Resources > NTP Clock FAQs

Network Time Protocol (NTP) Clock FAQs

What is NTP?

Network Time Protocol (NTP) is a protocol that provides a reliable way of transmitting and receiving the time over TCP/IP networks. It has become the de facto standard for synchronizing Internet computers and other networked devices to Universal Coordinated Time (UTC), which is accomplished by having these devices reference a common time source – i.e., an atomic clock or a network time server (a.k.a. an “NTP server”). (NTP is defined in IETF RFC 1305.)

NTP uses port 123, which must opened on a firewall or router to ensure proper communication with the NTP server.

Note that when accessing a time server from this list be sure that it is designated for “open access.” View a list of public NTP time servers.

What is SNTP?

Simple Network Time Protocol (SNTP) is a simplified version of NTP, which is used in cases where a full implementation of NTP is not required. Because SNTP uses the same packet format as NTP, SNTP clients can utilize NTP servers. (SNTP is defined in RFCs 1361,2030 & 4330.)

SNTP is implemented on the PoE clock. By default, SNTP time synchronization is performed once per hour, which keeps the displayed time within 200 ms of actual time. (For more information on how to configure your clock for an SNTP server see How do I configure my PoE clock for an SNTP Time Server?)

What is International Atomic Time?

International Atomic Time is an international time standard derived from 200 atomic clocks in 50 national laboratories from around the world. The readings from these clocks are used to form the standard for Coordinated Universal Time (UTC), which governs global time-keeping.

Atomic clocks represent the top-level stratum of the NTP hierarchy.

What are Stratum?

The world of NTP is a hierarchy of reference clocks and time servers. At the top of the hierarchy are reference clocks known as stratum 0 time sources, which are typically atomic clocks or Global Positioning System (GPS) satellites.

A server that is linked to a stratum 0 device is called a stratum 1 server. The link itself is provided by a direct connection to the stratum 0 device (not via a network link), such as via WWV (high-frequency radio waves from NIST), GPS, or dial-up modem connection. Stratum 1 servers are the top level NTP servers available over the Internet.

Building on the NTP hierarchy, a stratum 2 server gets its time over the network from a stratum 1 server, a stratum 3 server from a stratum 2 server, and so on (up to stratum 15).

In essence then, the stratum defines the number of steps that a server is from a primary time source.

It’s also worth noting that NTP servers operating in the same stratum may be associated with one another in a peer-to-peer fashion. This is done so that a higher quality of time can be achieved and so that the servers can synchronize to the most accurate time setting amongst peers.

How do I configure my PoE clock for SNTP?

When your clock ships, it is preconfigured with an SNTP time server setting, which, depending on the vintage of the firmware, is one of the following:

  • ntp.inovasolutions.com
  • time.nist.gov (the default for older firmware versions)

Note: In some cases, at the customer’s request, Inova Solutions pre-configures clocks for another time server than those listed above.

Perform these steps to change your clock’s time server setting:

  1. Start a telnet session with the clock. (See How do I log into my clock to configure it? if you’re not sure how.)
  2. At the telnet command prompt (iclock />), type one of the following commands and press Enter:
Item Telnet command options
Time source, by IP address sntp -h xxx.xxx.xxx.xxx
where the xxx.xxx.xxx.xxx is the assigned static IP address of the time server. Note the space before and after -h.
Time source, by hostname sntp -h hostname
where hostname is the hostname of the time server. Note the space before and after -h.

Note: Because IP addresses change all the time, it’s wiser to use a hostname than a static IP address when referencing an NTP server on the Internet.

What's an Appropriate NTP Architecture?

As a general rule, it's wise to have an internal time server on your network to support your PoE clocks. This is particularly true if you are deploying a number of PoE clocks. Here are some reasons why this is important:

  1. If you have a large number of clocks independently referencing the same external time server, you may possibly run afoul of the external time server's network access policy (by accessing the time server more frequently than its open access policy allows).
  2. An internal time server reduces Internet traffic, and helps secure timekeeping on the network.

Secure timekeeping on the network is important because opening your network to NTP (port 123) traffic allows for the possibility of these types of hacker intrusions:

  • Sending too much data in the NTP packet, thus causing the NTP service to become overloaded and resulting in a denial of time services attack.
  • Sending specially constructed packets that essentially "take over" machines within your network (by using the same privileges as the NTP service running on those machines) and, in so doing, allowing the intruder to mask the break-in by resetting the time on those machines, making it impossible to effectively reconstruct the exact sequence of events that lead to the break-in.

By deploying your own internal time server, which alone references an external time source or time server (i.e., typically a stratum 2 server), you can construct the most robust form of NTP architecture for the PoE clocks on your network. You can also minimize the amount of network management required to accomplish the goal of secure and accurate timekeeping.

Download the PDF

Download the white paper

 

Bookmark and Share

Find more information about NTP:

All contents are Copyright © 2004-2011 Inova Solutions, Inc. All rights reserved.