Time Synchronisation

In selecting a timing source to synchronise a computer network to using a NTP server (Network Time Protocol) it is important that the time source is accurate, secure and a source of UTC (Coordinated Universal Time). UTC is a global timescale used by computer networks, business and commerce across the globe.

Whilst UTC is freely available across the Internet it is neither accurate nor secure (being as it is external to your firewall).  Also Internet time sources cannot be authenticated which is NTP’s own method of ensuring a time source is what it says it is. There are two secure, accurate and reliable methods for receiving UTC via a NTP server and both come with their own advantages and drawbacks.

The first method is to use the GPS network (Global Positioning System).The main advantage of using the signals transmitted from a GPS satellite’s onboard atomic clock is that a signal is available anywhere on the planet. However it does come with a downside. As the signals are all line-of-sight it means that the GPS antenna needs to be placed on a roof to ensure connectivity with a satellite.

An alternative to the GPS signal but equally as accurate and reliable is to make use of the long wave radio transmissions broadcast by several national physics laboratories. These signals, such as the UK’s MSF, Germany’s DCF-77 and the United States’ WWVB transmissions, can often be picked up inside buildings making them ideal for a solution if a rooftop is unavailable for a GPS antenna. It must be noted that not every country broadcasts such a signal and whilst most transmissions can be picked up in neighbouring countries the signals are vulnerable to interference and local geography.

We may think of their being only one time and therefore one timescale. Sure, we’re all aware of time zones where the clock has to be pushed back an hour but we all obey the same time surely?

Well actually we don’t. There are numerous different timescales all developed for different reasons are too numerous to mention them all but it wasn’t until the nineteenth century that the idea of a single timescale, used by everybody came into effect.

It was the advent of the railway that provoked the first national timescale in the UK (Railway time) before then people would use noon as a basis for time and set their clocks to it. It rarely mattered if your watch was five minutes faster than your neighbours but the invention of the trains and the railway timetable soon changed all that.

The railway timetable was only useful if people all used the same time scale. A train leaving at 10.am would be missed if a watch was five minutes slow so synchronisation of time became a new obsession.

Following railway time a more global timescale was developed GMT (Greenwich Meantime) which was based on the Sun’s position at noon which fell over the Greenwich Meridian line (0 degrees longitude). It was decided during a world conference in 1884 that a single world meridian should  replace the numerous one’s already in existence. London was perhaps the most successful city in the world so it was decided the best place for it.

GMT allowed the entire world to synchronise to the same time and while nations altered their clocks to adjust for time-zones their time was always based on GMT.

GMT proved a successful development and remained the world’s global timescale until the 1970’s. By then that atomic clock had been developed and it was discovered in the use of these devices that Earth’s rotation wasn’t a reliable measure to base our time on as it actually alters day by day (albeit by fractions of a second).

Because of this a new timescale was developed called UTC (Coordinated Universal Time). UTC is based on GMT but allows for the slowing of the Earth’s rotation by adding additional ‘Leap Seconds’ to ensure that Noon remains on the Greenwich Meridian.

UTC is now used all over the World and is essential for applications such as air traffic control, satellite navigation and the Internet. In fact computer networks across the globe are synchronised to UTC using NTP time servers (Network Time Protocol). UTC is governed by a constellation of atomic clocks controlled by national physics laboratories such as NIST (National Institute of Standards and Time) and the UK’s NPL.

A network time server is a device that can synchronise a network to a single time source.

Linux comes with a version of NTP installed to configure your Linux system to run as a network time server follow these instructions:

1. Configure /etc/ntp.conf
Edit the ntp.conf file using text editor.
server <example-server-name>

and replace these lines with your servers.
server time-a.nist.gov
server time-b.nist.gov
server time-a.timefreq.bldrdoc.gov
(I am using NIST but other time servers are just as good)

2. Synchronize your clock manually
If your clock is too much behind or ahead then NTP might struggle to synchronise so its est to do it manually:

ntpdate 0. time-a.nist.gov

3. Make your ntp daemon executable:

chmod +x /etc/rc.d/rc.ntpd

4. Start NTP now without rebooting
/etc/rc.d/rc.ntpd start

All versions of Windows Server since 2000 have included a time synchronization facility, called Windows Time Service (w32time.exe), built into the operating system. This can be configured to operate as a network time server synchronizing all machines to a specific time source.

Windows Time Service uses a version of NTP (Network Time Protocol), normally a simplified version, of the Internet protocol which is designed to synchronise machines on a network, NTP is also the standard for which most computer networks across the global use to synchronise with.

Choosing the correct time source is vitally important. Most networks are synchronized to UTC (Coordinated Universal Time) source. UTC is a global standardized time based on atomic clocks which are the most accurate time sources.

UTC can be obtained over the Internet from such places as time.nist.gov (us Naval Observatory) or time.windows.com (Microsoft) but it must be noted that internet time sources can not be authenticated which can leave a system open to abuse and Microsoft and others advise using an external hardware source as a reference clock such as a specialized network time server.

Network time servers receive their time source from either a specialist radio transmission from national physics laboratories which broadcast UTC time taken from an atomic clock source or by the GPS network which also relays UTC as a consequence of needing it to pin point locations.

NTP can maintain time over the public Internet to within 1/100th of a second (10 milliseconds) and can perform even better over LANs.

To configure Windows Time Service to use an external time source simply follow these instructions.

Locate the registry subkey.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters
Right click type then Modify the Value by inserting NTP in the Value Data box.
Right click ReliableTimeSource, then Modify the Edit DWORD Value box, by inserting 0 (zero).
Right-click NtpServer then Modify the Edit Value by typing the Domain Name System (DNS), (note each DNS must be unique).

Now locate the original subkey and right-click Period Modify the Edit DWORD Value box with the poll interval (how often a NTP server polls the time), under Value Data (recommended 24)

Run the following command line, Net stop w32time && net start w32time.
Now enable NTP by locating the subkey,
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer\
Right click Enabled and modify the Value data box by typing 1.

Right Click SpecialPollInterval in the right pain of the subkey
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient\SpecialPollInterval.
Edit the DWORD value box the time you want for each poll (900 will poll every 15 minutes)

Locate HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\config

To configure the time correction settings right click MaxPosPhaseCorrection, then modify the DWORD Value box with a time in seconds such (select decimal under base first, 3600 = one hour)

Now do the same for MaxNegPhaseCorrection the restart windows time service by running (or alternatively use the command prompt facility) net stop w32time && net start w32time.

To synchronise each machine simply type W32tm/ -s in the command prompt and the time server should now be working correctly (note it may take several polls before the correct time is displayed).

A network time server can be one of the most crucial devices on a computer network as timestamps are vital for most computer applications from sending and email to debugging a network.

Tiny inaccuracies in a timestamp can cause havoc on a network, from emails arriving before they have technically been sent, to leaving an entire system vulnerable to security threats and even fraud.

However, a network time server is only as good as the time source that it synchronises to. Many network administrators opt to receive a timing code from the Internet, however, many Internet time sources are wholly inaccurate and often too far away from a client to provide any real accuracy.

Furthermore, Internet based time sources can’t be authenticated. Authentication is  a security measure used by NTP (Network Time Protocol which controls the network time server) to ensure the time server is exactly what it says it is.

To ensure accurate time is kept it is vital to select a time source that is both secure and accurate. There are two methods which can ensure a millisecond accuracy to UTC (coordinated universal time – a global timescale based on the time told by atomic clocks).

The first is to use a specialist national time and frequency transmission broadcast in several countries including the UK, USA, Germany, France and Japan. Unfortunately these broadcasts can’t be picked up everywhere but the second method is to use the timing signal broadcast by the GPS network which is available literally everywhere on the face of the planet.

A network time server will use this timing code and synchronise an entire network to it using NTP (Network Time Protocol) it will continually adjust the network’s clocks ensuring there is no drift.

Network Time Protocol (NTP) was designed and developed over twenty five years ago but is still in use and constantly updated. It was developed when the Internet was in its infancy as a way to synchronise time across the world wide web.

NTP is now the standard time synchronisation protocol with networks all ove the world using it to ensure their computers and devices are all synchronised.

Most NTP time servers are synchronised to the universal timescale UTC (Coordinated Universal Time) which was developed in the 1970’s after the introduction advancement of atomic clocks.

Not every NTP time server is synchronised to a UTC source. NTP can synchronise to any time source even the highly inaccurate system clock on most computers or indeed a wrist watch or wall clock.

But the benefits of having a network synchronised to UTC are many fold. UTC allows computers all over the world to communicate using the same timescale, allowing time sensitive transactions to take place. As timestamps are an integral part of all computer processes and applications it also ensures a higher level of security to a network.

Receiving a UTC time source is relatively simple. some NTP time servers use an Internet based timing source although these are not recommended as they can vary in accuracy and can’t be authenticated by NTP software making a system vulnerable to attack.

However, a NTP time server can receive a UTC timing reference via a radio receiver (only available in certain countries) or the GPS network.

Using a GPS or radio referenced source for a NTP time server means networks can maintain an accuracy to within a few milliseconds of UTC time.

NTP time servers are relatively inexpensive and extremely simple to set up.

Satellite navigation has been around for the last few decades courtesy of the American military controlled GPS system (Global Positioning System). The GPS network is currently the World’s only GNSS (global navigation satellite system, although Europe, Russia and China are developing their own.

GNSS systems like GPS are based on the same principle. A constellation of satellites orbiting the Earth each have onboard an atomic clock. These clocks are accurate to within a few microseconds and it is this time-telling accuracy that allows satellite navigation possible.

The GPS satellite continually transmits its location along with the time told by its atomic clock. It is this information that is received by a satellite navigation unit that works out how long the message took to arrive from the satellite and therefore the distance away from it. By using four or more satellites a GPS receiver can triangulate its exact position.

Atomic clocks have to be used onboard the satellites as even tiny inaccuracies in time could cause huge errors in navigation. The signals from the satellites travel at the speed of light which can manage 300,000 km every second so even a millisecond out would make the satellite navigation inaccurate by hundreds of kilometres.

Because of its accuracy, this timing signal broadcast from the onboard atomic clocks can be utilised as a source of UTC time by a GPS time server. A GPS antenna connected to a dedicated time server can synchronise a computer network to within a few milliseconds of UTC time.