Time Synchronisation

Network Time Protocol has been developed to keep computers synchronized. All computers are prone to drift and accurate timing is essential for many time critical applications.

A version of NTP is installed on most versions of Windows (although a stripped down version called SNTP –Simplified NTP- is in older versions) and Linux but is free to download from NTP.org.

When synchronising a a network it is preferable to use a dedicated NTP server that receives a timing source from an atomic clock either via specialist radio transmissions or the GPS network. However, many Internet time references are available, some more reliable than others, although it must be noted Internet based time sources can’t be authenticated by NTP, leaving your computer vulnerable to threats.

NTP is hierarchical and arranged into stratum. Stratum 0 is timing reference, while stratum 1 is a server connected to a stratum 0 timing source and a stratum 2 is a computer (or device) attached to a stratum 1 server.

The Basic configuration of NTP is done using the /etc/ntp.conf file you have to edit it and place the IP address of stratum 1 and stratum 2 servers. Here is an example of a basic NTP.conf file:

server xxx.yyy.zzz.aaa prefer (time server address such as time.windows.com)

server 123.123.1.0

server 122.123.1.0 stratum 3

Driftfile /etc/ntp/drift

The most basic NTP.conf file will list 2 servers, one that it wishes to synchronise too and an IP address for itself. It is good housekeeping to have more than one server for reference in case one goes down.

A server with the tag ‘prefer’ is used for a trusted source ensuring NTP will always use that server when possible. The IP address will be used in case of problems when NTP will synchonise with itself is. The drift file is where NTP builds a record of the system clock’s drift rate and automatically adjusts for it.

NTP will adjust your system time but only slowly. NTP will await at least ten packets of information before trusting the time source. To test NTP simply change your system clock by half an hour at the end of the day and the time in the morning should be correct.

Synchronising a network is often considered a headache by network administrators who fear that getting it wrong can lead to disastrous results and while there is no deny that a lack of synchronisation can cause unforeseen problems particularly with time sensitive transactions and security, perfect synchronisation is simple if these steps are followed:

1. Use a dedicated NTP server. The NTP server is a device that receives a single time source then distributes it amongst a network of computers using the protocol NTP (Network Time Protocol) one of the oldest Internet based protocols and by far the most widely used time synchronisation software. NTP is often packaged with modern operating systems such as Windows or Linux although there is no substitute for a dedicated NTP device.

2. Always use a UTC time source (Coordinated Universal Time). UTC is based on GMT (Greenwich Meantime) and International Atomic Time (TAI) and is highly accurate. UTC is used by computer networks all over the world ensuring that commerce and trade are all using the same timescale.

3. Use a secure an accurate time signal. Whilst time signals are available all over the Internet they are unpredictable in their accuracy and while some may offer decent enough precision an Internet time server is outside a networks firewall which if left open to receive a timecode will cause vulnerabilities in the security of the network. Either GPS (global positioning system) or a dedicated radio signal such as those transmitted by national physics laboratories (such as MSF – UK, WWVB – USA, DCF –Germany) offer secure and reliable methods of receiving a secure and accurate time signal.

4. Organise a network into stratum, levels. Strata ensure that the NTP server is not inundated with time requests and that the network bandwidth doesn’t become congested. A stratum tree is organised by a few select machines being stratum 2 devices in that they receive a time signal from the NTP server (stratum 1 device) these in turn distribute the time to other devices (stratum 3) and so on.

5. Ensure all machines are utilising UTC and the NTP server tree. A common error in time synchronisation is to not ensure all machines are properly synchronised, just one machine running inaccurate time can have unforeseen consequences.