Time Synchronisation

Having been designed on Linux, NTP (Network Time Protocol) is relatively simple to configure on a Linux machine. By using NTP (available free to download via NTP.org) any Linux machine can be easily set up to run as an NTP server.

Once downloaded the NTP distribution should contain the NTP daemon and also a number of utilities and configuration scripts. These aid the installation process and provide debugging facilities. The NTP daemon is configured using the file ‘ntp.conf’. A list of commands can be specified in the ‘ntp.conf’ file to indicate which servers to synchronise to and to specify various authentication and access options.

The NTP daemon synchronises to an external reference clock. The internet can be used as a time source but these can’t be authenticated and being the wrong side of the firewall could leave the system compromised. It’s much better to use an external source such as a GPS clock or radio clock that receive time from long wave transmissions (broadcast by such institutions as NIST or NPL).

Multiple external time servers can be specified in the configuration file, which allows NTP server to select the most appropriate time server and to use an average of the most reliable sources ensuing a higher level of accuracy.

The NTP daemon is controlled by a series of scripts such as ‘ntpd start’, ‘ntp stop’ or ‘ntpd restart’. Debugging and querying can be done by using the ‘ntpq’ utility. This utility provides information relating to the synchronisation status of the NTP daemon.

We are all used to Satellite Navigation by now. More and more people are installing those little black boxes into their cars and throwing away their old paper road maps. The advantages of satellite navigation are many fold – from constant updates keeping the maps current to being able to pin point your location miles from any landmarks or road signs but GPS has more uses than merely triangulating a position for direction finding, it can be utilized to provide time and frequency information worldwide.

Since the early 1990’s the Global Positioning System (GPS) has been the worlds’ only fully functioning Global Navigational Satellite System (GNSS). Run by the American military, GPS (sometimes referred to as NAVSTAR) has allowed accurate timing and location finding all over the world.

To accurately pinpoint a location, all GNSS systems require an absolute time source, that is a time source as accurate as humanely possible such as that from an atomic clock. Without knowing exactly what the time is a GNSS satellite would not be able to accurately pin point a location (as the Earth, satellites and people are all moving about a location can only be defined by a position and time). Because of the distance of the satellites away from the Earth, even an inaccuracy of a second or two could mean a sat nav’s location could be miles out.

For this reason each satellite has a highly accurate atomic clock onboard which can also be used by NTP (Network Time Protocol) servers to synchronise computer networks. GPS is an ideal time and frequency source because it can provide highly accurate time anywhere in the world using relatively cheap components.

A GPS receiver decodes the signal sent from the GPS antenna to a computer readable protocol which can be utilised by most time servers and operating systems including, Windows, LINUX and UNIX.

The GPS receiver also outputs a precise pulse every second that GPS NTP servers and computer time servers may utilise to provide ultra-precise timing. The pulse-per-second timing on most receivers is accurate to within 0.001 of a second of UTC (Coordinated Universal Time or Temps Universel Coordonné).

GPS is ideal in providing NTP time servers or stand-alone computers with a highly accurate external reference for synchronisation. Even with relatively low cost equipment, accuracy of hundred nanoseconds (a nanosecond = a billionth of a second) can be reasonably achieved using GPS as an external reference.

In 2002, the European Space Agency and European Union agreed to build Europe’s own GNSS called Galileo. To compete with the new and more advanced GNSS technologies the GPS programme is currently being upgraded and it is expected that when Galileo begins relaying signals both systems will become interoperable allowing even more accuracy in timing and positioning.

Network Time Protocol (NTP) is one of the Internet’s oldest protocols still in use. Developed by Dr David Mills from the University of Delaware, it has been in constant use and continually updated since 1985. NTP is a protocol designed to synchronize the clocks on computers and networks across the Internet or Local or Wider Area Networks (LANs/WANS).

In a modern global economy time synchronisation is essential for carrying out time sensitive transactions such as booking an airline ticket to bidding on an Internet auction site. If clocks were not synchronised to the same time you may find your airline seat sold after you had bought it and Ebay’s administrators would not be able to discover whose bid was the latest.

NTP is a multi-tiered system, each tier being called a stratum. Servers at each tier communicate with each other (peer) and provide time to lower strata. Servers at the top stratum, stratum 1 connect to an atomic clock either over the Internet or by a radio or GPS receiver while a stratum 2 server will connect to a stratum 1.

NTP uses an algorithm (Marzullo’s algorithm) to synchronise time on a network using time scales like UTC (Coordinated Universal Time or Temps Universel Coordonné) and can support such features as leap seconds – added to compensate for the slowing of the Earth’s rotation.

NTP (version 4 being the latest) can maintain time over the public Internet to within 10 milliseconds (1/100th of a second) and can perform even better over LANs with accuracies of 200 microseconds (1/5000th of a second) under ideal conditions.

NTP time servers work within the TCP/IP suite and rely on UDP (User Datagram Protocol). A less complex form of NTP called Simple Network Time Protocol (SNTP) that does not require the storing of information about previous communications, needed by NTP, is used in some devices and applications where high accuracy timing is not as important and is also included as standard in Windows software (although more recent versions of Microsoft Windows have the full NTP installed and the source code is free and readily available on the Internet).

The NTP program (known as a daemon on UNIX and a service on Windows) runs in the background and refuses to believe the time it is told until several exchanges have taken place, each passing a set of tests. If the replies from a server satisfy these ‘protocol specifications’, the server is accepted. It usually takes about five good samples (five minutes) until a NTP server is accepted as a source for synchronisation.

Synchronisation with NTP is relatively simple, it synchronises time with reference to a reliable clock source such as an atomic clock, although these are extremely expensive and are generally only to be found in large-scale physics laboratories, however NTP can use either the Global Positioning system (GPS) network or specialist radio transmission to receive UTC time from these clocks.

A simplified version of NTP called Simple Network Time Protocol (SNTP) exists that does not require the storing of information about previous communications as required by NTP. It is used in some devices and applications where high accuracy timing is not as important and is installed on older versions of Microsoft Windows. Windows since 2000 has included the Windows Time Service (w32time.exe) which uses SNTP to synchronise the computer clock. NTP is also available on UNIX and LINUX (download via NTP.org).

An NTP server (network time protocol) is a device to ensure all machines on a computer network are running the exact same time. Without an NTP server time would be inconsistent between devices which could problems for the network, seconds could be lost here or gained there which could cause major confusion as well as leaving your network vulnerable.

Time, in the form of timestamps, provides the only frame of reference between all devices on a network and the way an NTP server works is pretty straightforward. The timestamp relayed to the server is in the form of an ever increasing number that started from a set point in time, this is known as the prime epoch and for most systems this started on 1 January, 1900.

The NTP server checks the time stamp from an authoritative source, normally a UTC source (Coordinated Universal Time, a global timescale based on the time told by atomic clocks), from either the Internet, a radio transmission or via the GPS network.

The NTP server uses the timestamp to calculate if the network clocks are drifting and adds or subtracts a second to match the reference clock. The NTP server will do this at set intervals, normally every fifteen minutes to ensure perfect accuracy.

NTP is accurate to within 1/100th of a second (10 milliseconds) over the public Internet and can perform even better over LANs and WANS with accuracies of 1/5000th of a second (200 microseconds) not unheard of.

To ensure further accuracy the NTP service (or daemon on Linux) which runs in the background and does not believe the time it is told until after several exchanges and each one has passed a protocol specification (a test), the server is then considered. It usually takes about five good samples) until a NTP server is accepted as a timing source.

If you want to be sure that your computer clock is accurate you can configure your system to use NTP (Network Time Protocol), one of the oldest Internet protocols and the industry standard for time synchronisation.

NTP on will synchronise your computer’s clock to a pool of time servers around the world that are official ‘timekeepers’. It is best to choose the closest to you so response time is minimized and to use more than one in case one goes down. There are more than 1.500 servers to choose from, but some areas are better served than others. Many servers on the internet are extremely inaccurate and Internet time references should not be used as a replacement for a dedicated time server.

However, for basic time synchronisation purposes, Internet providers will suffice. The first step should be to select three servers close to you – preferably in your country, or if there aren’t enough, in your ‘zone. Go to NTP home and browse through the tree of zones and servers to select which ones are best for you. The follow these commands to configure:

1. Configure /etc/ntp.conf
Edit this file with a text-editor. Replace
server <example-server-name>
with your servers, such as:

server 0.br.pool.ntp.org
server 1.br.pool.ntp.org
server 2.br.pool.ntp.org

2. Synchronise your clock manually
If your clock is drifting too NTP might refuse to synchronise it, but it can be done manually:

ntpdate 0.br.pool.ntp.org (server name that you choose)

3. Make your NTP daemon executable

chmod +x /etc/rc.d/rc.ntpd

4. Start NTP now without rebooting
Again, a simple command:

/etc/rc.d/rc.ntpd start

Summary: This article gives a step-by-step guide in configuring LINUX to act as an authoritative time server using NTP (Network Time Protocol).

Computer time synchronisation is highly important in modern computer networks, precision and time synchronization is critical in many applications, particularly time sensitive transactions. Just imagine buying an airline seat only to be told at the airport that the ticket was sold twice because it was purchased afterwards on a computer that had a slower clock!

Modern computers do have internal clocks called Real Time Clock chips (RTC) that provide time and date information. These chips are battery backed so that even during power outages, they can maintain time but personal computers are not designed to be perfect clocks. Their design has been optimized for mass production and low-cost rather than maintaining accurate time.

For many applications, this is can be quite adequate, although, quite often machines need time to be synchronised with other PC’s on a network and when computers are out of sync with each other problems can arise such as sharing network files or in some environments even fraud!

Network Time Protocol (NTP) is an Internet protocol used for the transfer of accurate time, providing time information along so that a precise time can be obtained. As NTP was originally written for LINUX many LINUX based operating systems already have a version of NTP installed. However the source code is free to download from the NTP website (NTP.org) the most recent version being v 4.2.4.

NTP (version 4) can maintain time over the public Internet to within 10 milliseconds (1/100th of a second) and can perform even better over LANs with accuracies of 200 microseconds (1/5000th of a second) under ideal conditions.

NTP works within the TCP/IP suite and relies on UDP, a less complex form of NTP exists called Simple Network Time Protocol (SNTP) that does not require the storing of information about previous communications, needed by NTP. It is used in some devices and applications where high accuracy timing is not as important.

The NTP background program is configured with the file ‘NTP.conf’. this may contain a list of public NTP server references that can be used to synchronise time. NTP time servers are specified using the ’server’ command, any characters after the ‘#’ symbol are comments:

Example
server time-a.nist.gov # Public NTP server: Maryland
When configured, NTP can be controlled using the commands ‘ntpd start’ ‘ntpd stop’ ‘ ntpq –p’ (displays status)

NTP can also authenticate timing resources Note: It is strongly recommends that you configure a time server with a hardware source rather than from the internet where there is no authentication. Authentication codes are specified in the ‘NTP.keys’ file.

Specialist NTP servers are available that can receive transmissions from either GPS or national time reference broadcasts. They are relatively cheap and the signal is authenticated providing a secure time reference.

Authentication for NTP has been developed to prevent malicious tampering with system synchronisation just as firewalls have been developed to protect networks from attack but as with any system of security it only works if it is utilised.