive the time signal via a stratum 2 server.

Arranging the network into strata means that a NTP time server can distribute time to hundreds or even thousands of machines without the network or time server itself becoming congested with traffic.  Although it must be noted that the lower down the stratum level a device a fall in accuracy can be expected.

The actual UTC time signal can be received from a number of ways. From across the Internet although this can cause security issues as the time signal can’t be authenticated which is NTP’s inbuilt security measure. It is far safer to receive a time signal from a radio signal broadcast by several national physics laboratories or even the GPS network  whose onboard atomic clocks can be utilised as a timing source if the NTP time server is fitted with a GPS receiver.

Choosing a NTP Server and Selecting the Best Timing Source for You

Wednesday, September 10th, 2008

The NTP server is an integral part of the modern computer network. Without Network Time Protocol and NTP time servers many of the modern functionality of computers that we take for granted such as online reservation, Internet trading and satellite communication would be impossible.

Synchronisation in computers is dealt with by NTP.  NTP and NTP servers use a single time reference to synchronise all machines on a network to that time.  This time reference could in fact be anything such as the time on a wrist watch perhaps. However, synchronisation is pointless unless a UTC (coordinated universal time) time source is used as UTC has been developed to allow the whole world to synchronise to the same time, allowing truly global synchronisation.

UTC is based on the time told by atomic clocks although compensation measures such as Leap Seconds are added to UTC to keep it inline with Greenwich Meantime (GMT).

Atomic clocks are very expensive and extremely delicate pieces of equipment and not the sort of thing that can be housed in the office server room. Fortunately a NTP server can receive a UTC time source from several different locations.

The Internet is perhaps the most widely used source of time references. Unfortunately however, there are draw backs in using the Internet for a timing source. Firstly the Internet timing sources can’t be authenticated. Authentication is a security measure used by NTP to check that timing source is genuine. Secondly, to use an Internet timing reference means a hole has to be left open in the network’s firewall, again compromising security. Thirdly, Internet timing sources are notoriously inaccurate and those that aren’t can often be too far away from a client to provide any useful precision.

However, if security and high level of accuracy to UTC time is not required then the Internet can provide a simple and affordable solution.

A far more secure method of receiving a UTC timing reference is to use the specialist national time and frequency transmission broadcast by several countries. The UK (MSF), USA (WWVB), Germany (DCF) and Japan (JJY) all boast a long wave timing signal. While these signals are limited in range and strength, where available they make an ideal timing source as the radio receiver can pick these signals up from inside a building. These transmissions can also be authenticated providing a high level of security.

The third and perhaps simplest solution is to use a GPS NTP server. These use the signals sent from the Global Positioning System which contains timing information. This is ideal as the GPS signal can be received literally anywhere in the world so if there is no radio transmission your area then the GPS network will provide a secure and authenticated solution.

The only downside to GPS is that an antenna has to have a good view of the sky and therefore need to be positioned on the roof. This obviously has logistical drawbacks if the server room is in the basement of a sky-scraper.

In selecting a timing source, the most important thing to remember is where the NTP server is going to be situated. If it is indoors and there is no opportunity to run and antenna to the roof then the radio transmissions would be the best alternative. If there are no radio transmission in your country/area or the signals are blocked by local topography then the GPS is an ideal solution.

However, if accuracy and security are not an issue then the Internet  would be the most obvious solution.

Understanding a NTP GPS Server

Monday, September 8th, 2008

A NTP GPS Server is a type of time server that uses Network Time Protocol (NTP) as a method for synchronizing the time on network devices and computers after receiving a time signal from he GPS network.

The GPS (Global Positioning System) network is a constellation of satellites owned and operated by the USA military. Most people are aware of GPS as an aid for satellite navigation. In actual fact, the basis of the transmissions broadcast by the GPS satellites is a time signal. This time signal is generated by the satellite’s onboard atomic clock. It is this information that a satellite navigation system receives and calculates by triangulation the distance away from the satellites.

This timing signal is what is used by a NTP GPS server as a reference to synchronize a network too. NTP then distributes this time to all routers and computers on that network.

A NTP GPS server comprises of a GPS receiver, GPS antenna and NTP software. The GPS antenna should be situated on a rooftop which will give the best possibility of receiving the transmissions from the satellites.

The GPS receiver then converts this information into timing information that can be read and distributed by NTP.

While the atomic clocks onboard the GPS satellites do not transmit a UTC timing code (Coordinated Universal Time). However, NTP has the ability to convert the atomic clock from the satellites to UTC. This allows computer networks to be synchronized to the same universal time source no matter where they are in the world.

Using a dedicated NTP GPS server a network can be synchronized to within a few milliseconds of UTC time with accuracies of a few hundred nanoseconds made possible over LAN’s.

Time Servers: Maintaining Precise Time on Your Computers

Monday, September 8th, 2008

Computer networks rely on timekeeping for nearly all their applications, from sending an email to saving data, a timestamp is necessary for computer to keep track. All routers and switches need to run at the same rate, out of sync devices can lead to data being lost and even entire connections.

All PC’s and networking devices use clocks to maintain an internal system time. These clocks, called Real Time Clock chips (RTC) provide time and date information. The chips are battery backed so that even during power outages, they can maintain time.

However, personal computers are not designed to be perfect clocks, their design has been optimized for mass production and low-cost rather than maintaining accurate time. However, these internal clocks are prone to drift and although for many application this can be quite adequate, often machines need to work together on a network and if the computers drift at different rates the computers will become out of sync with each other and problems can arise particularly with time sensitive transactions.

For some transactions it is necessary for computers to be perfectly synchronised, even a few seconds difference between machines can have serious effects, such as finding an airline ticket you had booked had been sold moments later to another customer or you could draw your savings out of a cash machine and when your account is empty you could quickly going to another machine and withdraw it all again.

Time servers are like other computer servers in the sense they are usually located on a network. A time server gathers timing information, usually from an external hardware source and then synchronises the network to that time.

Most time servers use NTP (Network Time Protocol) which is one of the Internet’s oldest protocols still used, invented by Dr David Mills from the University of Delaware, it has been in utilized since 1985. NTP is a protocol designed to synchronize the clocks on computers and networks across the Internet or Local Area Networks (LANs).

NTP utilises an external timing reference and then synchronises all devices on the network to that time.

Often time servers are synchronised to a UTC (Coordinated Universal time) source which is the global standard time scale and allows computers all over the world to synchronised to exactly the same time. This has obvious importance in industries where exact timing is crucial such as the stock exchange or airline industry.

There are various sources that a time server can use as a timing reference. The Internet is an obvious source, however, internet timing references from the Internet such as nist.gov and windows.time can not be authenticated, leaving the time server and therefore the network vulnerable to security threats.

Understanding Computer Timestamps with NTP

Monday, September 8th, 2008

The way a computer deals with time is totally different to the ways humans perceive it. We arrange time into seconds, minutes, hours, days, weeks, months and years, while computers on the other hand arrange time as a single number representing the seconds that have passed from a single point in time, known as the prime epoch.

Most computers use NTP (Network Time Protocol) to deal with time and on networks many are synchronised using a dedicated NTP time server.  NTP knows nothing about days, years or centuries, only the seconds from the prime epoch.  This prime epoch is set (for most systems) at midnight at the turn of the century twentieth century that for a human would be recorded as something like: 00:00 – 01,01,1900.

Computers, however, count time as the number of seconds past this point. If a computer was around in 1900 its timestamp on midnight January 1 would be 0 while in 1972 at the same date the timestamp would be 2,272,060,800, which represents the number of seconds since 1900.

The timestamps restart every 136 years with the next wrap around due in 2036, this has caused uneasiness amongst some who fear a Millennium Bug type scenario, although most doubt such events would occur, however, when a wrap-around of the timestamp does happen an era integer will be added (+1), to allow computers to deal with time spans that cover more than one wrap-around.  If computers and NTP need to deal with time that spans before the prime epoch a negative integer is used (for the year 1500 a -3 will be used to represent three cycles of 136 years).

Timestamps are used in virtually every transaction that modern computers are tasked to do such as sending emails, debugging and programming. Because time is linear, a computer knows that each timestamp is always greater than the previous one and therefore computers and NTP find it difficult to deal with inaccuracies in time, particularly when time suddenly appears to go backwards.

This can happen if computers are not synchronised to the same time. If an email is sent to a machine with a slower clock, it appears to the computer to have been received before it has been sent.  Lack of synchronisation can serious problems and can even leave a system vulnerable to malicious attacks and even fraud.

Because of this, most computer networks are synchronised to UTC (Coordinated Universal Time). UTC is a global timescale and the same for everybody worldwide it is based on the time told by atomic clocks which are highly accurate, neither gaining nor losing a second in millions of years.

Most computer networks use a dedicated NTP time server to receive a UTC time to synchronise their computers too.  UTC is available from across the Internet (although unsecured), via the GPS network (Global Positioning System), or by receiving national time and frequency broadcasts via long wave.

NTP synchronises a computer by checking the received UTC time and adding to or holding a computer’s timestamp until it perfectly matches UTC. By using a dedicated NTP time server UTC can be maintained on a network to a few milliseconds of UTC time.