Computer Network Time Synchronization 240
Ben Rothke writes "For most people, having their clocks accurate to within a few millionths of a second is excessive. Yet there are plenty of reasons to ensure that clocks on networks and production systems are that accurate. In fact, the need for synchronized time is a practical business and technology decision that is an integral part of an effective network and security architecture. The reality is that an organizations network and security infrastructure is highly dependent on accurate, synchronized time." Read the rest of Ben's review.
| Computer Network Time Synchronization | |
| author | David L. Mills |
| pages | 304 |
| publisher | CRC |
| rating | 10 |
| reviewer | Ben Rothke |
| ISBN | 0849358051 |
| summary | Definitive reference on how to deploy and use NTP |
From a practical perspective, nearly every activity requires synchronized time to operate at peak levels, from plane departures and sporting events, to industrial processes, IP telephony, GPS and much more. Within information technology, technologies from directory services, collaboration, to authentication, SIM and VoIP all require accurate and synchronized time to work effectively.
Computer Network Time Synchronization: The Network Time Protocol is a valuable book for those that are serious about network time synchronization. David Mills, the author of the book, is one of the pillars of the network time synchronization community, and an original developer of the IETF-based network time protocol (NTP). The book is the summation of his decades of experience and a detailed look at how to use NTP to achieve highly accurate time on your network.
While network time synchronization is indeed crucial to corporate networks, this is only the second book on the topic. Last year saw Expert Network Time Protocol: An Experience in Time with NTP, which is a most capable title. But this book is clearly the indisputable reference on the subject, given its extraordinary depth and breadth. While Expert Network Time Protocol gets into the metaphysics of time, Mills's book takes a much more rationalist and pragmatic approach, which explains the myriad mathematical equations.
Mills is an electrical engineer by training and a significant part of the books 15 chapters involve advanced mathematics. But even for those who can't manage such equations, there is enough relevant material to make the book most rewarding.
Chapters 1 and 2 provide an excellent overview of the basics of network timekeeping and an overview of how NTP works. We often take for granted that network computers have the capabilities to set their internal clock. But while the capabilities are there, the reality is that these clocks are rarely accurate and subjected to many externalities that affect their ability to provide accurate time. The book shows how highly accurate time is easily achievable; often without the need for additional hardware. The goal of book is to show the reader how they can use NTP to synchronize the time on their network hosts to within a few milliseconds.
Chapters 3 - 11 detail the internals of NTP and time synchronization. Topics such as clock discipline algorithms, clock drivers and more are detailed. For many readers, the information may be overkill, but remember that this is not a For Dummies book.
Chapters 13 - 15 ease up on the abstract mathematics and are much more readable to newbie to the world of time synchronization. Chapter 13 is quite readable and details the metrology and chronometry of how NTP measures time as opposed to other time scales.
One of the key differences is the notion of absolute vs. relative time. Relative or astronomic time is based on the earth's rotation. Since the earth's rotation is not absolute, leap seconds are added to keep UTC (Universal Coordinated Time) synchronized with the astronomical timescale.
So what exactly is this legendary thing called the second? In 1967, the 13th General Conference on Weights and Measures defined the International System unit of time, the second, in terms of atomic time rather than the motion of the Earth. Specifically, a second was defined as the duration of 9,192,631,770 cycles of microwave light absorbed or emitted by the hyperfine transition of cesium-133 atoms in their ground state undisturbed by external fields.
Since the 17th century, time has for the most part been measured astronomically via the solar day. But in the 1940s, it was established that the earth's rotation is not constant, as the earth is spinning slower than it did years ago.
Part of what NTP provides is coordination to UTC. UTC provides operating systems and applications with a common index to synchronize events and prove that events happened when timestamps state they did. UTC is a 24-hour clock system and that any given moment, UTC is the same no matter where you are located.
For the purist, UTC really stands for Coordinated Universal Time, but both terms are used. Mills somewhat humorously notes that we follow the politically correct convention of expressing international terms in English, and their abbreviations in French.
Chapter 15 concludes the book with a fascinating look at the technical history of NTP. As of mid-2006, NTP has been in use for over 25 years and remains one of the longest, if not longest running, continuously operating application protocols in use on the Internet. Currently in version 4.2.1, NTP is a well-developed, stable protocol.
For those that are simply interested in how time synchronization works, or are responsible for time synchronization in their organization, Computer Network Time Synchronization: The Network Time Protocol is the most comprehensive guide available to using NTP.
For those that need an exhaustive tome on all of the minutiae related to NTP and synchronization, this is the source. Short of a vendor and product analysis, the book covers every detail within NTP and is the definitive title on the subject.
Two new books on the subject in a year demonstrate the importance of time synchronization. While this is not likely indicative of a flood of new books on time synchronization, this book should be considered the last word on the topic."
You can purchase Computer Network Time Synchronization from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
Finally, an NTP book for the masses (Score:5, Funny)
Re:Finally, an NTP book for the masses (Score:3, Funny)
I clocked your pun doing 110 in a 100 pun zone. If convicted, the punishment is setting VCR clocks in your state, each to within a fraction of a second of each other.
Re:Finally, an NTP book for the masses (Score:3, Insightful)
Re:Finally, an NTP book for the masses (Score:2)
Re:Finally, an NTP book for the masses (Score:2)
The difference is that they now set the time themselves off of the signals coming from the antenna.
Summary of the book (Score:2)
Re:Summary of the book (Score:2)
yum install ntp
Re:Summary of the book (Score:2, Informative)
emerge ntp
NTP gurus wanted... ? (Score:3, Insightful)
Re:NTP gurus wanted... ? (Score:2)
Re:NTP gurus wanted... ? (Score:2)
Microsoft's version of NTP (Score:5, Informative)
As long as you don't give a damn about sub-second accuracy (in our SCADA system, we like to stay in sync within 7 milliseconds or less) and as long as you don't care about traceability, then I guess it's better than nothing. However, the NT version of Mills' NTP is free, it is very stable on all versions I've tested it on from NT through 2003 server, and the configuration is exactly the same as most POSIX systems.
Having been there and tried it, I have to say that Microsoft did a piss poor job with their version of NTP. Get the GNU version. It Just Works Better.
Re:Microsoft's version of NTP (Score:5, Informative)
A full NTP implementation includes a PLL that locks the clock to the consecutive incoming timestamps. This filters out jitter and ensures that the system knows about the inaccuracy of the clock oscillator. It uses this information during the intervals between incoming timestamps.
So, an NTP-controlled system smoothly advances time staying as close to real time as possible, while a Microsoft system has a sawtooth pattern and may even step the clock backward when a query happens to be delayed in the network.
Don't use SNTP outside of a LAN.
Re:NTP gurus wanted... ? (Score:3, Interesting)
Yes folks, there is a right and a wrong way to set up NTP. Having each of your individual clients poll stratum 2 or 3 (or Allah forbid a stratum 1 server) directly is like configuring each of your clients to poll the the Internet's DNS Root Servers [root-servers.org] directly. After all
Re:NTP gurus wanted... ? (Score:4, Interesting)
Oh, about 10. But how many weird things do you know that not many others would value?
Some people are really, really into keeping time. It's a hobby for them. This book is for that sort of person. Besides, although my company didn't need to hire a person to do nothing but NTP, they certainly needed at least one person on staff with that skillset (hint: Active Directory, Kerberos, "clockskew") to keep everything else working. How fortunate for me that my boss needs the skills that I picked up out of personal curiosity!
Re:NTP gurus wanted... ? (Score:2, Funny)
Yeah, it's called OCD.
Re:NTP gurus wanted... ? (Score:2)
I understand that I can have a GPS, and plug it into my host, that I can use NTP to distribute the time from there to my local network. I haven't had a GPS to dedicate to that purpose yet, but I found NTP interes
Re:NTP gurus wanted... ? (Score:2, Funny)
Re:NTP gurus wanted... ? (Score:2)
Re:NTP gurus wanted... ? (Score:2)
RCS/CVS/make et all can get SERIOUSLY screwed up if the timestamps are off by even a second.
Re:NTP gurus wanted... ? (Score:5, Interesting)
More interestingly, Mills said that he fears a potential DOS against the entire internet would be to use an NTP hack to advance the clocks on all the caches, thus expiring their contents and causing the root servers to be flooded. This would effectively bring down DNS until the caches could be fixed.
Re:NTP gurus wanted... ? (Score:2, Informative)
NTP or acurate time?
I am sure you can find the answer to acurate time on Google or by reading the book.
But just to get us started:
* network file sharing with central backup
* ditto with CVS type system.
* network databases.
Re:NTP gurus wanted... ? (Score:2)
Re:NTP gurus wanted... ? (Score:2)
None. In fact, at wr0k, I setup NTP on all boxes in a matter of 20 minutes (without -ever- having used/configured NTP). It's just a matter of reading the man page, changing servers in config files, and... well.. starting NTP server. That's it.
One would have to be pretty thick headed to need a 300 page book to explain it.
Re:NTP gurus wanted... ? (Score:2)
Re:NTP gurus wanted... ? (Score:3, Informative)
Re:NTP gurus wanted... ? (Score:3, Insightful)
What happens when he gets hit by a car?
Reading a book is much easier than decyphering code.
Re:NTP gurus wanted... ? (Score:3, Interesting)
A small percentage of computers need to be controlled to the accuracy of NTP's capability, and to the level of knowledge represented in this august book.
For the rest of us there's OpenNTP [openntpd.org] which is a much simplified and more secure version of NTP. If you're happy with a clock that is accurate to two- or three-hundred milliseocnds, check it out.
Why even used NTP?? (Score:2)
Re:NTP gurus wanted... ? (Score:2)
All you need to know about NTP (Score:5, Funny)
2. Get D-Link to use you as the non-configurable time source for a line of disposable networking gear.
3. Profit!
Congrats to PHK for finding the elusive middle step!
Re:All you need to know about NTP (Score:5, Funny)
The man who uses one NTP server always knows what time it is. The man who uses two NTP servers is never sure.
The man who wrote the firmware for D-Link is why nobody's sure anymore.
Never use two NTP sources! (Score:3, Informative)
Since the original article didn't mention this, I would like to warn NTP users against ever configuring two servers! The reason is that NTP by design requires a plurality of all sources to agree on what the time is, before it will beli
Question about the D-Link Guy (Score:2)
These are the [0-3].north-america.pool.ntp.org lines you put in your conf files these days, unless you are D-Link.
The 4 IPs are set up to round robin to a big bunch of volunteer servers.
Re:Question about the D-Link Guy (Score:2)
Re:All you need to know about NTP (Score:2)
ieee 1588 is where it is at (Score:5, Informative)
From the intro [nist.gov]:
Re:ieee 1588 is where it is at (Score:2)
Re:ieee 1588 is where it is at (Score:2, Informative)
Origination of abbreviation UTC (Score:5, Informative)
Re:Origination of abbreviation UTC (Score:5, Funny)
Re:Origination of abbreviation UTC (Score:3, Informative)
The very next paragraph in that article says:
"UTC" also has the benefit that it fits in with the pattern for the abbreviations of variants of Universal Time. "UT0", "UT1", "UT1R", and others exist, so appending "C" for "coordinated" to the base "UT" is very satisfactory for those who are familiar with the other types of UT.
Step #1 (Score:3, Funny)
I've always wondered... (Score:5, Interesting)
Re:I've always wondered... (Score:3, Insightful)
Longer seconds. The change in length of a day is extremely gradual ("glacial" is fast by comparison), but as seconds are defined in terms of physical constants, a changing second means that our physics have ripped and we're fixin' to die.
Re:I've always wondered... (Score:2)
Re:I've always wondered... (Score:2)
It is way easier to go west than east as far as jet lag - moving sleep and wake time an hour later is effortless, an hour earlier is hard.
Re:I've always wondered... (Score:3, Informative)
Re:I've always wondered... (Score:4, Funny)
Re:I've always wondered... (Score:3)
GLOBAL SLOWING!!! (Score:2)
Re:GLOBAL SLOWING!!! (Score:3, Funny)
Re:I've always wondered... (Score:3, Funny)
How many people do you know who don't want more seconds (or more likely, minutes or hours) in a day?
About the author (Score:5, Interesting)
Re:About the author (Score:2, Insightful)
It's what?
Re:About the author (Score:2)
Re:About the author (Score:2)
Re:About the author (Score:3, Interesting)
Duh (Score:3, Interesting)
Well of course, I mean, what took them so long? Seriously though it's things like this that make me ask, what on earth lead them to define it like that? Its not 9 million cycles, not 9.5 million, not an obvious number of cycles at all. How did 9,192,631,770 cycles become it, not 9,192,631,771, thats too long, not 9,192,631,769 thats too short. Only 9,192,631,770 was good enough.
Re:Duh (Score:3, Informative)
Re:Duh (Score:5, Funny)
Re:Duh (Score:2)
Re:Duh (Score:2)
Re:Duh (Score:5, Funny)
Most of the SI units have been through several iterations. At each refinement you try to have a more precise value, whilst changing the absolute value as little as possible.
For example, why do we define an international mile to be 0.9144 metres, rather than the original 1000 double paces of a Roman legionary? Well, it's pretty hard to find a properly calibrated legionary these days.
Synchronization is important in the military (Score:2)
Re:Synchronization is important in the military (Score:2)
To paraphrase a real-world support incident (Score:2)
Anyway, I used to work in support at <company that used to build really fast, big, expensive supercomputers>. Just for the hell of it, a user wanted to hook up their $30 Epson dot matrix printer up to their new supercomputer, and we didn't really have a decent cheapo Epson printer driver.
"I just paid $15 million for this damn computer and what do you mean the serial port doesn't work?"
We fixed th
Military Lessons - Hard Learned. (Score:2)
Accurate time useful in computer security (Score:3, Interesting)
Re:Accurate time useful in computer security (Score:2)
But, the original post mentioned time accuracy to the "within a few millionths of a second".. Is there any real security need for something near that level of accuracy? In my experience, the vast majority of security applications only need accuracy to within a second, or tenth of a second type levels.
I suppose distributed IDS systems could use extreme accuracy for piecing together attacks. But
Of Phones and Networks (Score:2, Interesting)
The biggest problem is keeping computer systems synched to 'real life' systems, such as analogue clocks and college bells. These systems have a mind of their own, and are seemingly set to random times.
A prime example; my computer at work synchs from the web, as do the servers, which in turn means all the Cisco VoIP phones are synched as well. The bells however, are never quite spot on, nor are
Re:Of Phones and Networks (Score:2)
The problem is not one of keeping yourself in sync with a poorly designed system. The problem is one of the poorly designed system needing to be improved to stay in sync with
Re:Of Phones and Networks (Score:2)
Re:Of Phones and Networks (Score:3, Funny)
Accuracy & priorities (Score:2)
No, the point of the very complete book, which is the putative topic, is synchronization by NTP, which predates, and is entirely separate from, HTTP. I know I'm being pedantic but it irks me when folks, particularly technical persons who should know better, blithely refer to "the web" (perpetuating the miscomprehension of the online environment) and thus ignore/devalue the many non "web" parts of it.
What can you do? Tell folks they can either put the other clocks
Clock wisdom (Score:3, Funny)
NTP is great, except if you need it in Windows (Score:5, Interesting)
Part of the problem is the Windows Kernel counting time in 10ms or 15ms (depending on whether or not you use an SMP kernel), which automatically says you can't get more than ~30ms precision. But it seems so much worse, with every machine drifting up to ~1 second daily unless they are syncrhonized very frequently -- I get somewhat reasonable results synchronizing them every minute.
On Linux and FreeBSD, this is so trivial it's not even funny; My linux machines manage to keep synchronization to ~0.5 ms over months. Please wake me up when Windows is ready for the enterprise. And, yes, the "enterprise" I work in does need millisecond precision time-of-day synchronization among machine, as does any place that seriously tries to correlate network events (especially those related to security) collected at different points in the network.
Re:NTP is great, except if you need it in Windows (Score:2, Interesting)
I think.
This [meinberg.de] appears to be a port of real-deal NTP code to windows. I've never used it, just found it in a few minutes of googling, but its worth a shot.
--
Phil
Re:NTP is great, except if you need it in Windows (Score:2)
The "synchronizing on a schedule" was the only solution that was somewhat close to being reasonable. No "real" NTP client I used seems to work. I didn't try this specific build, but I did try one compiled from the same sources, and it had lousy performance.
Thanks for the link, though.
The solution my "enterprise" finally used, btw, is to write a high precision clock
Re:NTP is great, except if you need it in Windows (Score:3, Informative)
Why not? You must be thinking about the CMOS clock?
Current PC hardware has high-resolution timers that can be synchronized to within microseconds using NTP.
Re:NTP is great, except if you need it in Windows (Score:2)
Re:NTP is great, except if you need it in Windows (Score:2)
Windows doesn't do anything useful. That was the point of my rant. I'll probably buy the book sometime soon, but -- as I indicated -- the problem lies with the Windows kernel rather than with NTP. (And yes, I have researched this extensively).
Re:NTP is great, except if you need it in Windows (Score:2)
I've been using Tardis95 [charterworks.net] for many years. (Since Win95, about '97 or so)
Link goes to a somewhat later copy that place pretty nicely with Windows NT kernel. I don't know of a later release that was licensed such that you could freely copy/share it.
Just unzip and run the little installer - it pops up down on the system tray at the bottom left. If you have a favorite NTP server, you can specify it, otherwise you can pick fro
Re:A question (Score:2)
In a reasonably loaded LAN, you get responses back after ~0.1ms, which means there is no skew due to latency. When you do that between two Linux machines, you get better than 0.1ms sync. When you do that between Windows machines, you get up to 30ms, no matter how long you allow those two machines to try to synchronize.
My in
GPS card (Score:5, Informative)
eg http://www.visualgps.net/NMEATime/ [visualgps.net]
Hasn't this already been written? (Score:3, Funny)
Re:Hasn't this already been written? (Score:3, Informative)
Re:Hasn't this already been written? (Score:3, Funny)
to preserve the ultimate precision, about 232 picoseconds. While the ultimate precision, is not achievable with ordinary workstations and networks of today, it may be required with future gigahertz CPU clocks and gigabit LANs.
Man, I can just see the cobwebs floating in the wind on that thing.
I am into accurate time. (Score:4, Interesting)
*Heath Most Accurate Clock II, synchronizes with WWV at 10 meters.
I think that the network, with all its erratic latency, is not really the best source to use as a timing transport.
Some people have occasionally picked up old cesium clocks from ebay to set the PC's time. Most are from labs and after purchase, probably gather dust in the garage.
http://tycho.usno.navy.mil/cesium.html [navy.mil]
For my wrist, myself and lots of us geeks, use a Casio G-Shock (GW-700a) that updates its time from WWV three times a night. Its more accurate than the clocks at our local public DART train station. They are always four seconds slow.
I also have a great little Nixie clock kit that gets its info, not from WWV via radio, but from satellite GPS time. Its the dinky one at the bottom of the page. Looks fantastic though.
http://www.amug.org/~jthomas/clockpage.html [amug.org]
Re:I am into accurate time. (Score:2)
Re:I am into accurate time. (Score:2)
NTP does not just send a packet saying "Hey, here's the time." It compensates for this. You're thinking of the daytime [faqs.org] protocol -- early 1980s tech.
NTP v3 [faqs.org] (early 90s) is much more sophisticated.
Re:I am into accurate time. (Score:2)
Well at least they're precise!
One thing about accuracy... (Score:3, Insightful)
Also, one thing about the time on earth changing that I didn't realize before. Damming water is one of the few activities that has changed the rotation speed of the earth, I've been told. Because it collects large masses of water further from the equater.
And if you don't want to buy a GPS, the guy responsible for the NIST time standard at NIST Boulder says that syncing your clock once a day via phone from one of their services is good enough to be considered stratum 1.
One final time note... We used to hold our LUG meetings at NIST. One time during a meeting, their official digital clocks stopped for the better part of a minute, and then ran quickly to catch up.
Sean
Re:One thing about accuracy... (Score:2)
Do they have Mills' leap second stuff in there? (Score:4, Interesting)
Actually, synchronization is less important than it used to be, because more stuff is buffered. All three US television networks used to be locked together in frame sync to a master clock in New York, so that video sources could be switched without all the TV receivers rolling for a few frames. Now everything goes through frame buffers, so that's not an issue.
Similarly, US telephony used to be locked to a master clock in New Jersey, so that all the T1 lines ran in sync and bit for bit transfer worked. That's not as important as it used to be, with so many different transmission media, some synchronous and some packetized.
Re:I propose a new standard! (Score:2)
Re:In other words... (Score:2)
Re:screw this! (Score:2)
Re:screw this! (Score:2)
Re:time joke (Score:2, Funny)
A rather confident 007 walks into a bar and takes a seat next to a very attractive woman. He gives her a quick glance, then casually looks at his watch for a moment. The woman notices this and asks, "Is your date running late?" "No", he replies, "I am here alone. Q has just given me this state-of-the-art watch and I was just testing it." The intrigued woman says, "A state-of-the-art watch? What's so special about it?" "It uses alpha waves to telepathically talk to me," he