Archive for the ‘Uncategorized’ Category

How to Configure an Authoritative Time Server in Windows Server 2008

Thursday, October 16th, 2008

Time synchronisation in modern computer networks is essential, all computers need to know the time as many applications, from sending an email to storing information are reliant on the PC knowing when the event took place.

Microsoft Windows Server from 2000 onwards has a time synchronisation utility built into the operating system called Windows Time (w32time.exe) which can be configured to operate as a network time server.

Windows Server 2008 can easily set the system clock to use UTC (Coordinated Universal Time, the World’s time standard) by accessing an Internet source (either: time.windows.com or time.nist.gov).

To achieve this, a user merely has to double click the clock on their desktop and adjust the settings in the Internet Time tab.

It must be noted however, that Microsoft and other operating system manufacturers strongly advise that external timing references should be used as Internet sources can’t be authenticated.

To configure the Windows Time service to use an external time source, click Start, Run and type regedit then click OK.

Locate the following subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\Type
In the right pane, right-click Type then click Modify, in edit Value type NTP in the Value data box then click OK.

Locate the following subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\AnnounceFlags.
In the right pane, right-click AnnounceFlags and click Modify. The ‘AnnounceFlags’ registry entry indicates whether the server is a trusted time reference, 5 indicates a trusted source so in the Edit DWORD Value box, under Value Data, type 5, then click OK.

Network Time Protocol (NTP) is an Internet protocol used for the transfer of accurate time, providing time information along so that a precise time can be obtained
To enable the Network Time Protocol; NTPserver, locate and click:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer\
In the right pane, right-click Enabled, then click Modify.

In the Edit DWord Value box, type 1 under Value data, then click OK.

Now go back and click on
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\NtpServer
In the right pane, right-click NtpServer, then Modify, in the Edit DWORD Value under Value Data type In the right pane, right-click NtpServer, then Modify, in the Edit DWORD Value under Value Data type the Domain Name System (DNS), each DNS must be unique and you must append 0×1 to the end of each DNS name otherwise changes will not take effect.

Now click Ok.

Locate and click the following
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient\SpecialPollInterval
In the right pane, right-click SpecialPollInterval, then click Modify.

In the Edit DWORD Value box, under Value Data, type the number of seconds you want for each poll, ie 900 will poll every 15 minutes, then click OK.
To configure the time correction settings, locate:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\config
In the right pane, right-click MaxPosPhaseCorrection, then Modify, in the Edit DWORD Value box, under Base, click Decimal, under Value Data, type a time in seconds such as 3600 (an hour) then click OK.
Now go back and click:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\config
In the right pane, right-click MaxNegPhaseCorrection, then Modify.

In the Edit DWORD box under base, click Decimal, under value data type the time in seconds you want to poll such as 3600 (polls in one hour)
Exit Registry Editor
Now, to restart windows time service, click Start, Run (or alternatively use the command prompt facility) and type:

net stop w32time && net start w32time
And that’s it your time server should be now up and running.

Network Time Protocol (NTP), Understanding Synchronisation.

Tuesday, October 7th, 2008

Network Time Protocol seems to have been around for ever. In fact it is indeed one of the Internet’s oldest protocols having been developed in the 1980’s by Professor David Mills and his team from Delaware University.

In a laid-back world it perhaps doesn’t matter if computer networks are not synchronised. The only consequences of timing errors could be that an email arrives before it was sent but in industries such as airline seat reservation, the stock exchange or satellite communication, fractions of a second can cause serious errors such as selling seats more than once, the loss of millions of dollars or even fraud.

Computers are logical machines and as time is linear to a computer any event that happens on one machine must happen before news of that event reaches another. When networks are not synchronised computers struggle to deal with events that have obviously occurred (such as an email being sent) but according to their clock and time stamp it hasn’t yet, just think back to the millennium bug where it was feared clocks would jump back to 1900!

For this very reason NTP was developed.  NTP uses an algorithm (Marzullo’s algorithm) to synchronise the time with the current version of NTP can maintain time over the public Internet to within 10 milliseconds and can perform even better over LANs. NTP time servers work within the TCP/IP suite and rely on UDP (User Datagram Protocol).

NTP servers are normally dedicated NTP devices that use a single time reference to synchronise a network to. This time reference is most often a UTC (Coordinated Universal Time) source. UTC is a global time scale distributed by atomic clocks via the Internet, specialist long wave radio transmissions or via the GPS (Global Positioning System) network.

The NTP algorithm uses this time reference to determine the amount to advance or retreat the system or network clock. NTP analyses the timestamp’s values including the frequency of errors and its stability. A NTP server will maintain an estimate the quality of both the reference clocks and itself.

NTP is hierarchical. The distance from the timing reference is divided into strata. Stratum 0 is the atomic clock reference; Stratum 1 is the NTP server, while Stratum 2 is a server that receives timing information from the NTP server. NTP can support almost limitless strata although the further away from the timing reference you go the less accurate it will be.

As each stratum level can both receive and send timing signals, the advantage of this hierarchical system is that thousands of machines can be synchronised with only the need for one NTP server.

NTP contains its a security measure called authentication. Authentication verifies that each timestamp has come from the intended time reference by analysing a set of encryption keys that are sent with the time reference.  NTP analyses it and confirms whether it has come from the time source by verifying it against a set of trusted keys in its configuration files.

However, authentication is unavailable from timing sources from across the Internet which is why Microsoft and Novell amongst others strongly recommend only external time references are used such as a dedicated GPS NTP server or one that receives the national time and frequency long wave transmission.

Receiving a Time Source

Thursday, September 18th, 2008

A NTP Server connects to a computer network with the purpose of synchronising all computers, routers and other devices to the exact same time. NTP servers use Network Time Protocol to adjust the drift of different machines to match the reference time.

NTP servers rely on using a reference clock; most networks that use a NTP server will use a UTC (Coordinated Universal Time) time source. UTC is based on the time told by the incredibly accurate and expensive atomic clocks.

Atomic clocks work on the principle that a single atom (in most cases the caesium -133) will resonate at an exact rate at certain energy levels. The accuracy of atomic clocks is so proficient that UTC was developed to allow international Atomic Time (TAI) and Greenwich Meantime (GMT) to be combined, allowing for the slowing of the Earth’s rotation by adding leap seconds and therefore keeping the Sun at the Earth’s meridian at noon.

Failure to account for this slowing in the Earth’s spin would result in the eventual drift of day and night (albeit in many millennia).
A NTP server can be set to receive a UTC time signal from across the Internet although these can vary tremendously in accuracy and are reliant on reasonably close distances from client and server.

Relying on an Internet based timing references can also leave a network open to malicious users as they can not utilise NTP authentication which is a security measure used to ensure a timing reference is what it says it is.

Many dedicated NTP servers are designed to receive a more accurate and authenticated timing reference. One method utilises radio transmissions that are broadcast by several national physics laboratories such as NIST (National Institute for Standards and Technology) in the US (WWVB signal) and NPL (National Physical Laboratory) in the UK (MSF signal). These signals are broadcast in long wave and can be picked up within the broadcast area although the signals can be blocked by local geographical features.

Another method to receive a UTC timing reference is to use the onboard atomic clocks on GPS (Global Positioning System) network. While GPS is most commonly known as a positioning system the satellite actually relays timing information which is used by GPS receivers to calculate the time it has travelled and therefore the distance.
While the GPS signals are not broadcast in UTC format they are highly accurate and NTP has no problem in converting them.

The NTP server checks the time stamp from the UTC source and uses the information to calculate if the network clocks are drifting and adds or subtracts a second to match the reference clock. The NTP server will do this at set intervals, normally every fifteen minutes to ensure perfect accuracy.

NTP is accurate to within 1/100th of a second (10 milliseconds) over the public Internet and can perform even better over LANs and WANS with accuracies of 1/5000th of a second (200 microseconds) not unheard of.

To ensure further accuracy the NTP service (or daemon on Linux) runs in the background and does not believe the time it is told until after several exchanges and each one has passed a protocol specification (a test), the server is then considered. It usually takes about five good samples) until a NTP server is accepted as a timing source.

A Brief History of NTP Time

Wednesday, September 17th, 2008

NTP (network time protocol) is an Internet protocol. Protocols are simply a set of instructions that a computer will follow and NTP has been designed and developed to synchronize computer networks.

It was developed in the 1985 by Professor David Mills from the University of Delaware when the Internet was still in its infancy. Professor Mills realised the need for synchronisation amongst computers when they were talking to each other.

NTP uses Marzullo’s Algorithm which is an agreement algorithm used to select sources for estimating accurate time from a number of noisy time sources.  NTP works by distributing a single time source. Whilst this time reference can be anything such as a wrist watch, it makes little sense to synchronise a network to anything other than UTC time.

UTC (Coordinated Universal Time) is a global time scale based on the time told by atomic clocks. Atomic clocks boast such high levels of accuracy that they do not lose or gain a second in over a million years.

By synchronizing to a UTC time source a network can in affect be synchronised to every other network that uses UTC time.

Once a time source has been selected the NTP daemon (or service on Windows) not only distributes the time reference it also continually checks for accuracy and errors.

NTP is a hierarchical system. The distance from a time server is referred to as a stratum level. A stratum 0 server is a time source itself such as an atomic clock, a stratum 1 server is the NTP time server whilst a stratum 2 server is  a device that receives the time from the time server and stratum 3 servers receive the time signal via a stratum 2 server.

Arranging the network into strata means that a NTP time server can distribute time to hundreds or even thousands of machines without the network or time server itself becoming congested with traffic.  Although it must be noted that the lower down the stratum level a device a fall in accuracy can be expected.

The actual UTC time signal can be received from a number of ways. From across the Internet although this can cause security issues as the time signal can’t be authenticated which is NTP’s inbuilt security measure. It is far safer to receive a time signal from a radio signal broadcast by several national physics laboratories or even the GPS network  whose onboard atomic clocks can be utilised as a timing source if the NTP time server is fitted with a GPS receiver.

Choosing a NTP Server and Selecting the Best Timing Source for You

Wednesday, September 10th, 2008

The NTP server is an integral part of the modern computer network. Without Network Time Protocol and NTP time servers many of the modern functionality of computers that we take for granted such as online reservation, Internet trading and satellite communication would be impossible.

Synchronisation in computers is dealt with by NTP.  NTP and NTP servers use a single time reference to synchronise all machines on a network to that time.  This time reference could in fact be anything such as the time on a wrist watch perhaps. However, synchronisation is pointless unless a UTC (coordinated universal time) time source is used as UTC has been developed to allow the whole world to synchronise to the same time, allowing truly global synchronisation.

UTC is based on the time told by atomic clocks although compensation measures such as Leap Seconds are added to UTC to keep it inline with Greenwich Meantime (GMT).

Atomic clocks are very expensive and extremely delicate pieces of equipment and not the sort of thing that can be housed in the office server room. Fortunately a NTP server can receive a UTC time source from several different locations.

The Internet is perhaps the most widely used source of time references. Unfortunately however, there are draw backs in using the Internet for a timing source. Firstly the Internet timing sources can’t be authenticated. Authentication is a security measure used by NTP to check that timing source is genuine. Secondly, to use an Internet timing reference means a hole has to be left open in the network’s firewall, again compromising security. Thirdly, Internet timing sources are notoriously inaccurate and those that aren’t can often be too far away from a client to provide any useful precision.

However, if security and high level of accuracy to UTC time is not required then the Internet can provide a simple and affordable solution.

A far more secure method of receiving a UTC timing reference is to use the specialist national time and frequency transmission broadcast by several countries. The UK (MSF), USA (WWVB), Germany (DCF) and Japan (JJY) all boast a long wave timing signal. While these signals are limited in range and strength, where available they make an ideal timing source as the radio receiver can pick these signals up from inside a building. These transmissions can also be authenticated providing a high level of security.

The third and perhaps simplest solution is to use a GPS NTP server. These use the signals sent from the Global Positioning System which contains timing information. This is ideal as the GPS signal can be received literally anywhere in the world so if there is no radio transmission your area then the GPS network will provide a secure and authenticated solution.

The only downside to GPS is that an antenna has to have a good view of the sky and therefore need to be positioned on the roof. This obviously has logistical drawbacks if the server room is in the basement of a sky-scraper.

In selecting a timing source, the most important thing to remember is where the NTP server is going to be situated. If it is indoors and there is no opportunity to run and antenna to the roof then the radio transmissions would be the best alternative. If there are no radio transmission in your country/area or the signals are blocked by local topography then the GPS is an ideal solution.

However, if accuracy and security are not an issue then the Internet  would be the most obvious solution.

Understanding a NTP GPS Server

Monday, September 8th, 2008

A NTP GPS Server is a type of time server that uses Network Time Protocol (NTP) as a method for synchronizing the time on network devices and computers after receiving a time signal from he GPS network.

The GPS (Global Positioning System) network is a constellation of satellites owned and operated by the USA military. Most people are aware of GPS as an aid for satellite navigation. In actual fact, the basis of the transmissions broadcast by the GPS satellites is a time signal. This time signal is generated by the satellite’s onboard atomic clock. It is this information that a satellite navigation system receives and calculates by triangulation the distance away from the satellites.

This timing signal is what is used by a NTP GPS server as a reference to synchronize a network too. NTP then distributes this time to all routers and computers on that network.

A NTP GPS server comprises of a GPS receiver, GPS antenna and NTP software. The GPS antenna should be situated on a rooftop which will give the best possibility of receiving the transmissions from the satellites.

The GPS receiver then converts this information into timing information that can be read and distributed by NTP.

While the atomic clocks onboard the GPS satellites do not transmit a UTC timing code (Coordinated Universal Time). However, NTP has the ability to convert the atomic clock from the satellites to UTC. This allows computer networks to be synchronized to the same universal time source no matter where they are in the world.

Using a dedicated NTP GPS server a network can be synchronized to within a few milliseconds of UTC time with accuracies of a few hundred nanoseconds made possible over LAN’s.

Time Servers: Maintaining Precise Time on Your Computers

Monday, September 8th, 2008

Computer networks rely on timekeeping for nearly all their applications, from sending an email to saving data, a timestamp is necessary for computer to keep track. All routers and switches need to run at the same rate, out of sync devices can lead to data being lost and even entire connections.

All PC’s and networking devices use clocks to maintain an internal system time. These clocks, called Real Time Clock chips (RTC) provide time and date information. The chips are battery backed so that even during power outages, they can maintain time.

However, personal computers are not designed to be perfect clocks, their design has been optimized for mass production and low-cost rather than maintaining accurate time. However, these internal clocks are prone to drift and although for many application this can be quite adequate, often machines need to work together on a network and if the computers drift at different rates the computers will become out of sync with each other and problems can arise particularly with time sensitive transactions.

For some transactions it is necessary for computers to be perfectly synchronised, even a few seconds difference between machines can have serious effects, such as finding an airline ticket you had booked had been sold moments later to another customer or you could draw your savings out of a cash machine and when your account is empty you could quickly going to another machine and withdraw it all again.

Time servers are like other computer servers in the sense they are usually located on a network. A time server gathers timing information, usually from an external hardware source and then synchronises the network to that time.

Most time servers use NTP (Network Time Protocol) which is one of the Internet’s oldest protocols still used, invented by Dr David Mills from the University of Delaware, it has been in utilized since 1985. NTP is a protocol designed to synchronize the clocks on computers and networks across the Internet or Local Area Networks (LANs).

NTP utilises an external timing reference and then synchronises all devices on the network to that time.

Often time servers are synchronised to a UTC (Coordinated Universal time) source which is the global standard time scale and allows computers all over the world to synchronised to exactly the same time. This has obvious importance in industries where exact timing is crucial such as the stock exchange or airline industry.

There are various sources that a time server can use as a timing reference. The Internet is an obvious source, however, internet timing references from the Internet such as nist.gov and windows.time can not be authenticated, leaving the time server and therefore the network vulnerable to security threats.

Understanding Computer Timestamps with NTP

Monday, September 8th, 2008

The way a computer deals with time is totally different to the ways humans perceive it. We arrange time into seconds, minutes, hours, days, weeks, months and years, while computers on the other hand arrange time as a single number representing the seconds that have passed from a single point in time, known as the prime epoch.

Most computers use NTP (Network Time Protocol) to deal with time and on networks many are synchronised using a dedicated NTP time server.  NTP knows nothing about days, years or centuries, only the seconds from the prime epoch.  This prime epoch is set (for most systems) at midnight at the turn of the century twentieth century that for a human would be recorded as something like: 00:00 – 01,01,1900.

Computers, however, count time as the number of seconds past this point. If a computer was around in 1900 its timestamp on midnight January 1 would be 0 while in 1972 at the same date the timestamp would be 2,272,060,800, which represents the number of seconds since 1900.

The timestamps restart every 136 years with the next wrap around due in 2036, this has caused uneasiness amongst some who fear a Millennium Bug type scenario, although most doubt such events would occur, however, when a wrap-around of the timestamp does happen an era integer will be added (+1), to allow computers to deal with time spans that cover more than one wrap-around.  If computers and NTP need to deal with time that spans before the prime epoch a negative integer is used (for the year 1500 a -3 will be used to represent three cycles of 136 years).

Timestamps are used in virtually every transaction that modern computers are tasked to do such as sending emails, debugging and programming. Because time is linear, a computer knows that each timestamp is always greater than the previous one and therefore computers and NTP find it difficult to deal with inaccuracies in time, particularly when time suddenly appears to go backwards.

This can happen if computers are not synchronised to the same time. If an email is sent to a machine with a slower clock, it appears to the computer to have been received before it has been sent.  Lack of synchronisation can serious problems and can even leave a system vulnerable to malicious attacks and even fraud.

Because of this, most computer networks are synchronised to UTC (Coordinated Universal Time). UTC is a global timescale and the same for everybody worldwide it is based on the time told by atomic clocks which are highly accurate, neither gaining nor losing a second in millions of years.

Most computer networks use a dedicated NTP time server to receive a UTC time to synchronise their computers too.  UTC is available from across the Internet (although unsecured), via the GPS network (Global Positioning System), or by receiving national time and frequency broadcasts via long wave.

NTP synchronises a computer by checking the received UTC time and adding to or holding a computer’s timestamp until it perfectly matches UTC. By using a dedicated NTP time server UTC can be maintained on a network to a few milliseconds of UTC time.

A Beginners Guide To The NTP Server

Monday, September 8th, 2008

Computer networking is one of the most difficult aspects of information and communications technology (ICT). The logistics of connecting terminals, routers, printers and all the other devices can leave many administrators with a constant headache.

One of the most important aspects that often gets overlooked and can have disastrous consequences is that of time synchronization.

It is imperative that all devices on a network are telling the same time as timestamps, the format a computer relays time to each other, are the only form of reference a computer can use to establish a sequence of events. If different machines on a network are telling different times then unforeseen consequences such as emails arriving before they have technically been sent and other anomalies will make the administrator’s headache even worse.

What’s more a computer network that is not synchronized is open to security threats and even fraud. Fortunately the NTP time server has been around for many years and can ease the headache of time synchronization .

NTP (Network Time Protocol) is one of the oldest protocols used by computer networks. Developed nearly three decades ago NTP is a protocol that checks the time on all devices on network and adds or subtracts enough time to ensure they are all synchronized.

NTP requires a time reference to synchronise the network’s clocks to. Whilst NTP can synchronize a network to any time an authoritative time source is obviously the best solution. UTC (Coordinated Universal Time) is a globally used timescale based on the time told by atomic clocks. As atomic clocks lose less than a second of time in over a thousand years, UTC is by far the best timing source to synchronize a network to. Not only will your network be perfectly synchronized together but also your network will be synchronized to the same time as millions of computer networks all from around the world.

A NTP server can receive a UTC time reference from several sources. The Internet is the most obvious source, however Internet timing sources are notoriously inaccurate and those that are not can be relatively useless if the distance is too far away. Also having placed your NTP server securely behind your firewall it does seem pointless to have to keep a hole open in it to allow the NTP server to poll the timing reference from across the web and leave the entire network vulnerable, particularly as NTP authentication (NTP’s own security measure) is not possible over the Internet.

There are two far more secure and accurate methods of receiving a UTC timing reference. The first is to utilise the national time and frequency transmissions that several countries broadcast from their national physics laboratories. These are usually broadcast via long wave which has an advantage of being able to be picked up inside a server room although many countries do not have such a signal.

However, many NTP servers can utilize the timing signal broadcast by the onboard atomic clocks of the GPS (Global Positioning System) satellites.  This signal is available everywhere but a GPS antenna is required that can get a clear view of the sky.

By utilizing a UTC timing source either through the GPS network of radio transmission a computer network can be synchronized to within a few milliseconds of UTC time.

NTP GPS Server for Time Critical Applications

Monday, September 8th, 2008

The GPS (Global Positioning System) is a Global Navigational Satellite System (GNSS) controlled and run by the United States of America.

GNSS systems work by using satellites several thousand miles above the Earth’s surface that beam timing information down to a GNSS receiver (like the satellite navigation unit in our cars). It is this information that is used by the GPS receiver to triangulate an exact position. They can only do this by having onboard their own highly accurate atomic clock as the distance the satellites are away from the Earth, even an inaccuracy of a second or two could mean a sat navigation’s location could be miles out.

As a consequence of having this accurate time sources, GPS and the new breed of GNSS systems can all be used to receive an absolute or UTC (Universal Coordinated Time) time source. This time source can be used by computer networks running a NTP server (Network Time Protocol) to synchronise all machines and devices to the same time.

NTP is a protocol designed to synchronise computers and network devices to an external timing reference.

GPS is an ideal time and frequency reference because it can provide highly accurate time anywhere in the world using relatively cheap components.  Each GPS satellite transmits in two frequencies L2 for the military use and L1 for use by civilians transmitted at 1575 MHz, Low-cost GPS antennas and receivers are now widely available and dedicated NTP GPS servers are now relatively low cost.

The radio signal transmitted by the satellite can pass through windows but can be blocked by buildings so the ideal location for a GPS antenna is on a rooftop with a good view of the sky. The more satellites it can receive from the better the signal. However, roof-mounted antennas can be prone to lighting strikes or other voltage surges so a suppressor is highly recommend being installed inline on the GPS cable.

A NTP GPS Server is ideal in providing NTP time servers or stand-alone computers with a highly accurate external reference for synchronisation. Even with relatively low cost equipment, accuracy of hundred nanoseconds (a nanosecond = a billionth of a second) can be reasonably achieved using GPS as an external reference.