Posted by Richard N Williams on October 7th, 2008
Network Time Protocol seems to have been around for ever. In fact it is indeed one of the Internet’s oldest protocols having been developed in the 1980’s by Professor David Mills and his team from Delaware University.
In a laid-back world it perhaps doesn’t matter if computer networks are not synchronised. The only consequences of timing errors could be that an email arrives before it was sent but in industries such as airline seat reservation, the stock exchange or satellite communication, fractions of a second can cause serious errors such as selling seats more than once, the loss of millions of dollars or even fraud.
Computers are logical machines and as time is linear to a computer any event that happens on one machine must happen before news of that event reaches another. When networks are not synchronised computers struggle to deal with events that have obviously occurred (such as an email being sent) but according to their clock and time stamp it hasn’t yet, just think back to the millennium bug where it was feared clocks would jump back to 1900!
For this very reason NTP was developed. NTP uses an algorithm (Marzullo’s algorithm) to synchronise the time with the current version of NTP can maintain time over the public Internet to within 10 milliseconds and can perform even better over LANs. NTP time servers work within the TCP/IP suite and rely on UDP (User Datagram Protocol).
NTP servers are normally dedicated NTP devices that use a single time reference to synchronise a network to. This time reference is most often a UTC (Coordinated Universal Time) source. UTC is a global time scale distributed by atomic clocks via the Internet, specialist long wave radio transmissions or via the GPS (Global Positioning System) network.
The NTP algorithm uses this time reference to determine the amount to advance or retreat the system or network clock. NTP analyses the timestamp’s values including the frequency of errors and its stability. A NTP server will maintain an estimate the quality of both the reference clocks and itself.
NTP is hierarchical. The distance from the timing reference is divided into strata. Stratum 0 is the atomic clock reference; Stratum 1 is the NTP server, while Stratum 2 is a server that receives timing information from the NTP server. NTP can support almost limitless strata although the further away from the timing reference you go the less accurate it will be.
As each stratum level can both receive and send timing signals, the advantage of this hierarchical system is that thousands of machines can be synchronised with only the need for one NTP server.
NTP contains its a security measure called authentication. Authentication verifies that each timestamp has come from the intended time reference by analysing a set of encryption keys that are sent with the time reference. NTP analyses it and confirms whether it has come from the time source by verifying it against a set of trusted keys in its configuration files.
However, authentication is unavailable from timing sources from across the Internet which is why Microsoft and Novell amongst others strongly recommend only external time references are used such as a dedicated GPS NTP server or one that receives the national time and frequency long wave transmission.