NTP Time Servers

Time Servers and NTP are widely used to synchronize the time on computer networks. NTP provides the ability to access time servers, organize the time synchronization subnet and adjust the local clock in each participating subnet computer. Typically, NTP provides accuracies of between 1 and 50 milliseconds depending on the time source and network paths.

To see Galleons full range of Time Servers click here

Network Time Protocol can be utilized to synchronize the time on computers across a network. A NTP time server is utilized to obtain the correct time from a time source and adjust the local time in each participating computer.

The time source used by the time server is extremely important as this forms the basis of all time updates across the network. Recent studies show an alarming number of stratum 1 time sources on the internet are bad time keepers. A reported 391 of 957 supposedly stratum 1 NTP time sources had time offsets of over 10 seconds. Incredibly, one time source was offset by a staggering 6 years. Only 28% of the internet based stratum 1 clocks actually appears to be useful, based on research by Nelson Minar, MIT Media Lab Cambridge, MA USA .

Mis-configuration appears to be the main cause for inaccurate time sources provided by the internet.

The integrity of the time source utilized by the time server cannot be stressed more highly. The accuracy of each computer on the network is dependant on the accuracy of the time source utilized by the time server. A useful rule is to beware when obtaining the time from sources that cannot be validated, i.e. from an unknown third party across the internet.

Extracts from the Conclusion of the article by Nelson Minar, MIT Media Lab Cambridge, MA USA
"This survey has captured the state of the NTP network in November 1999. The network is growing rapidly and seems to be managing reasonably well. Timing statistics suggest that delays and accuracies have improved over the years, helping clock accuracy for everyone. This survey uncovers two problems: the number of bad clocks on the network, and the unbalanced nature of the network load.
The number of bad clocks was a truly surprising result. Only 28% of the stratum 1 clocks found appear to actually be useful"

The conclusion by Nelson Minar underlines the importance of ensuring that for commercial applications it is essential to use an accurate auditable time source such as a radio atomic clock, or GPS time.

Operating Modes And Addressing

NTP Version 4 can operate in either unicast (point to point), multicast (point to multipoint) or anycast (multipoint to point) modes.

A unicast client sends a request to a designated server at its unicast address and expects a reply from which it can determine the time and, optionally, the roundtrip delay and local clock offset relative to the server.
A multicast server periodically sends a unsolicited message to a designated IPv4 or IPv6 local broadcast address or multicast group address and ordinarily expects no requests from clients. A multicast client listens on this address and ordinarily sends no requests.

An anycast client sends a request to a designated IPv4 or IPv6 local broadcast address or multicast group address. One or more anycast servers reply with their individual unicast addresses. The client binds to the first one received, then continues operation in unicast mode.

Multicast servers should respond to client unicast requests, as well as send unsolicited multicast messages. Multicast clients may send unicast requests in order to determine the network propagation delay between the server and client and then continue operation in multicast mode.

In unicast mode, the client and server end-system addresses are assigned following the usual IPv4, IPv6 or OSI conventions. In multicast mode, the server uses a designated local broadcast address or multicast group address. An IP local broadcast address has scope limited to a single IP subnet, since routers do not propagate IP broadcast datagram’s. On the other hand, an IP multicast group address has scope extending to potentially the entire Internet. The scoping, routing and group membership procedures are determined by considerations beyond the scope of this document. For IPv4, the IANA has assigned the multicast group address 224.0.1.1 for NTP, which is used both by multicast servers and anycast clients. NTP multicast addresses for IPv6 and OSI have yet to be determined.

Multicast clients listen on the designated local broadcast address or multicast group address. In the case of local broadcast addresses, no further provisions are necessary. In the case of IP multicast addresses, the multicast client and anycast server must implement the Internet Group Management Protocol (IGMP) [DEE89], in order that the local router joins the multicast group and relays messages to the IPv4 or IPv6 multicast group addresses assigned by the IANA. Other than the IP addressing conventions and IGMP, there is no difference in server or client operations with either the local broadcast address or multicast group address.

It is important to adjust the time-to-live (TTL) field in the IP header of multicast messages to a reasonable value, in order to limit the network resources used by this (and any other) multicast service. Only multicast clients in scope will receive multicast server messages. Only co-operating anycast servers in scope will reply to a client request. The engineering principles which determine the proper value to be used are beyond the scope of this document.

Anycast mode is designed for use with a set of co-operating servers whose addresses are not known beforehand by the client. An anycast client sends a request to the designated local broadcast or multicast group address as described below. For this purpose, the NTP multicast group address assigned by the IANA is used. One or more anycast servers listen on the designated local broadcast address or multicast group address. Each anycast server, upon receiving a request, sends a unicast reply message to the originating client. The client then binds to the first such message received and continues operation in unicast mode. Subsequent replies from other anycast servers are ignored.

In the case of SNTP as specified herein, there is a very real vulnerability that SNTP multicast clients can be disrupted by misbehaving or hostile SNTP or NTP multicast servers elsewhere in the Internet, since at present all such servers use the same IPv4 multicast group address assigned by the IANA. Where necessary, access control based on the server source address can be used to select only the designated server known to and trusted by the client. The use of cryptographic authentication scheme defined in RFC-1305 is optional; however, implementers should be advised that extensions to this scheme are planned specifically for NTP multicast and anycast modes.

While not integral to the SNTP specification, it is intended that IP broadcast addresses will be used primarily in IP subnets and LAN segments including a fully functional NTP server with a number of dependent SNTP multicast clients on the same subnet, while IP multicast group addresses will be used only in cases where the TTL is engineered specifically for each service domain.

Acknowledgements

David L. Mills. Electrical Engineering Department, University of Delaware, Newark, DE 19716 USA
Nelson Minar. MIT Media Lab E15-305 20 Ames Street Cambridge, MA 02139 USA

Links