Time Servers


Why You Need An NTP Time Server

What Makes Network Time Synchronization Secure, Reliable & Accurate

NTP Stratum Levels and Accuracy

  • What is NTP (network time protocol)?

    While a variety of time services are available to use for network time synchronization, the most widely used and well established protocol is known as network time protocol or NTP. NTP is a UDP protocol for IP networks. The Internet Engineering Task Force has formalized the current standard of NTP (version 4) in RFC 5905. Simple network time protocol, SNTP, the latest standard formalized as RFC 4330, uses a less complex client implementation.

    A time synchronization solution requires client software to read NTP packets generated by an NTP server and synchronize the local clock. The time server function is the same in either NTP or SNTP, the only difference is with the client software.

  • How do I configure NTP clients?

    Client software for network time protocol is widely available for a variety of operating systems and is typically pre-installed in servers, workstations, firewalls and routers. Configuring an NTP or SNTP client is straightforward. Support can be found on this site and many others for configuring Windows time services such as W32time. Third-party software is available to improve the functionality of the NTP client application. We offer a suite of NTP software for Windows clients called PresenTense. PresenTense greatly improves the management and reliability of the time synchronization application through the use of real-time monitoring, extensive logging, email alerts, built-in redundancy, and higher accuracy.

  • Why not use an internet time server?

    Internet-based time servers operated by universities and government organizations are available for public use. However, NTP requires an open port (UDP port 123) in the firewall for the NTP packets to get through. Open ports in the firewall are a security risk for you, as a network operator, and can affect the reliability and accuracy of public time servers as they are easily exploited in “Denial of Service” attacks even if inadvertent.

    In May 2003, an internet time server operated by the University of Wisconsin, Madison was the recipient of a continuous large-scale flood of traffic resulting in greatly reduced availability of the server for many months. The source of the “attack” was based on a programming bug in the firmware of inexpensive routers for home and small business use.

    Accuracy is another concern of internet time servers. The latest survey of the NTP time server network from MIT uncovered two problems: the number of bad time servers on the internet, as well as the unbalanced load. Only 28% of the time servers indicated as stratum 1, appeared to be useful.

    Another concern effecting accuracy is the concern over spoofing. Spoofing is the act by a third party to create IP packets using someone else’s IP address. Don’t take the chance of using fake NTP packets for your network synchronization.

NTP vs. SNTP: What’s the Difference?

NTP (Network Time Protocol) and SNTP (Simple Network Time Protocol) are similar TCP/IP protocols in that they use the same time packet from a time server message to compute accurate time. The procedure used by the Time Server to assemble and send out a time stamp is exactly the same whether NTP (i.e., full implementation NTP) is used, or SNTP is used.

The difference between NTP and SNTP is important in the time synchronization program running on the client side on each system. The time synchronization program, whether it is a Windows built-in program like W32Time (which uses the SNTP protocol) or a third-party add-on, determines which protocol is being used — not the time server. The difference between NTP and SNTP is in the error checking and the algorithm for the actual correction to the time itself.

The NTP algorithm is much more complicated than the SNTP algorithm. NTP normally uses multiple time servers to verify the time and then controls the slew rate of the system. The algorithm determines if the values are accurate using several methods, including fudge factors and identifying time servers that don’t agree with the other time servers. It then speeds up or slows down the system clock’s drift rate so that (1) the system’s time is always correct and (2) there won’t be any subsequent time jumps after the initial correction.

Unlike NTP, SNTP usually uses just one time server to calculate the time, then “jumps” the system time to the calculated time. It can, however, have back-up time servers in case one is not available. During each interval, it determines whether the time is off enough to make a correction and if it is, applies the correction.

Consider an analogy of comparing and adjusting a wristwatch to a clock on the wall. The wristwatch is analogous to the “client” device (like a PC) and the clock on the wall is the time server. With SNTP, you always look at the clock at pre-determined intervals. Let’s say one per hour. (As an aside, the act at comparing time for computer synchronization is known as a “poll.”) When you think it is 12:00:00, the clock shows 11:59:57. Set your watch back three seconds, and don’t do anything until 1:00:00. You look again at the clock to see that it is 12:59:57, which is three seconds fast, so again, set the watch back three seconds. Every hour, the watch is reset 3 seconds to be in sync with the clock on the wall. From an error perspective, you are most accurate immediately after the poll and you progressively get worse. The maximum error happens immediately before the poll, when a sudden adjustment occurs, such as when time goes from 12:59:57 to 12:59:58 to 12:59.59 to 1:00:00 to 12:59:57.

If a maximum error of three seconds and the discontinuity of the time scale bothers you, consider the NTP case. React knowing your watch is gaining three seconds every hour, so you don’t have to change often. Simply compensate for the drift by using your error vs. time measurements. You do not need to use the same measurement period all the time. All you need to know is the rate and direction of the change.

After understanding drift, program the watch to adjust in real time. Make small adjustments, so at any given time, you are in sync with the clock on the wall without looking at it. Of course, the drift rate may change over time, so you want to continually poll the clock and apply the best correction. Then, your wristwatch will stay in sync.

Which One Do You Need?

It all depends on your application, but in general, SNTP clients should only be used where time synchronization is not critical for your systems. For all other clients, and for systems that will also serve time to other systems, you should utilize full NTP implementations to include reference selection and clock steering algorithms to maintain accuracy through the full timing path.

Looking at the timeservers themselves, the selection of a time server that uses SNTP or NTP to serve time only should focus on whether that time server would ever synchronize to NTP as a primary or secondary reference — in which case, only full NTP should be used. To simplify things, SNTP should be used only at the start or end of the network timing path, and only at the end of the network timing path where time synchronization is not critical for your systems.