Time Servers


Why You Need An NTP Time Server

What Makes Network Time Synchronization Secure, Reliable & Accurate

NTP Stratum Levels and Accuracy

What is NTP (network time protocol)?

NTP is a UDP protocol for IP networks. The Internet Engineering Task Force has formalized the current standard of NTP (version 4) in RFC 5905. Simple network time protocol, SNTP, the latest standard formalized as RFC 4330, uses a less complex client implementation. A time synchronization solution requires client software to read NTP packets generated by an NTP server and synchronize the local clock. The time server function is the same in either NTP or SNTP, the only difference is with the client software.

Why not use an internet time server?

Internet-based time servers operated by universities and government organizations are available for public use. However, NTP requires an open port (UDP port 123) in the firewall for the NTP packets to get through. Open ports in the firewall are a security risk for you, as a network operator, and can affect the reliability and accuracy of public time servers as they are easily exploited in “Denial of Service” attacks even if inadvertent.

Accuracy is another concern as a survey from MIT uncovered the number of bad time servers on the internet and the unbalanced load. Only 28% of the time servers indicated as stratum 1, appeared to be useful. Another concern effecting accuracy is the concern over spoofing. Spoofing is the act by a third party to create IP packets using someone else’s IP address.

NTP vs. SNTP: What’s the Difference?

NTP (Network Time Protocol) and SNTP (Simple Network Time Protocol) are similar TCP/IP protocols in that they use the same time packet from a time server message to compute accurate time. The procedure used by the Time Server to assemble and send out a time stamp is exactly the same whether NTP (i.e., full implementation NTP) is used, or SNTP is used. The difference between NTP and SNTP is important in the time synchronization program running on the client side on each system. The time synchronization program, whether it is a Windows built-in program like W32Time (which uses the SNTP protocol) or a third-party add-on, determines which protocol is being used — not the time server. The difference between NTP and SNTP is in the error checking and the algorithm for the actual correction to the time itself.

The NTP algorithm is much more complicated than the SNTP algorithm. NTP normally uses multiple time servers to verify the time and then controls the slew rate of the system. The algorithm determines if the values are accurate using several methods, including fudge factors and identifying time servers that don’t agree with the other time servers. It then speeds up or slows down the system clock’s drift rate so that (1) the system’s time is always correct and (2) there won’t be any subsequent time jumps after the initial correction. Unlike NTP servers, SNTP servers typically use one time server to calculate the time, then “jumps” the system time to the calculated time. It can, however, have back-up time servers in case one is not available. During each interval, it determines whether the time is off enough to make a correction and if it is, applies the correction.

In general, SNTP clients should only be used where time synchronization is not critical for your systems. For all other clients, and for systems that will also serve time to other systems, you should utilize full NTP implementations to include reference selection and clock steering algorithms to maintain accuracy through the full timing path.

Looking at the timeservers themselves, the selection of a time server that uses SNTP or NTP to serve time only should focus on whether that time server would ever synchronize to NTP as a primary or secondary reference — in which case, only full NTP should be used. To simplify things, SNTP should be used only at the start or end of the network timing path, and only at the end of the network timing path where time synchronization is not critical for your systems.