Time Synchronisation

Distributed networks rely completely on the correct time. Computers need timestamps to order events and when a collection of machines are working together it is imperative they run the same time.

Unfortunately modern PC’s are not designed to be perfect timekeepers. Their system clocks are simple electronic oscillators and are prone to drift. This is not normally a problem when the machines are working independently but when they are communicating across a network all sorts of problems can occur.

From emails arriving before they have been sent to entire system crashes, lack of synchronisation can causes untold problems across a network and it is for this reason that network time servers are used to ensure the entire network is synchronised together.

Network time servers come in two forms – The GPS time server and the radio referenced time server. GPS NTP servers use the time signal broadcast from GPS satellites. This is extremely accurate as it is generated by an atomic clock on board the GPS satellite. Radio referenced NTP servers use a long wave transmission broadcast by several national physics laboratories.

Both these methods are a good source of Coordinated Universal Time (UTC) the world’s global timescale. UTC is used by networks across the globe and synchronising to it allows computer networks to communicate confidently and partake of time sensitive transactions without error.

Some administrators use the Internet to receive a UTC time source. Whilst a dedicated network time server is not required to do this it does have security drawbacks in that a port is needed to be left open in the firewall for the computer to communicate with the network time server, this can leave a system vulnerable and open to attack. Furthermore, Internet time sources are notoriously unreliable with many either too inaccurate or too far away to serve any useful purpose.

Most time servers use Network Time Protocol and like other Internet based protocols NTP contains a packet header. A packet header, put simply, is just is a formatted unit of data that describes the information contained in the packet.

The NTP packet header consists of a number of 32-bit words. Here is a list of the most common packet header terms and their meaning:

IP address – the address of the NTP Time Server

NTP Version – which version of NTP (currently version 4 is the most recent)

Reference timestamp (the prime epoch ) used by NTP to work out the time from this set point (normally January 01 1900

Round trip delay (the time it takes request to arrive and come back in milliseconds)

Local clock offset – time difference between host and client

Leap indicator (if there is to be a leap second that day –normally only on 31 December)

Mode3  -  a three bit integer which values represent: 0=reserved, 1=symmetric active, 2= symmetric passive, 3=client, 4=server, 5=broadcast, 6=NTP control message, 7=reserved for private use.

Stratum level – which stratum level the NTP server is (a stratum 1 server receives the time from an atomic clock source a stratum 2 server receives the time from a stratum 1 server)

Poll Interval (How many requests is made and their intermittence)

Precision – how accurate in milliseconds is the system clock

Root Delay – This is a signed fixed-point number indicating the total roundtrip delay to the primary reference source at the root

Root dispersion (in milliseconds)- The root dispersion is the maximum (worst case) difference between the local system clock and the root of the NTP tree (stratum 1 clock)

Ref ID – 32 bit identifying the reference clock

Originate time stamp (time before synchronisation request)

Receive timestamp – the time the host/NTO time Server got the request

Transmit timestamp – the time the host sent back the request

Valid  response– is the system clock  synchronised or not