Time Synchronisation

Linux operating systems are becoming increasingly popular partly due to the many advantages they have over commercial systems like Windows or OS X. Linux offers increased security (as there are only a handful of viruses that can infect a Linux based system), better stability and in most cases it is free.

It is no wonder more and more home and business users alike are opting to switch to a Linux based operating systems and whether it is Redhat, Mandrake, Ubuntu or the myriad of other UNIX and LINUX based systems, keeping accurate time is relatively straight forward.

Time synchronisation is vital in many time-sensitive applications and most business users find it would be impossible to conduct any online transactions without a synchronized network. Even home-users find an advantage in ensuring their system is running accurate time, emails no longer arrive before they are sent and security is increased.

Most Linux based operating systems contain a version of Network Time Protocol (NTP) an Internet protocol designed to synchronise time on a network. For those that do not contain a pre-packed version, NTP is open source and freely available at ‘NTP.org’.

While NTP is available for most versions of Windows; Linux users have the advantage in that it has traditionally been the primary development platform for NTP. It works by using a timing source either from the Internet or via a dedicated network time server.
These reference clocks run UTC time (coordinated universal time) a global timescale which is relayed to them from atomic clocks that are accurate to a few nanoseconds (a nanosecond is a billionth of a second).

Put simply, the NTP daemon (a service program that runs in the background) compares the time on the computer with the timing source at regular intervals and adjusts it depending on any drift.

The NTP daemon is configured using the ‘NTP.conf’ file. The configuration file is where the location of the NTP timing servers are stored. If attempting to use a public internet timing source it is advised to visit http://www.pool.ntp.org which has a collection of over 200 servers.

However Microsoft and Novell, strongly advise that internet based timing sources are not used as they are unauthenticated and can leave a gateway open for malicious attacks.

Alternatively and most preferably, dedicated NTP time servers are available which provide better accuracy and are far more secure. These time servers receive a timing source from either a national radio broadcast (such as WWVB in the US or MSF in the UK) or via the GPS system.

Once installed these systems continually check the time on all the network computers’ clocks and adjusts them for any drift. A typical GPS receiver can provide timing information to within a few nanoseconds of UTC while national time and frequency transmissions are accurate to 1 – 20 milliseconds (a millisecond is 1/1000 of a second).

Network Time Protocol (NTP) is an Internet protocol used for the transfer of accurate time, providing time information so that a precise time can be obtained and maintained on a network

Most UNIX and Linux operating systems provide built-in time synchronisation functionality with its NTP (Network Time Protocol) daemon. If the NTP service is not available on your version of UNIX\Linux, NTP version 4 is open source and can easily be downloaded and configured, compiled and installed from www.ntp.org.

Network Time Protocol is the standard service for time dissemination across TCP/IP networks. It provides accuracies of 1-50 milliseconds, depending on the characteristics of the synchronization source and network paths.

The configuration file fro the NTP daemon is named NTP.conf and contains a list of reference clocks that it can synchronise too. The command ‘server’ specifies the reference clock, any characters after the ‘#’ symbol are comments, example:
server time-a.nist.gov # Public NTP server: NIST
driftfile /var/lib/ntp/ntp.drift

The drift file command identifies the location where the drift is recorded (sometimes referred to as a ‘frequency error). This value can be offset by NTP to ensure of increased accuracy. When configured, NTP can be controlled using the commands ‘ntpd start’ ‘ntpd stop’ ‘ ntpq –p’ (displays status)

NTP can also authenticate timing resources Note: It is strongly recommends that you configure a time server with a hardware source rather than from the internet where there is no authentication. Authentication codes are specified in the ‘NTP.keys’ file.

Specialist NTP servers are available that can receive transmissions from either GPS or national time reference broadcasts. They are relatively cheap and the signal is authenticated providing a secure time reference.

Authentication allows passwords to be specified by the NTP server and its clients. NTP passwords or keys are stored in the NTP.keys file in the following format: number M (The M stands for MD5 encryption), password:

1 M mypassword

3 M my2ndpassword

5 M my3rdpassword

Authentication for NTP has been developed to prevent malicious tampering with system synchronisation just as firewalls have been developed to protect networks from attack but as with any system of security it only works if it is utilised.

Having been designed on Linux, NTP (Network Time Protocol) is relatively simple to configure on a Linux machine. By using NTP (available free to download via NTP.org) any Linux machine can be easily set up to run as an NTP server.

Once downloaded the NTP distribution should contain the NTP daemon and also a number of utilities and configuration scripts. These aid the installation process and provide debugging facilities. The NTP daemon is configured using the file ‘ntp.conf’. A list of commands can be specified in the ‘ntp.conf’ file to indicate which servers to synchronise to and to specify various authentication and access options.

The NTP daemon synchronises to an external reference clock. The internet can be used as a time source but these can’t be authenticated and being the wrong side of the firewall could leave the system compromised. It’s much better to use an external source such as a GPS clock or radio clock that receive time from long wave transmissions (broadcast by such institutions as NIST or NPL).

Multiple external time servers can be specified in the configuration file, which allows NTP server to select the most appropriate time server and to use an average of the most reliable sources ensuing a higher level of accuracy.

The NTP daemon is controlled by a series of scripts such as ‘ntpd start’, ‘ntp stop’ or ‘ntpd restart’. Debugging and querying can be done by using the ‘ntpq’ utility. This utility provides information relating to the synchronisation status of the NTP daemon.

Network Time Protocol has been developed to keep computers synchronized. All computers are prone to drift and accurate timing is essential for many time critical applications.

A version of NTP is installed on most versions of Windows (although a stripped down version called SNTP –Simplified NTP- is in older versions) and Linux but is free to download from NTP.org.

When synchronising a a network it is preferable to use a dedicated NTP server that receives a timing source from an atomic clock either via specialist radio transmissions or the GPS network. However, many Internet time references are available, some more reliable than others, although it must be noted Internet based time sources can’t be authenticated by NTP, leaving your computer vulnerable to threats.

NTP is hierarchical and arranged into stratum. Stratum 0 is timing reference, while stratum 1 is a server connected to a stratum 0 timing source and a stratum 2 is a computer (or device) attached to a stratum 1 server.

The Basic configuration of NTP is done using the /etc/ntp.conf file you have to edit it and place the IP address of stratum 1 and stratum 2 servers. Here is an example of a basic NTP.conf file:

server xxx.yyy.zzz.aaa prefer (time server address such as time.windows.com)

server 123.123.1.0

server 122.123.1.0 stratum 3

Driftfile /etc/ntp/drift

The most basic NTP.conf file will list 2 servers, one that it wishes to synchronise too and an IP address for itself. It is good housekeeping to have more than one server for reference in case one goes down.

A server with the tag ‘prefer’ is used for a trusted source ensuring NTP will always use that server when possible. The IP address will be used in case of problems when NTP will synchonise with itself is. The drift file is where NTP builds a record of the system clock’s drift rate and automatically adjusts for it.

NTP will adjust your system time but only slowly. NTP will await at least ten packets of information before trusting the time source. To test NTP simply change your system clock by half an hour at the end of the day and the time in the morning should be correct.

An NTP server (network time protocol) is a device to ensure all machines on a computer network are running the exact same time. Without an NTP server time would be inconsistent between devices which could problems for the network, seconds could be lost here or gained there which could cause major confusion as well as leaving your network vulnerable.

Time, in the form of timestamps, provides the only frame of reference between all devices on a network and the way an NTP server works is pretty straightforward. The timestamp relayed to the server is in the form of an ever increasing number that started from a set point in time, this is known as the prime epoch and for most systems this started on 1 January, 1900.

The NTP server checks the time stamp from an authoritative source, normally a UTC source (Coordinated Universal Time, a global timescale based on the time told by atomic clocks), from either the Internet, a radio transmission or via the GPS network.

The NTP server uses the timestamp to calculate if the network clocks are drifting and adds or subtracts a second to match the reference clock. The NTP server will do this at set intervals, normally every fifteen minutes to ensure perfect accuracy.

NTP is accurate to within 1/100th of a second (10 milliseconds) over the public Internet and can perform even better over LANs and WANS with accuracies of 1/5000th of a second (200 microseconds) not unheard of.

To ensure further accuracy the NTP service (or daemon on Linux) which runs in the background and does not believe the time it is told until after several exchanges and each one has passed a protocol specification (a test), the server is then considered. It usually takes about five good samples) until a NTP server is accepted as a timing source.

Network Time Protocol has been developed to keep computers synchronized. All computers are prone to drift and accurate timing is essential for many time critical applications.

A version of NTP is installed on most versions of Windows (although a stripped down version called SNTP – Simplified NTP – is in older versions) and Linux but is free to download from NTP.org.

When synchronising a a network it is preferable to use a dedicated NTP server that receives a timing source from an atomic clock either via specialist radio transmissions or the GPS network. However, many Internet time references are available, some more reliable than others, although it must be noted Internet based time sources can’t be authenticated by NTP, leaving your computer vulnerable to threats.

NTP is hierarchical and arranged into stratum. Stratum 0 is timing reference, while stratum 1 is a server connected to a stratum 0 timing source and a stratum 2 is a computer (or device) attached to a stratum 1 server.

The Basic configuration of NTP is done using the /etc/ntp.conf file you have to edit it and place the IP address of stratum 1 and stratum 2 servers. Here is an example of a basic NTP.conf file:

server xxx.yyy.zzz.aaa prefer (time server address such as time.windows.com)

server 123.123.1.0

server 122.123.1.0 stratum 3

Driftfile /etc/ntp/drift

The most basic NTP.conf file will list 2 servers, one that it wishes to synchronise too and an IP address for itself. It is good housekeeping to have more than one server for reference in case one goes down.

A server with the tag ‘prefer’ is used for a trusted source ensuring NTP will always use that server when possible. The IP address will be used in case of problems when NTP will synchonise with itself is. The drift file is where NTP builds a record of the system clock’s drift rate and automatically adjusts for it.

NTP will adjust your system time but only slowly. NTP will await at least ten packets of information before trusting the time source. To test NTP simply change your system clock by half an hour at the end of the day and the time in the morning should be correct.

A network time server is a device that can synchronise a network to a single time source.

Linux comes with a version of NTP installed to configure your Linux system to run as a network time server follow these instructions:

1. Configure /etc/ntp.conf
Edit the ntp.conf file using text editor.
server <example-server-name>

and replace these lines with your servers.
server time-a.nist.gov
server time-b.nist.gov
server time-a.timefreq.bldrdoc.gov
(I am using NIST but other time servers are just as good)

2. Synchronize your clock manually
If your clock is too much behind or ahead then NTP might struggle to synchronise so its est to do it manually:

ntpdate 0. time-a.nist.gov

3. Make your ntp daemon executable:

chmod +x /etc/rc.d/rc.ntpd

4. Start NTP now without rebooting
/etc/rc.d/rc.ntpd start

If you want to be sure that your computer clock is accurate you can configure your system to use NTP (Network Time Protocol), one of the oldest Internet protocols and the industry standard for time synchronisation.

NTP on will synchronise your computer’s clock to a pool of time servers around the world that are official ‘timekeepers’. It is best to choose the closest to you so response time is minimized and to use more than one in case one goes down. There are more than 1.500 servers to choose from, but some areas are better served than others. Many servers on the internet are extremely inaccurate and Internet time references should not be used as a replacement for a dedicated time server.

However, for basic time synchronisation purposes, Internet providers will suffice. The first step should be to select three servers close to you – preferably in your country, or if there aren’t enough, in your ‘zone. Go to NTP home and browse through the tree of zones and servers to select which ones are best for you. The follow these commands to configure:

1. Configure /etc/ntp.conf
Edit this file with a text-editor. Replace
server <example-server-name>
with your servers, such as:

server 0.br.pool.ntp.org
server 1.br.pool.ntp.org
server 2.br.pool.ntp.org

2. Synchronise your clock manually
If your clock is drifting too NTP might refuse to synchronise it, but it can be done manually:

ntpdate 0.br.pool.ntp.org (server name that you choose)

3. Make your NTP daemon executable

chmod +x /etc/rc.d/rc.ntpd

4. Start NTP now without rebooting
Again, a simple command:

/etc/rc.d/rc.ntpd start

Linux operating systems are becoming increasingly popular partly due to the many advantages they have over commercial systems like Windows or OS X. Linux offers increased security (as there are only a handful of viruses that can infect a Linux based system), better stability and in most cases it is free.

It is no wonder more and more home and business users alike are opting to switch to a Linux based operating systems and whether it is Redhat, Mandrake, Ubuntu or the myriad of other UNIX and LINUX based systems, keeping accurate time is relatively straight forward.

Time synchronisation is vital in many time-sensitive applications and most business users find it would be impossible to conduct any online transactions without a synchronized network. Even home-users find an advantage in ensuring their system is running accurate time, emails no longer arrive before they are sent and security is increased.

Most Linux based operating systems contain a version of Network Time Protocol (NTP) an Internet protocol designed to synchronise time on a network. For those that do not contain a pre-packed version, NTP is open source and freely available at ‘NTP.org’.

While NTP is available for most versions of Windows; Linux users have the advantage in that it has traditionally been the primary development platform for NTP. It works by using a timing source either from the Internet or via a dedicated network time server.
These reference clocks run UTC time (coordinated universal time) a global timescale which is relayed to them from atomic clocks that are accurate to a few nanoseconds (a nanosecond is a billionth of a second).

Put simply, the NTP daemon (a service program that runs in the background) compares the time on the computer with the timing source at regular intervals and adjusts it depending on any drift.

The NTP daemon is configured using the ‘NTP.conf’ file. The configuration file is where the location of the NTP timing servers are stored. If attempting to use a public internet timing source it is advised to visit http://www.pool.ntp.org which has a collection of over 200 servers.

However Microsoft and Novell, strongly advise that internet based timing sources are not used as they are unauthenticated and can leave a gateway open for malicious attacks.

Alternatively and most preferably, dedicated NTP time servers are available which provide better accuracy and are far more secure. These time servers receive a timing source from either a national radio broadcast (such as WWVB in the US or MSF in the UK) or via the GPS system.

Once installed these systems continually check the time on all the network computers’ clocks and adjusts them for any drift. A typical GPS receiver can provide timing information to within a few nanoseconds of UTC while national time and frequency transmissions are accurate to 1 – 20 milliseconds (a millisecond is 1/1000 of a second).

Network Time Protocol (NTP) is an Internet protocol used for the transfer of accurate time, providing time information so that a precise time can be obtained and maintained on a network

Most UNIX and Linux operating systems provide built-in time synchronisation functionality with its NTP (Network Time Protocol) daemon. If the NTP service is not available on your version of UNIX\Linux, NTP version 4 is open source and can easily be downloaded and configured, compiled and installed from www.ntp.org.

Network Time Protocol is the standard service for time dissemination across TCP/IP networks. It provides accuracies of 1-50 milliseconds, depending on the characteristics of the synchronization source and network paths.

The configuration file fro the NTP daemon is named NTP.conf and contains a list of reference clocks that it can synchronise too. The command ‘server’ specifies the reference clock, any characters after the ‘#’ symbol are comments, example:
server time-a.nist.gov # Public NTP server: NIST
driftfile /var/lib/ntp/ntp.drift

The drift file command identifies the location where the drift is recorded (sometimes referred to as a ‘frequency error). This value can be offset by NTP to ensure of increased accuracy. When configured, NTP can be controlled using the commands ‘ntpd start’ ‘ntpd stop’ ‘ ntpq –p’ (displays status)

NTP can also authenticate timing resources Note: It is strongly recommends that you configure a time server with a hardware source rather than from the internet where there is no authentication. Authentication codes are specified in the ‘NTP.keys’ file.

Specialist NTP servers are available that can receive transmissions from either GPS or national time reference broadcasts. They are relatively cheap and the signal is authenticated providing a secure time reference.

Authentication allows passwords to be specified by the NTP server and its clients. NTP passwords or keys are stored in the NTP.keys file in the following format: number M (The M stands for MD5 encryption), password.