Network Time Protocol: Explaining NTP and Network Time Synchronisation

NTP is almost as old as the Internet itself. It was devised and developed by Dr David Mills of the University of Delaware and has been in constant use and continually updated since 1985. NTP is an internet protocol designed to synchronise clocks on a computer network.

 In a modern global economy time synchronisation is essential for carrying out time sensitive transactions such as booking an airline ticket to bidding on Ebay. If clocks were not synchronised to the same time you may find your airline seat sold after you had bought it and Ebay’s administrators would not be able to discover whose bid was the latest.

 NTP can synchronise networks across the Internet or a Local/Wide Area Network (LAN/WAN) it synchronises time with reference to a reliable clock source. This source could be relative such as a computer’s internal clock or the time on a wrist-watch or absolute such as time from an atomic clock.

 Most network administrators prefer to use an external absolute source, mainly because specialist NTP servers are available that can easily receive an atomic clock timing reference  either through specialist radio transmissions (usually from national physics laboratories) or the GPS network.

A universal timescale called UTC (Coordinated Universal Time) has been developed allowing networks all around the world to be synchronized to the same timescale and supports such features as leap seconds - added to compensate for the slowing of the Earth’s rotation

NTP uses an algorithm (a complex sequence of instructions) to keep time by constantly checking the time source and matching it to the time on its clocks on the network and instructs each device to alter if it becomes out of synchronisation.

NTP uses timestamps to represent the current time of the day each. As time is linear each timestamp is always greater than the previous one. NTP timestamps are in two formats but they relay the seconds from a set point in time (known as the prime epoch, set at 00:00 1 January 1900) The NTP algorithm then uses this timestamp to determine the amount to advance or retreat the system or network clock.

NTP analyses the timestamp values including the frequency of errors and the stability. A NTP server will maintain an estimate of the quality of  both it’s reference clocks and itself.

The NTP program (daemon on UNIX, service on Windows) runs in the background. NTP receives exchanges time information by packets (a block of data) but refuses to believe the time it is told until several exchanges have taken place, each passing a set of tests or protocol specifications. Only if the replies from a server satisfy these tests does the NTP utilizes this information. It usually takes about five minutes (five good samples) until a NTP server is accepted as a timing source.

Microsoft, who has installed a version of NTP in their operating systems since Windows 2000, strongly recommends that a hardware source is used as a timing reference as Internet sources can’t be authenticated.

Authentication verifies that each timestamp has come from the intended time reference by analysing a set of agreed encryption keys that are sent along with the time information. NTP, using Message Digest encryption (MD5) to un-encrypt the key, analyses it and confirms whether it has come from the trusted time source by verifying it against a set of trusted keys.

The best solution is to use a specialist NTP server and receive an authoritative time reference via either the GPS network or radio transmissions (known as MSF in the UK or WWVB in the US).  

NTP servers judge the distance of each network device from a timing source and organises them into Strata. These Stratum levels exist to prevent cycles and guarantee accuracy. Stratum 0 are devices such as reference clocks connected directly to a computer. Stratum 1 are computers attached to stratum 0 devices, while Stratum 2 are computers further out.

NTP is free to download via NTP.org and is continually supported and updated. The current version is v 4. A simplified version of NTP (SNTP) exists has less functions and  is used in some devices and applications (and also included in older versions of Windows) where high accuracy timing is not as important.