NTP – Network Time Protocol

Network Time Protocol is used to synchronize the time between various devices (clients) in a network as more applications (like precision manufacturing, real time – data, voice) depend on accurate time stamping by multiple systems to function. In this article, let us try to understand the Network Time Protocol better.

What is the Network Time Protocol (NTP)?

Every network device has an internal battery powered clock which is used to determine the time even when the device is powered off. Each device might be set to a different time (perhaps manually) and the network might be having various devices set to different times.

Network Time Protocol (NTP) is an IP based Protocol (running on UDP) that can synchronize distributed clocks, enabling all of them to show the same time with a variation of just a few milliseconds between them. With NTP, clients (computers, servers, routers, etc) can poll multiple NTP (source) servers and synchronize with what it thinks is the most accurate time server. One of the basic operation of an NTP Server is to enable accurate time stamping of data packets transferred between clients and servers, which is required in many real time applications on the network.

NTPv4 is the latest version of NTP and it supports IPv6 addressing along with increased poll interval (between clients and servers) for reducing network congestion. It also supports access control restrictions and encrypted authentication for additional security. SNTP (Simple Network Time Protocol) is a lightweight version of NTP which requires lesser resources, is less complex to implement and is backward compatible with NTP. This is mainly used in clients which are fine with a slightly lesser degree of (tolerable) accuracy.

Why is Network Time Protocol (NTP) required & what are its applications?

NTP is mainly required for applications running on heterogeneous sources that require highly synchronized time for coordinating with each other. For example, NTP might be required in network based precision manufacturing applications. But on a larger level, databases, back-up, security and many other applications that are distributed over multiple locations might require UTC (Universal Time Coordinated) time stamps to function properly.

Real Time Protocol (RTP) which is used to transport latency sensitive traffic like voice, video and multimedia on the network depends on accurate time stamps and hence requires NTP. If Time stamps are embedded into digital certificates, it becomes very difficult to replicate them and hence replay attacks, etc can be thwarted. Accurately synchronized time between various network devices is helpful for SIEM/ Security event investigations.

What are the components of Network Time Protocol (NTP) and how are they organized?

The primary component of an NTP Network is the Time Source. The NTP Servers receive accurate time info from atomic clocks using sources like Radio, GPS (satellite), etc. This level is called as Stratum 0. The next level consists of Public / LAN Time Servers that directly receive accurate time info from Stratum 0 Sources. This level is called Stratum 1. These can be servers / routers that can be directly connected to a GPS Source or publicly available Time Servers.

There can be multiple levels below these two primary levels and they consist of network devices like servers / routers / computers that are capable of transmitting accurate time information to the clients querying them.  Lower  level Time Servers can synchronize with a single or multiple higher level Time Servers in order to provide accurate time info to the clients connecting to it. These multiple lower level Time Servers are organized on an hierarchical basis so that all the clients do not directly query the stratum 1 servers, thereby overwhelming them.

NTP software clients can be downloaded & installed (or they come installed with base operating system) in individual computers/ servers and other network equipments. These clients periodically function in the background, querying the Time Servers and synchronizing their clocks as close to them as possible. Generally NTP requires very less processing/ bandwidth resources and can function on the background when other processes are running in the system.

The synchronization between NTP servers and clients can happen in multiple modes including Client-Server mode, Peer-Peer communication mode, multicast-broadcast-manycast mode, etc.

How do we implement a Network Time Protocol (NTP) Network?

For implementing an NTP network, three things might be required (at minimum) – Time Source (atomic time clock), Stratum 1 Source (Public / Private NTP Server), NTP Clients (software programs running on computers).

An Atomic time clock source (Stratum 0) is very expensive to implement inside a LAN and generally a publicly available source is shared for this purpose. In some rare applications that demand high levels of timing accuracy, such a source could be built inside a private network as well. For Stratum 1 NTP Server, either publicly available NTP Servers are used or private NTP servers/ specialized NTP appliances that are directly connected to a GPS / Radio source, are used. NTP clients can be downloaded and installed into network devices but they are already installed in many operating systems/ devices like routers, etc.

The decision to choose a public / private NTP server can be based on the level of time synchronization accuracy required for applications. Private NTP servers are more accurate and Public NTP servers are slightly less accurate (as they connect over Internet).

You could stay up to date on the various computer networking/ related IT technologies by subscribing to this blog with your email address in the sidebar box that says, ‘Get email updates when new articles are published’