NTP stands for “Network Time Protocol.” It is a protocol used by devices connected to the internet to synchronize their systems’ time to a time reference. There are various important points as to why it is important to maintain accurate time, and the working principles of NTP are elementary yet amazing.
We recently featured an article about setting up the NTP server and client on Ubuntu-based distributions. This calls for a detailed description of how exactly NTP works and why it is important.
What is the requirement of accurate time?
First, let us see why in the first place, such a deep infrastructure was developed so that our machines could use accurate time.
Drift Occurs
Whenever you are using a computer system, it is a well-observed fact that the hardware clock starts to lag as time goes. This effect can even add up to a high inaccuracy in some cases. This is obviously not a desirable effect, so it is wise to use time synchronization.
Log Management
If there is a network of multiple devices, and say some issue occurs, that affects multiple systems on the network. The best way to track the issue and find out what happened is by checking system logs (more about checking log files here). If one of those systems is a few seconds behind, it will seem to have been effected before the other system, which actually got affected first. This makes it difficult to troubleshoot, and in general, manage multiple systems across a network. This was just one example, but there are many more and severe possibilities.
NTP Server Overview (Courtesy: Siemens)
Transactions
Several kinds of transactions are made across the internet. Sometimes, if your system clock is ahead of the actual time, it might show in the system logs of the payment that the payment arrived before you actually paid the amount. This will render the payment as not yours and give rise to more problems.
Or in a more similar case, due to time inaccuracy, it can often be the case that your recipient will send a reply to your E-mail before you even sent the E-mail in the first place. As you can imagine, time accuracy over two different systems on the internet can be the root of several potentially harmful consequences.
Command Execution
On a network, there are often scripts written to execute tasks orchestrated over multiple systems. If such a script has time parameters, it can get messed up if a system has inaccurate time. Some commands will be executed before it needs to, or after sabotaging the whole process. This is obviously not good to happen.
Again, on a more similar note, your GPS wouldn’t really work properly if the time is not synchronized properly between your system and the GPS satellite.
How does it work?
Thus, we have seen several reasons why maintaining accurate time over a network is quite important to incorporate scenarios and our daily lives. Luckily for us, this is not very difficult to achieve. Using NTP, we can make this possible. But then, how does NTP make that happen? Let us see.
Time Sources
The ultimate time sources have to be extremely precise, of course. These time sources are some of the best scientifically possible right now, first of which are Atomic Clocks, which use 9192631770 cycles of the radiation corresponding to the transition between two energy levels of the ground state caesium-133 atom as one second. Other than that, receivers for time signals broadcasted by some national standard agencies can be trusted as the precise time.
NTP100-GPS
These time sources are said to be at the Stratum 0 level. The concept of stratum works as described:
Stratum Concept
Stratum literally means “one of a series of layers, levels, or gradations in an ordered system,” and that is how it is used in the context of NTP as well. The stratum 0 level is the most precise possible time. If a server synchronizes time with a stratum 0-time source, it is a stratum 1-time source. And if it provides time to another server, that server is a stratum 2-time source. As the layers keep going up, the stratum number assigned to the server also usually keeps going up. So the lower the stratum number assigned to a server, the more precise the time would be.
The stratum levels are considered until stratum 16, after which the time difference is too much. In many scenarios, it is only recommended to use up to stratum 4 servers.
Stratum 1 Server
A stratum 0 level server is not allowed to be used by regular users like ourselves. Atomic clocks and national agencies’ time sources are managed by the government directly.
Going further up the line, a stratum 1 server is a server that is directly connected to a hardware clock, which is at the stratum 0 levels. This is the best possible time source server because the stratum 0 is not actually a server but a clock. The server that can actually be connected to is the stratum 1 server, which directly receives the time from the hardware clock.
A stratum 1 server has to have a precise and well-maintained. It should also be highly available as other systems may rely on its time service.
Time Syncing Process
First of all, to set up the NTP on your system, you have to choose the servers you will use to sync the time to. For that, you can choose the server that you wish to use and configure the settings on your system software.
How Time is Synced
The synchronization process begins with the system and the NTP server exchanging multiple data packets for quite some time. What is actually happening is that the time taken by the packet to complete one round trip to the NTP server and back is calculated. The time is sent in those data packets by the NTP server, and the calculated time of traveling is deducted accordingly. For example:
The system has the time 17:00:05 when it sends the packet. The system now receives the response from the NTP server at 17:00:11. The NTP server has sent the time information, that it is actually 17:05:23 right now. But when you look at the travel time taken by the packet, which is 6 seconds, it means that it took 3 seconds to go to the server and 3 more to come back. This means that the time was 17:05:23 3 seconds ago, not at the moment. So the time is accordingly adjusted to 17:05:26.
(I have, of course, enlarged the scale to a very high degree, but that is just for the sake of explanation. These differences are in milliseconds in reality, but the logic is the same).
This whole packet exchange process goes on for about 5 minutes to ensure the correct time and ensure that the offset has been fixed. Obviously, the shorter, more consistent, and more symmetrical the packet exchanges are, the more accurate will be the time. The NTP protocol uses UDP and IP packets for this process because of their speed and reliability. The port used is 123. It is said that time accuracy is typically between 5-100 ms.
If the time difference between the NTP server and the system is small enough, it will quickly change it. If the time difference is large, the time is changed constantly with tiny differences until corrected.
Best Practices
Have Multiple Servers
This is the most highly recommended practice: to have multiple redundant NTP servers if the one uses malfunctions or becomes inaccurate for some reason. There will be not much loss done if the network can be connected to another NTP server right away. Additionally, it will be even better if you can set up scripts that can automatically activate and connect the network to one of the redundant servers when certain obvious cues are given (like receiving no packets from the NTP server, etc.).
Consider the Network Layout
The network should be structured so that the systems requiring more accurate time are physically closer and directly connected to the NTP server. If there are sub-networks, they should be used for tasks that relatively do not require accurate time.
Secure NTP communications
Since NTP is based on UDP, it is a protocol focused on quite a lot, so depending upon your system, there could be potential vulnerabilities. It is always a good idea to secure the NTP connection with authentication.
Restrict Access
Safeguarding the network from external attackers is important, for sure, but so is preventing mishandling. By restricting access to the NTP servers for the bare minimum number of people, you can make sure to have as less human error as possible, and more than that, you can rest assured that it won’t be handled by someone who does not have the technical understanding actually to handle the network.
Avoid Time Loops
Sci-fi prospects aside, you should always make sure to avoid time looping in the network structure. Say A acts as the server for B, and B for C. Now, if C again is assigned as the server for A, things can become messy. Obviously, no one in their right minds would do this, but sometimes, it can happen accidentally, so checking the NTP network layout once in a while is a good idea.
Conclusion
NTP is an excellent and efficient protocol to make sure that your system always has the correct time. It can get a little tricky in a large network or an office environment, but being a little careful and having good layouts can go a long way. We hope that you found that article useful.
