Enterprise Network Timing: NTP/PTP with Layered Timing Topology - A Best Practice Guide for GPS/GNSS Engineers
The Advantage of Layering: Hierarchical Timing Topology
A hierarchical timing topology takes advantage of layering the timing infrastructure internally for enterprise deployment to bring secure, resilient and accurate timing to the network. A typical layout consists of a reference layer, a distribution layer and a client/handoff layer. Let’s look at each layer and explore its characteristics and importance.
1. Reference Layer
The reference layer is where your time server gets its legal time from universally accepted time references such Global navigation satellite system (GNSS): A general term describing any satellite constellation that provides positioning, navigation, and timing (PNT) services on a global or regional basis. See also and STL (Satellite Time & Location).
Fig. 1: Reference Layer
This layer should include resilient time references to help prevent failure scenarios. For resiliency, it should have separate redundant antenna access for each server. It should also be able to identify, detect and protect from jamming and spoofing of satellite-based signals and/or have alternative signals to GNSS when required.
With these features, the reference layer will provide a highly accurate, reliable and redundant source of time to the distribution layer. Based on the underlying network infrastructure, the servers in this layer should support multiple methods of industry standards for time transmission. It should also be easy to scale.
In a typical deployment, we recommend having at least three different time servers in the reference layer, with resilient time reference options available to them, including these requirements:
- Each server should have redundant power and be distributed across different sites and network racks
- Support for time distribution protocols, which can vary by requirements of a given deployment – NTP, or Network Time Protocol, is a widely used networking protocol that enables computers and devices to synchronize their system clocks with a reference time source. It ensures accurate timekeeping in computer networks by allowing devices to obtain precise time information from NTP servers, which are typically synchronized to highly accurate atomic clocks. NTP is essential for various applications and services that rely on synchronized time, such as network security, authentication, and data logging./PTP, White Rabbit (PTP-High Accuracy), PPS, IRIG and so forth
- Better quality oscillator (e.g., an internal atomic clock) with receiver(s) supporting multi-GNSS constellations and alternatives to GNSS
At Orolia, products and technologies such as SecureSync, STL, Anti-Jamming (AJ) Antenna, GPSdome Anti-Jammer, CRPA Testing System, and IDM (Interference Detection and Mitigation) features are well suited for the reference layer.
2. Distribution Layer
At the distribution layer, the focus is on time distribution challenges.
Appropriate time transmission protocols should be used to receive the time from the reference layer based on the timing accuracy requirement. For instance, White Rabbit is ideal for sub-nanosecond accuracy, Precision Time Protocol is a protocol used to synchronize clocks throughout a computer network. On a LAN network, PTP can enable the clocks on each server to be synchronized within a sub-microsecond range, thus making it suitable for demanding applications that require precise timing and control. PTP is standardized within IEEE-1588v2. or NTP can be ideal for micro- or millisecond accuracy. For some deployments, IRIG or PPS may be the best option.
Fig. 2: Distribution Layer
Your distribution servers do not require access to an antenna, allowing you to scale the deployment to distribute time across various network locations. Key characteristics of distribution layer servers should include:
- Dual power and multi-uplink for traffic path redundancy
- Support for active and passive deployment technology; for example, NTP over Anycast
- Better throughput and higher capacity for handling timing traffic
- Support for a wide range of time transmission protocols
To reduce the jitters and timing offset errors that can happen due to network path variations, it is recommended that these servers be placed in a symmetric path distance between the reference and the client layer. For instance, a direct fiber link between the reference and distribution layers can provide better accuracy vs. a network routed or switched path.
A layering topology also simplifies the scaling problem. Just add distribution servers for any scaling requirement – redundancy, capacity, disaster recovery, or security.
Orolia’s SecureSync® resilient time server, a network time and frequency solution, is a good choice for this layer and it is available with a wide range of custom features and option cards.
The distribution layer should also be resilient to time source failure scenarios. It should include at least two local and multiple remote time sources from the reference layer. With options such as low latency and high-speed ethernet, multiple uplinks, and dual power for resiliency, this layer will then provide accurate, reliable and redundant time to the client/handoff layer.
3. Client/Handoff Layer
The client/handoff layer is where time is received by the clients. To receive time, clients should have access to at least three or more distribution time servers.
Fig. 3: Client Layer
At the handoff layer, the clients include business-critical application servers, network routers and switches, and other network devices that can support both NTP and PTP. However, today many clients and their operating systems (Linux, Windows, iOS, Android and so on), including computer desktops, servers, mobile and smart devices, widely support NTP. Hence, at a minimum, distribution time servers must support NTP as a handoff timing protocol.
Fig. 4: Typical Layout for a Complete Hierarchical Timing Topology
As we can see, the key merits of layering your timing network include allowing you to put your eggs in multiple baskets, which then allows you to maximize the outcomes of resources in place for resiliency, accuracy and security. It also avoids the need for internet servers as a time source for internal devices — which is the primary source of NTP and other cybersecurity attacks, and a key source of unstable timing accuracy.
Pritam Kandel is an Applications Engineer with over a decade of experience working in design, assessment and implementation of TCP/IP routing and switching infrastructure for network cores/backbones, datacenters, Internet edge and WAN. He is experienced with maintaining IT infrastructure, including Internet peering and ISP services, MPLS and carrier networks, and VoIP global infrastructure. He holds certifications in CCNP, CCNA, JNCIA, MPLS Deployment, Alcatel Lucent and NIX platforms. Pritam is a graduate of the Rochester Institute of Technology with an MBA in Technology Management and holds a Bachelor of Engineering in IT from Pokhara University.