Network Time Protocol (NTP)

Network Time Protocol (NTP)

Network Time Protocol (NTP) is a protocol used to synchronize computer clock times in a network. It belongs to and is one of the oldest parts of the TCP/IP protocol suite. The term NTP applies to both the protocol and the client-server programs that run on computers.

NTP, which was developed by David Mills at the University of Delaware in 1981, is designed to be highly fault-tolerant and scalable.

How does NTP work?

The NTP client initiates a time-request exchange with the NTP server. As a result of this exchange, the client is able to calculate the link delay and its local offset, and adjust its local clock to match the clock at the server’s computer. As a rule, six exchanges over a period of about five to 10 minutes are required to initially set the clock.

Once synchronized, the client updates the clock about once every 10 minutes, usually requiring only a single message exchange. In addition to client-server synchronization. This transaction occurs via the User Datagram Protocol on port 123. NTP also supports broadcast synchronization of peer computer clocks.

Features of NTP

NTP servers, of which there are thousands around the world, have access to highly precise atomic clocks and GPS clocks. Specialized receivers are required to directly communicate with the NTP servers for these services. It is not practical or cost-effective to equip every computer with one of these receivers. Instead, computers designated as primary time servers are outfitted with the receivers, and they use protocols such as NTP to synchronize the clock times of networked computers.

NTP uses Coordinated Universal Time (UTC) to synchronize computer clock times with extreme precision, offering greater accuracy on smaller networks — down to a single millisecond in a local area network and within tens of milliseconds over the internet. NTP does not account for time zones, instead relying on the host to perform such computations.

Network Time Protocol (NTP)
Network Time Protocol (NTP)

Stratum levels

Degrees of separation from the UTC source are defined as strata. A reference clock — which receives true time from a dedicated transmitter or satellite navigation system — is categorized as stratum-0; a computer that is directly linked to the reference clock is stratum-1; a computer that receives its time from a stratum-1 computer is stratum-2, and so on. Accuracy is reduced with each additional degree of separation.

In terms of security, NTP has known vulnerabilities. The protocol can be exploited and used in denial-of-service attacks for two reasons: First, it will reply to a packet with a spoofed source IP address; second, at least one of its built-in commands will send a long reply to a short request.

Why is NTP important?

Accurate time across a network is important for many reasons; discrepancies of even fractions of a second can cause problems. For example, distributed procedures depend on coordinated times to ensure proper sequences are followed. Security mechanisms depend on consistent timekeeping across the network. File-system updates carried out by a number of computers also depend on synchronized clock times.

Network acceleration and network management systems also rely on the accuracy of timestamps to measure performance and troubleshoot problems.