Skip to content

An Introduction To NTP

An Introduction To NTP - Network Time Protocol

Network Time Protocol (NTP) is a standard Internet Protocol (IP) for synchronizing the clocks of computers on a network.

  • NTP coordinates the real time clocks of computers on a network.
  • Developed at the University of Delaware in 1985.
  • It is one of the oldest internet protocols still in use.
  • The latest release is version 4.2.
  • Most operating systems, including Linux, macOS and Windows have NTP implementations.
  • NTP communicates using the User Datagram Protocol (UDP), port 123.
  • Computer clocks can be coordinated to within a few milliseconds of UTC.

History

NTP was developed at the University of Delaware in 1985 because of a growing requirement for the synchronization of time of computers over the Internet. NTP is one of the oldest internet protocols, but is still considered to be the standard means of synchronizing computers over a data network.

Being under continuous development, a number of versions of NTP have been released over the years. By far the most common implementations are versions 3 and 4. The latest version 4 is fully compatible with the previous version. It’s continued development and extensive implementation, means that it is likely to be with us for a many years yet.

The Importance of Synchronized Network Clocks

Distributed computer systems rely on coordinated clocks to guarantee correct sequencing of processes and accurate logging of events. Time is the only reference that can be used to coordinate processes of independent systems.

In many jurisdictions, for certain applications, it is a legal requirement to accurately synchronize computer systems. For instance, legislation requires that the business clocks of financial trading systems are synchronized very tightly. For operational and often legal reasons, coordinating the time of modern computer systems is of critical importance.

Supported Platforms

NTP was originally developed for operation on Linux and UNIX-like platforms. The standard NTP distribution can be downloaded as source code for compilation on a host Linux computer. Source code is available from the NTP project web site.

NTP is implemented on most platforms, including Windows, Linux and MacOS.

Many Linux operating systems include pre-complied versions of NTP in their distributions. Most install NTP by default. More recently, the standard distribution has also been ported to Windows operating systems.

Most operating systems including macOS and Windows, have some form of NTP synchronization application either pre-installed or available as an option.

How NTP Works

NTP can operate in a number of ways. The most common configuration is to operate in unicast mode, or client-server. This is where a client transmits a request packet to a server, which responds with a time stamp packet. Each packet has originate, receive and transmit timestamps so that network propagation delays can be calculated. This allows clients to synchronize as tightly as possible to the the servers clock.

Unicast and Broadcast modes of operation to transfer time to clients.

All time-stamp packets generated by NTP utilize UTC time. Coordinated Universal Time (UTC) is a world-wide time standard. It is closely related to GMT (Greenwich Mean Time). UTC does not vary, it is the same world wide. NTP sets the clocks of computers to UTC, any local time zone offset or day light saving time offset is applied by the operating system. In this manner clients can synchronize to servers regardless of location and time zone differences.

NTP Hierarchy and Stratum Levels

NTP implements a hierarchical architecture. Each level in the hierarchy is known as a stratum. At the very top are hardware reference clocks, such as GPS or radio time receivers, known as stratum 0 hardware clocks. Stratum 1 NTP servers have a direct connection to a hardware clock and therefore have the most accurate time.

Hierarchical NTP structure
Hierarchical NTP structure showing stratum levels.

Each stratum in the hierarchy synchronizes to the stratum above. The stratum can be considered as an indication of the distance a client is from the source hardware clock. As such, the further a client is from the source, the less accurate its clock.

Hardware Reference Clocks

In order to provide accurate time, a reliable, precise, time source is required. These time sources are known as hardware reference clocks. Most hardware reference clocks obtain time from Global Navigation Satellite Systems such as GPS, GLONASS and Galileo.

Highly accurate atomic time is provided by Global Navigation Satellite Systems, such as GPS.

Many countries also have radio time broadcasts, such as MSF (UK), DCF (Germany) and WWVB (US). However, GNSS receivers provide the highest levels of accuracy. Due to the number of consumer satellite navigation systems in use, the cost of GNSS receivers has fallen rapidly in recent years.

The NTP distribution provides software drivers for many different manufacturers of GNSS and radio timing hardware.

Configuring NTP

NTP is configured using a configuration file which is read when the service starts. The NTP service needs to be restarted for any configuration changes to take effect. The default configuration file location is /etc/ntp.conf.

As a minimum, the configuration file will consist of one or more servers that are to be used for synchronization. Additionally, the location of a drift file should be specified which will store the frequency error of the system clock. The value is used to initialize the internal frequency error when NTP is restarted.

Example:

server 0.pool.ntp.org
server 1.pool.ntp.org
server 2.pool.ntp.org
driftfile /var/lib/ntp/drift

The basic configuration file above specifies three Internet pool NTP servers and a drift file located at /var/lib/ntp/drift.

How Accurate is NTP?

When provided with a selection of time servers, NTP utilizes complex algorithms to select the most accurate.

Clients can synchronize to millisecond precision using NTP.

NTP also calculates network propagation delays in order to synchronize as tightly as possible to a server. These features mean that even using an Internet time server, client synchronization within 10 milliseconds or so is entirely possible. While a NTP server on a local area network can provide sub millisecond synchronization.

Implementing Redundancy with NTP

The most reliable synchronization system is a multi NTP server system. Two or more identical servers ideally in different locations provide the most robust configuration. Clients can access all of the NTP servers and automatically deselect any faulty or out of tolerance servers. Best practice is to install an odd number of servers, so that any time divergence of a unit can be detected by comparing to at least two other units.

Redundant NTP system
A fully redundant NTP system with multiple peered servers and multiple sources of time.

To enhance redundancy, multiple servers can also be peered together so that if one loses hardware clock synchronization, they can obtain time from other servers in the peered group.

Network Time Protocol Security

NTP can be secured by implementing encrypted key authentication. A number of identical keys, or passwords, is specified on both the server and client.

Encrypted key authentication ensures a high level of security.

The keys are encrypted and attached to NTP packets, acting as a digital signature. Packets exchanged between client and server are only processed if matching keys are present. Keys are encrypted using a hashing function, typically MD5.

Authentication keys are stored in a file, which is located, by default, at /usr/local/etc/ntp.keys.

The file has the following format: key number, type of key, key or password.

Example:

1 M MyKey
2 M AnotherKey
5 M YetAnotherKey

The key file above specifies three keys. The first field indicates a unique key number. The second, the encryption type, in this instance MD5. The third field is the key itself.

Local Time, Daylight Saving And Time Zones

Local time varies around the world by a time zone offset which is applied according to the longitude of the location.

Universal Coordinated Time is transferred to clients by NTP.

Many countries also make daylight saving time adjustments during the summer months. Typically, local time is advanced by one hour in the spring and set back one hour in the autumn.

However, NTP does not work with local time, it uses Universal Coordinated Time. UTC is an internationally recognized time standard, it is not adjusted for local time zones or daylight saving. UTC is the same world-wide, regardless of location.

NTP does not adjust clocks according to local time zone or account for daylight saving time changes.

The operating systems of client computers are solely responsible for the application of any time zone and daylight saving offset.

By using UTC rather than local time, a client computer located anywhere in the world is able to correctly synchronize to a NTP server regardless of its location.

NTP and Leap Seconds

The international standard of time is Coordinated Universal Time (UTC), which is used in countries around the world almost exclusively as the basis of civil time.

An extra leap second is periodically inserted on 30 June or 31 December.

UTC is derived from atomic clocks located in the National Physics Laboratories of various countries and is based on the international definition of the second.

However, the Earth takes slightly longer than 24-hours, or 86400, seconds to complete one full rotation. Therefore, very slowly, UTC slightly drifts away from time references based on the rotation of the Earth (solar time standards). Additionally, the rotation of the Earth can speed-up or slow-down slightly, it is well-known that some big Earthquakes can change the speed of rotation of the Earth, slightly shortening days.

In order to compensate for the divergence of UTC from solar time, leap seconds are occasionally introduced. A positive leap second is inserted at 23:59:59 of a specific day to increase the length of the day to 86401 seconds. A negative leap second is achieved by removing a second before 00:00:00.

 

Due to variations in the Earth’s rotation, positive leap seconds are inserted at irregular intervals. Negative leap seconds are rarely used, indeed, to date a negative leap seconds has never been inserted.

Leap seconds are generally inserted either on the last day of June, 6-months into the year, or on the last day of December, at the end of the year.

Leap Second Announcements

Radio time and frequency broadcasts, such as MSF, DCF77 and WWVB, continuously transmit UTC time information. However, along with each time-stamp, they also transmit a number of flags. One of the flags is generally used to indicate whether a leap second is pending. One hour before a leap second, a flag is set to announce the imminent insertion of a leap second. Similarly, most GPS receivers also provide flags announcing the impending insertion of a leap second. The actual time-stamp provided by both GPS and radio receivers at the leap second will be 23:59:60 on the day of insertion.

Network Time Protocol (NTP) implements algorithms that can receive leap second announcements from GPS or radio reference clocks. The NTP daemon then informs network time clients and it’s host operating system of the impending insertion. Leap second announcements may also be received and acted upon from external NTP time servers.

Internet Time Servers

There are a large number of NTP servers available on the Internet. Most can be used freely. The NTP pool project provides Internet access to a very large virtual cluster of servers. The servers are free to use. They are administered by volunteers that have servers located on the Internet. Available in most countries, to reduce network latency, the project is a low-cost way of synchronizing computer clocks.

There are, however, a couple of drawbacks to using Internet time servers. Firstly, to access a time server located on the Internet, a UDP port must be left open in any firewall, to let NTP traffic through. This can raise security issues. Additionally, due to round trip network delays, the time received from Internet NTP servers is less accurate. Internet NTP servers also provide no guarantee of service, which can be problematic if network synchronization is critical.

These issues can be solved by a local NTP server.

Local NTP Servers

A stratum 1 time server with direct connection to a hardware clock, such as GPS, is often referred to as a local NTP server. These have a number of advantages over Internet time servers. Because they reside on a local network, there are fewer security concerns than associated with Internet access. Also, the coordination of time of computers can be much tighter, since network latency is much reduced. By installing two or more servers, a fully redundant system is achievable, providing almost guaranteed availability.

The Simple Network Time Protocol (SNTP)

SNTP is a simplified version of the NTP protocol. It was developed for small computers, micro-controllers and applications where the accuracy of the full-blown Network Time Protocol is not required.

SNTP is a simplified version of NTP for small computers and microcontrollers.

SNTP and NTP share identical data packet formats. Therefore, a network device that uses SNTP can synchronize seamlessly to a NTP server.

SNTP does not have the complex mathematical formulas that NTP uses to calculate most accurate server. It also does not have the algorithms to slew time and avoid abrupt time changes, instead it simply implements time adjustments in a stepped manner. SNTP is therefore ideal for applications where accuracy is not critical. For this reason, SNTP should not be used to serve clients. It should only be used at the extremities of the NTP hierarchy.

Alternative Network Time Protocol Implementations

There are a number of alternative NTP implementations in addition to the NTP project. Most operating systems have some form of NTP package available.

The Windows Time Service

For a number of years various Windows operating system have implemented a Windows Time Service. The service is used to keep the computer clock accurate. Windows Time can be configured to synchronize to a local or internet NTP server.

Initially, earlier Windows operating systems, implemented SNTP. However, the service has developed over time, offering more features. Later versions implement the full NTP protocol with improved accuracy.

OpenNTPD

OpenNTPD was originally developed as part of the OpenBSD project. The application provides the ability to synchronize to a NTP server as well as acting as a server to time clients. The OpenNTPD software can be downloaded and used free of charge under a OpenBSD license.

Chrony

Chrony is an implementation of the Network Time Protocol. It can be used to synchronize a computers system clock to a NTP server or act as a server to synchronize clients. The application can run on Linux, FreeBSF, NetBSD, MacOS and Solaris. Chrony was originally developed to operate on systems that have unreliable or heavily congested network connections. It may be used freely under a GNU General Public License.

Systemd – TimeSyncd

Timesyncd is an SNTP client that is part of the systemd software suite for Linux operating systems. The application is a service that provides basic synchronization to a NTP server. It cannot act as a server itself. TimeSyncd can operate with intermittent network availability and also without a battery backed real-time clock. These features make it ideal for use on small embedded devices.

Alternative Time Synchronization Protocols

A number of alternative time synchronization protocols have been developed, often for specialized applications.

Precision Time Protocol (PTP, IEEE 1588)

Precision Time Protocol is an alternative network time synchronization protocol developed to achieve very high clock accuracy. PTP employs hardware time stamping techniques to achieve sub-microsecond synchronization of client computers. However, special network interface hardware is required to achieve these accuracies. PTP is generally associated with more specialized applications such as high frequency trading and mobile phone communications.

Time Protocol

The Time Protocol (RFC 868) was used on many older Linux and UNIX implementations. It is a time transfer protocol implemented over TCP/IP. The accuracy of the Time Protocol is relatively poor at around 1 second. NTP has superseded the Time protocol on most platforms, however, it is still used by legacy systems.

NTP Best Practices

Internet time servers are generally maintained by enthusiasts and volunteers. They provide no guarantee of availability or accuracy. Additionally, NTP security mechanisms cannot be used with public time servers.

Best practice NTP synchronization with stratum 1 servers and peered stratum 2 servers.

If the coordination of time of computers is critical for your organization, you should consider installing a stratum 1 NTP server on your network. TimeTools is a UK manufacturer of NTP servers and precision timing equipment using GPS and multi-GNSS time references. Our products provide a reliable, accurate and traceable source of time inside your firewall.

NTP RFC’s

RFC 5905 Network Time Protocol Version 4: Protocol and Algorithms Specification
D. Mills, U. Delaware, June 2010
https://tools.ietf.org/html/rfc5905

RFC 4430 Simple Network Time Protocol (SNTP) Version 4 for IPv4, IPv6 and OSI
Obsoleted by: 5905, D. Mills, U. Delaware, January 2006
https://tools.ietf.org/html/rfc4330

Additional Information

How to Install and Configure NTP on Linux

What is a Stratum 1 Time Server ?


Does your organization need to accurately synchronize the clocks of computers and network infrastructure? If so, check out TimeTools range of GNSS network time server appliances.

Andrew Shinton About Andrew Shinton
Andrew Shinton is the joint founder and Managing Director of TimeTools Limited. He has a BSc (Hons) degree in Computer Science. Andrew has over 20 years experience of GPS systems and Network Time Protocol (NTP) in the Time and Frequency Industry.