NTP (Network Time Protocol)
Introduction
NTP was developed to convey timekeeping information from accurate time servers to other time servers via the Internet. In addition, NTP
implements mechanisms to cross-check clocks and mitigate errors due to equipment or propagation failures.
NTP was developed to provide a method of synchronising computer system time clocks over a packet-based network, so built in are functions
designed to minimise the effect of jitter by providing a jitter buffer. NTP uses a refined version of Marzullo's algorithm
called the Intersection Algorithm used to select sources for estimating accurate time from a number of time sources that are noisy.
NTP supplies Coordinated Universal Time (UTC) only, it does not provide daylight saving hours or time zone information!
NTP provides the following:
- Clock offset - this is the amount to adjust the local clock to bring it into line with the reference clock.
- Roundtrip delay - a message can be sent to arrive at the reference clock at a predetermined time.
- Dispersion - is the maximum error of the local clock relative to the reference clock.
Each of these has two components:
- That determined by the peer relative to the primary reference source of standard time.
- That measured by the host relative to the peer.
NTP uses UDP for transport and port 123 for both source and destination.
Clock Synchronisation Algorithm
The clock synchronisation algorithm is used by the NTP client when synchronising its clock with an NTP server. The client needs
the Round Trip Delay Time and the Offset.
The Round Trip Delay Time is derived from the Request Packet Transmission (t0),
the Request Packet Reception (t1),
the Response Packet Transmission (t2) and
the Response Packet Reception (t3).
So this means that (t3 - t0) is the total time that a client waits between initially
transmitting the request and receiving a response from the server. Also, (t2 - t1)
is the time that the server took to respond after it had received the request. It follows therefore that on the network,
the round trip delay (δ) is given by δ = (t3 - t0) -
(t2 - t1).
The Offset (θ) is a value that is derived from looking at the difference between the request transmission trip time
(t1 - t0) and the response transmission time
(t2 - t3). Note that the response transmission time calculation gives a negative value.
The calculation θ = ((t1 - t0) + (t2 - t3))/2
provides the Offset which is the difference between the request and response trip times, divided by 2. Ideally this offset should be
as close to zero as possible for synchronisation to be correct, otherwise there is considered to be a bias in the system of
θ.
Strata
NTP uses the concept of Strata which is a hierarchical model describing the 'distance' that one clock source is from the
Reference Clock. You need this hierarchy because you could end up with clocks referencing each other in a cyclical
fashion. The Strata are as follows:
- Stratum 0 - atomic, GPS or radio clock such as Galileo that are atached solely to computers acting as Stratum 1 clocks
- Stratum 1 - computers called Time Servers that are attached to Stratum 0 clocks and provide time services
via NTP for Stratum 2 clocks
- Stratum 2 - Requests time information often from several Stratum 1 clocks and uses the Intersection Algorithm to
select the most favourable time. Stratum 2 clocks will also peer with other Stratum 2 clocks in order to further
increase the stability of the time information. Stratum 2 clocks act as servers for Stratum 3 clocks.
- Stratum 3 - Stratum 3 clocks behave like Stratum 2 clocks with peering and multiple server time comparisons for
robustness. Stratum 3 clocks provide services for Stratum 4 clocks. This repeats down the hierarchy for up to 256 strata.
Operation
NTP can work in broadcast mode or it can operate in a peer-to-peer mode. In peer-to-peer an association is built up between the peers
and this association can be one of five types on the host machine:
- Symmetric Active - messages are sent whatever the stratum or reachability of the peer, the host is willing to synchronise and be
synchronised. Intended for use by time servers operating near the end nodes (highest stratum).
- Symmetric Passive - messages are not sent, however if they are received from a Symmetric Active then an association is formed
provided that the peer is reachable and its stratum is equal to or lower than its own. For use by time servers
operating near the root nodes (lowest stratum).
- Client - messages are sent whatever the stratum or reachability of the peer, the host is willing to be synchronised but NOT to
synchronise.
- Server - the server responds to a client's message and then brings down the association. The server is willing to synchronise
with a peer but is NOT willing to be synchronised.
- Broadcast - messages are sent whatever the stratum or reachability of the peer, the host is willing to synchronise
with all peers but NOT be synchronised. Intended for operation on high-speed LANs with
numerous workstations and where the highest accuracies are not required.
NTP Version 3 Packet Format
NTP version 3 uses UDP for transport and the data field has the following format:
- Leap Indicator (LI) - warning of an impending leap second change:
- 00 - no warning
- 01 - last minute has 61 seconds
- 10 - last minute has 59 seconds
- 11 - clock not synchronised
- Version Number (VN) - NTP version number, in this case 011 (3).
- Mode - the mode that this association is using:
- 0 - Reserved
- 1 - Symmetric Active
- 2 - Symmetric Passive
- 3 - Client
- 4 - Server
- 5 - Broadcast
- 6 - Reserved for NTP control message
- 7 - Reserved for private use
- Stratum - The stratum level of the local clock:
- 0 - Not specified
- 1 - Primary reference such as a radio clock
- 2-255 - Secondary reference
- Poll Interval - The maximum interval between messages in seconds to the power of two.
- Precision - the precision of the local clock in seconds to the power of two.
- Root Delay - the total roundtrip delay to the primary reference source, in seconds with
fraction point between bits 15 and 16.
- Root Dispersion - the maximum error relative to the primary reference source, in seconds
with fraction point between bits 15 and 16.
- Reference Clock Identifier - Used mainly to detect and avoid synchronisation loops.
For stratum clocks 0 and 1 the following values are used:
| Stratum |
Code |
Meaning |
| 0 |
DCN |
DCN Routing Protocol |
| 0 |
NIST |
NIST public modem |
| 0 |
TSP |
TSP Time protocol |
| 0 |
DTS |
Digital Time Service |
| 1 |
ATOM |
Atom Clock (Calibrated) |
| 1 |
VLF |
VLF Radio |
| 1 |
Callsign |
Generic Radio |
| 1 |
LORC |
LORAN-C radio navigation |
| 1 |
GOES |
GOES UHF environment satellite |
| 1 |
GPS |
GPS UHF Satellite Positioning |
For stratum 2 or higher, the IP address is entered in this field.
- Reference Timestamp - the time that the local clock was last set or corrected.
- Originate Timestamp - the time that the request left the client host for the service host.
- Receive Timestamp - the time that the request was received by the service host.
- Transmit Timestamp - the time at which the reply left the service host for the client host.
- Authenticator - this is optional, this contains authentication information if NTP authentication is implemented.
A special time format has been designed for NTP. It uses 64 bits to represent the timestamp. These 64 bits are split into 32 bits
to represent the number of seconds 232 seconds is 136 years starting from January 1 1900; and the other 32 bits represent
a fraction of a second resolution of 2-32 which is 233 picoseconds.
NTP Version 3 Control Message
The NTP Control Message uses mode 6 and it is located after the UDP header. Its structure is as follows:
- Version Number (VN) - the NTP version number which is 3.
- Mode - The mode will be 6.
- R - Response bit, 0 for Commands, 1 for Responses.
- E - Error bit, 0 for Normal Response, 1 for Error Response.
- M - More bit, 0 for last fragment, 1 for all other fragments.
- Operation Code:
- 0 - Reserved
- 1 - Read status command/response
- 2 - Read variables command/response
- 3 - Write variables command/response
- 4 - Read clock variables command/response
- 5 - Write clock variables command/response
- 6 - Set trap address and port, command/response
- 7 - Trap Response
- 8-31 - Reserved
- Sequence - the sequence number of the command/response
- Status - this code displays the state of the peer or clock (see below)
- Association ID - this identifies a valid association
- Offset - this is the offset in octets of the first octet in the data field.
- Count - Length of the data field in octets.
- Data - up to 468 octets of data.
- Authenticator - this is optional depending on whether NTP authentication has been set up.
There are four words used in NTPv3 which appear in the Status field and these are as follows:
System Status Word
This appears in response to a read status or read variables command with a zero association identifier and has the following structure:
- Leap Indicator (LI) - warning of an impending leap second change:
- 00 - no warning
- 01 - last minute has 61 seconds
- 10 - last minute has 59 seconds
- 11 - clock not synchronised
- Clock Source - the current synchronisation source:
- 0 - unspecified
- 1 - Calibrated atomic clock
- 2 - VLF (band 4) or LF (band 5) radio
- 3 - HF (band 7) radio
- 4 - UHF (band 9) satellite
- 5 - Local net
- 6 - UDP/NTP
- 7 - UDP/TIME
- 8 - wristwatch
- 9 - telephone modem
- 10-63 - reserved
- System Event Counter - the number of system exception events since the last time the system status word was returned
in a response
- System Event Code - the latest system exception event:
- 0 - Unspecified
- 1 - System restart
- 2 - System or hardware fault
- 3 - System new status word
- 4 - System new synchronisation source or stratum
- 5 - System clock reset
- 6 - System invalid time or date
- 7 - System clock exception
- 8-15 - Reserved
Peer Status Word
This appears in the status field of a response to a read status, read variables or write variables command and has the following structure:
- Peer Status - the status of the peer based on the packet process, this has the following potential values:
- 0 - Configured
- 1 - Authentication enabled
- 2 - Authentication OK
- 3 - Reachability OK
- 4 - Reserved
- Peer selection - the status of the peer based on the clock selection process, this has the following potential values:
- 0 - Rejected
- 1 - Passed Sanity checks
- 2 - Passed Correctness tests
- 3 - Passed Candidate checks
- 4 - Passed Outlyer checks
- 5 - Current synchronisation source, maximum distance exceeded
- 6 - Current synchronisation source, maximum distance OK
- 7 - Reserved
- Peer Event Counter - the number of peer exception events that occurred since the last time the peer status
word was returned in a response or included in a trap message
- Peer Event Code - the latest peer exception event which can have one of the following values:
- 0 - Unspecified
- 1 - Peer IP error
- 2 - Peer authentication failure
- 3 - Peer unreachable
- 4 - Peer reachable
- 5 - Peer clock exception
- 6-15 - Reserved
Clock Status Word
This word can be considered an extension of the system status word or
the peer status word depending on whether the NTP host has a dedicated reference clock or a synthetic peer attached to it.
It has the following fields:
- Clock status - this can have one of the following values:
- 0 - normal operation
- 1 - Reply timeout
- 2 - Bad Reply format
- 3 - Hardware or software fault
- 4 - Propagation failure
- 5 - Bad date format or value
- 6 - Bad time format or value
- 7-255 - reserved
- Clock Event Code - this identifies the latest clock exception event
Error Status Word
An error status word is returned in the status field of an error response as the result of invalid message format or contents.
The E (error) bit is set along with the response (R) bit in the response. The 8 bit field can have the following values:
- 0 - unspecified
- 1 - Authentication failure
- 2 - Invalid message length or format
- 3 - Invalid opcode
- 4 - Unknown association identifier
- 5 - Unknown variable name
- 6 - Invalid variable name
- 7 - Administratively prohibited
- 8-255 - Reserved
NTP Version 4
RFC 5905 Describes NTP version 4 which has been written to support IPv6.
NTPv4 improves on NTPv3 and corrects certain bugs. NTP timestamp definitions have been expanded to encourage the use of
the floating double data type. This results in a time resolution better than one nanosecond, and the
frequency resolution is less than one nanosecond per second. There is also a new clock discipline algorithm that
reacts better to system clock hardware frequency fluctuations.
Poll intervals were up to 1024 seconds, which was the maximum with NTPv3. With NTPv4,
servers and clients are precise within a few tens of milliseconds with poll intervals up to 36 hours.
NTPv3's symmetric key authentication is used by NTPv4 but the Autokey Public Key
Authentication Scheme has been added to NTPv4 and is described in.
RFC 5906
NTPv4 uses the same associations as NTPv3 with a difference that the Broadcast association is split between Broadcast Server
(mode 5) and Broadcast Client (mode 6). There are two special associations, Manycast Client and Manycast
Server, which provide a dynamic server discovery function. There are two types of manycast client associations: Persistent and
Ephemeral. The persistent manycast client sends client (mode 3) packets to an IPv4 or IPv6 broadcast or multicast group address.
Manycast servers within range of the time-to-live (TTL) field listen for packets with that address. If
a server is suitable for synchronisation, it returns an ordinary server (mode 4) packet using the client's unicast address. Upon
receiving this packet, the client sets up an ephemeral client (mode 3) association.
The new clock discipline process controls the time and frequency of the system clock. Timestamps struck from the system clock
close the feedback loop that maintains the system clock time. Another process is the clock-adjust
process, which runs once each second to inject a computed time offset and maintain constant frequency. The RMS average of past time offset
differences represents the nominal error or system clock jitter. The RMS average of past frequency offset differences represents the
oscillator frequency stability or frequency wander.
There are now three NTP time formats, a 128-bit date format, the original 64-bit timestamp format, and a 32-bit short format.
The new 128-bit date format is used where sufficient storage and word size are available. It includes a 64-bit signed seconds field
spanning 584 billion years and a 64-bit fraction field resolving .05 attosecond (i.e., 0.5e-18). For convenience in mapping between
formats, the seconds field is divided into a 32-bit Era Number field and a 32-bit Era Offset field.
NTPv4 Header
The NTPv4 header has a few extra fields compared with NTPv3. The revised header is illustrated below:
NTPv4 is backwardly compatible with NTPv3, the main differences in the header occur after the Transmit Timestamp (which
forms the end of the Basic Header) are detailed at the end below:
- Leap Indicator (LI) - warning of an impending leap second change:
- 00 - no warning
- 01 - last minute has 61 seconds
- 10 - last minute has 59 seconds
- 11 - clock not synchronised
- Version Number (VN) - NTP version number, in this case 010 (4).
- Mode - the mode that this association is using:
- 0 - Reserved
- 1 - Symmetric Active
- 2 - Symmetric Passive
- 3 - Client
- 4 - Server
- 5 - Broadcast
- 6 - Reserved for NTP control message
- 7 - Reserved for private use
- Stratum - The stratum level of the local clock:
- 0 - Not specified
- 1 - Primary reference such as a radio clock
- 2-15 - Secondary reference via NTP
- 16 - Unsynchronised
- 17 - 255 - Reserved
- Poll Interval - The maximum interval between messages in seconds to the power of two (log2).
- Precision - the precision of the local clock in seconds to the power of two (log2).
- Root Delay - the total roundtrip delay to the primary reference source, in seconds using the NTP short format.
- Root Dispersion - the maximum error relative to the primary reference source, in seconds
in seconds using the NTP short format.
- Reference Clock Identifier - Used mainly to detect and avoid synchronisation loops.
For stratum clock 0 a four-character ASCII code is used called a Kiss Code
used for debugging. Packets that contain these codes are called KoD (Kiss 'o Death) packets, the codes are as follows:
| Code |
Meaning |
| ACST |
The association belongs to a unicast server |
| AUTH |
Server authentication failed |
| AUTO |
Autokey sequence failed |
| BCST |
The association belongs to a broadcast server |
| CRYP |
Cryptographic authentication or identification failed |
| DENY |
Access denied by remote server |
| DROP |
Lost peer in symmetric mode |
| RSTR |
Access denied due to local policy |
| INIT |
The association has not yet synchronized for the first time |
| MCST |
The association belongs to a dynamically discovered server |
| NKEY |
No key found. Either the key was never installed or is not trusted |
| RATE |
Rate exceeded. The server has temporarily denied access because the client exceeded the rate threshold. |
| RMOT |
Alteration of association from a remote host running ntpdc |
| STEP |
A step change in system time has occurred, but the association has not yet resynchronised |
| Xxxx |
User-defined codes may be used by placing the character X at the start. |
For stratum clock 1, one of a set of four-character ASCII codes are used. The standard codes are maintained by
the IANA. Below are IANA maintained codes:
| Code ID |
Clock Source |
| GOES |
Geosynchronous Orbit Environment Satellite |
| GPS |
Global Position System |
| GAL |
Galileo Positioning System |
| PPS |
Generic pulse-per-second |
| IRIG |
Inter-Range Instrumentation Group |
| WWVB |
LF Radio WWVB Ft. Collins, CO 60 kHz |
| DCF |
LF Radio DCF77 Mainflingen, DE 77.5 kHz |
| HBG |
LF Radio HBG Prangins, HB 75 kHz |
| MSF |
LF Radio MSF Anthorn, UK 60 kHz |
| JJY |
LF Radio JJY Fukushima, JP 40 kHz, Saga, JP 60 kHz |
| LORC |
MF Radio LORAN C station, 100 kHz |
| TDF |
MF Radio Allouis, FR 162 kHz |
| CHU |
HF Radio CHU Ottawa, Ontario |
| WWV |
HF Radio WWV Ft. Collins, CO |
| WWVH |
HF Radio WWVH Kauai, HI |
| NIST |
NIST telephone modem |
| ACTS |
NIST telephone modem |
| USNO |
USNO telephone modem |
| PTB |
European telephone modem |
For stratum 2 or higher, the IP address is entered in this field for IPv4 addresses or the first four octets of the MD5 hash of the IPv6 address.
- Reference Timestamp - the time that the local clock was last set or corrected.
- Originate Timestamp - the time that the request left the client host for the service host.
- Receive Timestamp - the time that the request was received by the service host.
- Transmit Timestamp - the time at which the reply left the service host for the client host.
- (Destination Timestamp) - the time at the client when the reply arrived from server. Note that this field is not on the wire
it is only inserted at the client buffer.
- Extension Field n - Optional capabilities such as Autokey public key authentication scheme.
- Key Identifier - the client and server use this to designate a secret 128-bit MD5 key.
- Message Digest - 128-bit MD5 hash computed over the key.
The Extension Field has the following structure:
The fields are as follows:
- Field Type - depends on the function
- Length - the minimum length of the Extension Field is 16 octets (4 words)
- Value - depends on the function
- Padding
NTPv4 has its On-wire Protocol that exchanges time values between servers, peers, and clients. It is
resistant to lost or duplicate packets and Data integrity is provided by the IP and UDP checksums.
The protocol uses timestamps, which are precision data either extracted from packet headers or struck from the system clock upon
the arrival or departure of a packet.
NTPv4 communication is either one-to-one or one-to-many. In IPv4 one-to-many means multicast (using the address 224.0.1.1)
or broadcast whereas in IPv6 it just means multicast (using the address :101).
NTP RFCs
NTP was originally described in RFC 958 before being replaced by
NTP version 2 in RFC 1119.
RFC 5905 - Documents the latest version NTPv4 which supplants NTPv3
( RFC 1305) as well as being backwards compatible with it.
RFC 5906 - Documents the Autokey public key
authentication scheme that NTPv4 can use.
Simple Network Time Protocol (SNTP)
SNTP is a subset of NTP, it general it differs in that it is not necessary to store the state over long periods.
SNTP has many similarities with UDP/TIME ( RFC 868).
The main changes from NTPv3 is accommodation for IPv6 and OSI addressing within the header and this is done in the same way as NTPv4.
The NTP and SNTP packet formats are the same, and the arithmetic operations to calculate the client time, clock offset, and
roundtrip delay are the same. To an NTP or SNTP server, NTP and SNTP clients are indistinguishable; to an NTP or SNTP client, NTP and SNTP
servers are indistinguishable. Like NTP servers operating in non-symmetric modes, SNTP servers are stateless and can support large
numbers of clients; however, unlike most NTP clients, SNTP clients normally operate with only a single server at a time.
SNTP clients should operate at the edge of the synchronisation tree and SNTP servers used as stratum 1 located next to a clock source.
SNTP uses UDP port 123 for the destination however unlike NTP, any UDP port can be used for the source port thereby providing
a method for distinguishing between clients.
RFC 4330 - describes SNTPv4 and replaces the previous
RFC 2030 on SNTPv4 and
RFC 1769 for SNTPv3.
|
