NTP (Network Time Protocol) provides accurate and syncronised time
across the Internet. This introductory article will try to show you how
to use NTP to control and synchronize your system clock.
NTP is organised in a hierarchical client-server model. In the top of
this hierarchy there are a small number of machines known as
reference clocks. A reference clock is known as
0 and is typically a cesium clock or a Global Positioning System
(GPS) that receives time from satellites. Attached to these machines
there are the so-called stratum 1 servers (that is, stratum 0
clients), which are the top level time servers available to the
Internet, that is, they are the best NTP servers available.
Note: in the NTP lingo measure for synchronization distance is
termed as stratum: the number of steps that a system lies from a primary
Following this hierarchy, the next level in the structure are the
stratum 2 servers which in turn are the clients for stratum 1
servers. The lowest level of the hierarchy is made up by stratum 16
servers. Generally speaking, every server syncronized with a stratum
n server is termed as being at stratum n+1 level. So, there
are a few stratum 1 servers which are referenced by stratum 2 servers,
wich in turn are refenced by stratum 3 servers, which are referenced by
stratum 4 and so on.
NTP servers operating in the same stratum may be associated with
others in a peer to peer basis, so they may decide who has the higher
quality of time and then can synchronise to the most accurate.
In addition to the client-server model and the peer to peer model, a
server may broadcast time to a broadcast or multicast IP addresses and
clients may be configured to synchronise to these broadcast time signals.
So, at this point we know that NTP clients can operate with NTP
servers in three ways:
- in a client-server basis
- in a peer to peer mode
- sending the time using broadcast/multicast
How does it work
Whenever ntpd starts it checks its configuration file (/etc/ntp.conf)
to determine syncronization sources, authentication options, monitoring
options, access control and other operating options. It also checks the
frequency file (/etc/ntp/drift) that
contains the latest estimate of clock frequency error. If specified, it
will also look for a file containing the authentication keys (/etc/ntp/keys).
Note that the path and/or name of these configuration files
may vary in your system. Check the -c command line option.
Once the NTP daemon is up and running, it will operate by exchanging
packets (time and sanity check exchanges) with its configured servers at
poll intervals and its behaviour will depend on the delay between the
local time and its reference servers. Basically, the process starts when
the NTP client sends a packet containing its timestamp to a server. When
the server receives such a packet, it will in turn store its own
timestamp and a transmit timestamp into the packet and send it back to
the client. When the client receives the packet it will log its receipt
time in order to estimate the travelling time of the packet.
The packet exchange takes place until a NTP server is accepted as a
synchronization source, which take about five minutes. The NTP daemon
tries to adjust the clock in small steps and will continue until the
client gets the accurate time. If the delay between both the server and
client is big enough the daemon will terminate and you will need to
adjust the time manually and start the daemon again.
Sample ntp.conf configuration file
#multicastclient # listen on default 126.96.36.199
# by default ignore all ntp packets
restrict 0.0.0.0 mask 0.0.0.0 ignore
# allow localhost
restrict 127.0.0.1 mask 255.255.255.255
# accept packets from...
restrict 192.168.100.125 mask 255.255.255.255
restrict 192.168.100.126 mask 255.255.255.255
restrict 192.168.100.127 mask 255.255.255.255
Take a look at references below to understand the configuration
stands for Network Time Protocol, and it is an Internet protocol used
to synchronize the clocks of computers to some time reference. NTP is
an Internet standard protocol originally developed by Professor David
L. Mills at the University of Delaware.
(Simple Network Time Protocol) is basically also NTP, but lacks some
internal algorithms that are not needed for all types of servers.
usually just advances. If you have communicating programs running on
different computers, time still should even advance if you switch from
one computer to another. Obviously if one system is ahead of the
others, the others are behind that particular one. From the perspective
of an external observer, switching between these systems would cause
time to jump forward and back, a non-desirable effect.
consequence, isolated networks may run their own wrong time, but as
soon as you connect to the Internet, effects will be visible. Just
imagine some EMail message arrived five minutes before it was sent, and
there even was a reply two minutes before the message was sent.
needs some reference clock that defines the true time to operate. All
clocks are set towards that true time. (It will not just make all
systems agree on some time, but will make them agree upon the true time
as defined by some standard.)
NTP uses UTC as reference time
is a fault-tolerant protocol that will automatically select the best of
several available time sources to synchronize to. Multiple candidates
can be combined to minimize the accumulated error. Temporarily or
permanently insane time sources will be detected and avoided.
is highly scalable: A synchronization network may consist of several
reference clocks. Each node of such a network can exchange time
information either bidirectional or unidirectional. Propagating time
from one node to another forms a hierarchical graph with reference
clocks at the top.
available several time sources, NTP can select the best candidates to
build its estimate of the current time. The protocol is highly
accurate, using a resolution of less than a nanosecond (about 2^-32
seconds). (The popular protocol used by rdate and defined in [RFC 868]
only uses a resolution of one second).
when a network connection is temporarily unavailable, NTP can use
measurements from the past to estimate current time and error.
(Universal Time Coordinated, Temps Universel Coordonné) is an official
standard for the current time. UTC evolved from the former GMT
(Greenwich Mean Time) that once was used to set the clocks on ships
before they left for a long journey. Later GMT had been adopted as the
world's standard time. One of the reasons that GMT had been replaced as
official standard time was the fact that it was based on the mean solar
time. Newer methods of time measurement showed that the mean solar time
varied a lot by itself.The following list will explain the main
components of UTC:
means that the time can be used everywhere in the world, meaning that
it is independent from time zones (i.e. it's not local time). To
convert UTC to local time, one would have to add or subtract the local
Coordinated means that several institutions contribute their estimate of the current time, and UTC is built by combining these estimates.
NTP on Unix and Windows 2000
In this example
we show, how to synchronize your Linux, Solaris and Windows 2000 Server
(Primary Domain Controller) with the Public NTP Time Server:
Location: Integrated Systems Laboratory, Swiss Fed. Inst. of Technology,
CH 8092 Zurich, Switzerland
Geographic Coordinates: 47:23N, 8:32E
Synchronization: NTP primary (DCF77 clock), Sun-4/SunOS 4.1.4
Service Area: Switzerland/Europe
Access Policy: open access
Contact: Christoph Wicki (firstname.lastname@example.org)
NTP client program ntpdate sets the system clock once. As real clocks drift, you need periodic corrections. Basically
you can run ntpdate in a cron job hourly or daily, but your machine won't be an NTP server then.
entry to update the system clock once a day
0 2 * * * /usr/sbin/ntpdate -s -b -p 8 -u 188.8.131.52
the time to be stepped using the settimeofday() system call, rather
than slewed (default) using the adjtime() system call. This option
should be used when called from a startup file at boot time.
the number of samples to be acquired from each server as the integer
samples, with values from 1 to 8 inclusive. The default is 4.
logging output from the standard output (default) to the system syslog
facility. This is designed primarily for convenience of cron scripts.
ntpdate to use an unprivileged port or outgoing packets. This is most
useful when behind a firewall that blocks incoming traffic to
privileged ports, and you want to synchronise with hosts beyond the
firewall. Note that the -d option always uses unprivileged ports.
all you have to download the NTP sources from www.ntp.org.
On RedHat Linux 7.0 / 7.1 the NTP server ntpd is already included
in the distribution.
The NTP server ntpd will
learn and remember the clock drift and it will correct it autonomously,
even if there is no reachable server. Therefore large clock steps can be
avoided while the machine is synchronized to some reference clock. In
addition ntpd will maintain error estimates and statistics, and
finally it can offer NTP service for other machines.
# Adjust time to make life
easy for ntpd
if [ -f /etc/ntp/step-tickers
echo -n $"Synchronizing with time server: "
/usr/sbin/ntpdate -s -b -p 8 -u \
`/bin/sed -e 's/#.*//' /etc/ntp/step-tickers`
# Start daemons.
echo -n $"Starting $prog:
[ $RETVAL -eq 0 ] &&
server 127.127.1.0 # local clock
server 184.108.40.206 # swisstime.ethz.ch (stratum 1)
multicastclient # listen on default 220.127.116.11
# /etc/rc.d/init.d/ntpd start
One of the quickest commands to verify that ntpd
is still up and running as desired is ntpq -p. That command will
show all peers used and configured together with their corner performance
# ntpq -p
refid st t when
poll reach delay offset jitter
LOCAL(0) LOCAL(0) 3
l 9 64 377 0.000
*swisstime.ethz. .DCFa. 1 u 17 64
377 25.088 -10.040 1.071
To obtain a current list peers of the server, along with
a summary of each peer's state. Summary information includes the address
of the remote peer, the reference ID (0.0.0.0 if this is unknown), the
stratum of the remote peer, the type of the peer (local, unicast,
multicast or broadcast), when the last packet was received, the polling
interval, in seconds, the reachability register, in octal, and the current
estimated delay, offset and dispersion of the peer, all in milliseconds.
# ntpq -c pee swisstime.ethz.ch
refid st t when poll
reach delay offset jitter
*GENERIC(0) .DCFa. 0
l 14 16 377 0.000
LOCAL(0) LOCAL(0) 6
l 13 64 377 0.000
sns2-tss2.unige lantime 2 u 323 1024 377
11.000 0.014 1.770
+nz11.rz.uni-kar .DCF. 1 u 40 64
376 353.290 18.088 17.120
xjane.planNET.de .DCFa. 1 u 80 256 377
125.050 -38.018 0.210
+sombrero.cs.tu- .GPS. 1 u 49 64
377 36.070 1.159 0.790
Be sure that there is an entry for the the
swisstime.ethz.ch server, and that there is an entry for your local net.
The "st" (stratum) column for the ITD time servers should be
"1" or "2", indicating that the time server are
stratum-1/2 servers, e.g. they obtain their time from stratum-1 servers,
which are directly connected to external time reference sources. If the
stratum for any server is "16" then this server is not
local st poll reach delay offset
3 64 377 0.00000 0.000000 0.00095
=cosmos.hsz.akad 18.104.22.168 16
64 0 0.00000 0.000000 0.00000
*swisstime.ethz. 192.168.138.29 1 128 377 0.02658
Configuration on Windows 2000 Workstation
Windows 2000 (Win2K) uses a time service, known as Windows
Time Synchronization Service (Win32Time), to ensure that all Win2K computers
on your network use a common time. The W32Time Service is a fully compliant
implementation of the Simple Network Time Protocol (SNTP) as detailed in
IETF RFC 1769. SNTP uses UDP port 123 by default. If you want to synchronize
your time server with an SNTP server on the Internet, make sure that port is
net time /setsntp:swisstime.ethz.ch
net start W32Time
You can also set the start option of the Windows Time Synchronization
Service (W32Time) to Automatic, so the service will start when
The registry values are located in the following registry key:
AvoidTimeSyncOnWan : REG_DWORD (optional)
Prevents the computer from synchronizing with a computer that is in
0 = the site of the time source is ignored [default]
1 = the computer does not synchronize with a time source that is in a
GetDcBackoffMaxTimes : REG_DWORD (optional)
The maximum number of times to double the backoff interval when
successive attempts to find a domain controller do not succeed. An
event is logged every time a wait of the maximum length occurs.
0 = the wait between successive attempts is always the minimum and no
event is logged
7 = [default]
GetDcBackoffMinutes : REG_DWORD (optional)
The initial number of minutes to wait before looking for a domain
controller if the last attempt did not succeed. 15 = [default]
LocalNTP : REG_DWORD
Used to start the SNTP server.
0 = do not start the SNTP server unless this computer is a domain
1 = always start the SNTP server
NtpServer : REG_SZ (swisstime.ethz.ch)
NtpServer : REG_SZ (optional) Used to manually configure the time
source. Set this to the DNS name or IP address of the NTP server to
synchronize from. You can modify this from the command line by using
the net time command. Value is blank by default
Period : REG_DWORD or REG_SZ
Used to control how often the time service synchronizes. If a string
value is specified, it must be one of special ones listed below.
0 = once a day
65535, "BiDaily" = once every 2 days
65534, "Tridaily" = once every 3 days
65533, "Weekly" = once every week (7 days)
65532, "SpecialSkew" = once every 45 minutes until 3 good
synchronizations occur, then once every 8 hours (3 per day) [default]
65531, "DailySpecialSkew" = once every 45 minutes until 1
good synchronization occurs, then once every day
freq = freq times per day
ReliableTimeSource : REG_DWORD (optional)
Used to indicate that this computer has reliable time.
0 = do not mark this computer as having reliable time [default]
1 = mark this computer as having reliable time (this is only useful on
a domain controller)
Type : REG_SZ
Used to control how a computer synchronizes.
Nt5DS = synchronize to domain hierarchy [default]
NTP = synchronize to manually configured source
NoSync = do not synchronize time
The Nt5DS setting may not use a manual configured source.
The Adj and msSkewPerDay values are used to preserve
information about the computer's clock between restarts. Do not manually
edit these values.
For further information about NTP in Windows/2000
For further information about NTP see