What is Network Time Protocol (NTP)? Well, it’s a network protocol used to synchronize clocks between computing systems over a packet switched network. It’s been around since the mid-1980s and was developed by David Mills at the University of Delaware; it is one of the oldest protocols still around on the Internet. NTP replaced other time synchronization technologies that didn’t have some capabilities to adjust time based on location of the time source or time server relative to the receiver or adjusting to the variation of delay found on typical data networks.
NTP has undergone a number of changes since its debut more than 30 years ago. NTP version 0 was defined in RFC 958 in September of 1985. NTPv0 was able to achieve time accuracy in the tens of milliseconds. In 1988, RFC 1059 defined NTPv1, which defined tuning of NTP for client server and peer to peer mode. In 1989, RFC 1119 defined NTPv2, which added things like a management protocol and an authentication scheme, which are still used in today’s version. RFC 1305, which came out in 1992, defined NTPv3. NTPv3 added additional error detection and analysis, which helps the client to choose between different tie sources. A broadcast mode was also introduced to help ease the distribution of time on a multi-access network. In 2010, RFC 5905 was published with the specifications for NTPv4 but was enhanced by RFC 7822 in March of 2016. NTPv4 is the current version of NTP. It maintains a lot of the same features of NTPv3 but adds support for IPv6 as the underlying network protocol. Authentication is also enhanced and gives the protocol greater security.
NTP uses a hierarchical system of time sources. Each level of the hierarchy is known as a stratum and is assigned a numeric value starting with zero (0). As you add times, sources and synchronize to a source higher in stratum (lower in numeric value), you add 1 to its stratum value. We can use the stratum value as a level of trust of the time source. Zero is the most trustworthy, and 15 is the least trustworthy but still a usable level. A stratum of 16 is unsynchronized and said to be insane. A level 16 stratum device is not a valid time source. NTP typically sends time in Coordinated Universal Time (also known as Universal Time Coordinated or UTC). Adjustment for local time can be done on the local time server or on the client device.
Standard deployment of NTP for an enterprise would be to source time from a trusted source such as a government time source. In the United States, the National Institute of Standards and Technology has times servers that we can synchronize to. At tf.nist.gov/tf-cgi/servers.cgi, you can find a list of time servers, their locations and IP addresses to point a time server to. Once you have gained time to a local time server and the stratum increments, you can then use that as a time source within the enterprise network. Routers and switches (Cisco and others) can then pull time from your local time server, and then they can become time sources from devices beyond them. Most major operating systems will support NTP including Windows. All versions of Windows since Windows 2000 have had Windows Time Service (W32Time) to synchronize time using NTP.
In today’s network, time can be synchronized within milliseconds or tens of milliseconds, but why? That depends! It depends on the applications used and their needs for time. It may be that having a “reasonable” clock may be good enough to know when an email was created and/or received. Time stamps on basic functions that are accurate to within 10s of milliseconds may suffice. The applications could be much more time sensitive. From a troubleshooting point of view, having a time stamp within milliseconds can help determine problems within the network. Think about transactional applications. Having more than a reasonable clock source for banking or other financial transactions is a must. One of the first applications to use NTP was for air traffic control, and as a frequent flyer, I’m glad to know that the software and hardware tracking our planes in flight have accuracy within milliseconds. This allows those tracking the flights to have a much better idea as to location of the aircraft and the proximity to others.
NTP is a protocol that has been around for over 30 years and still serves a purpose. It has become commonplace to have clocks, and we certainly depend on time. With NTP today, we can get more than a reasonable time source and get accuracy to the millisecond level. If you need something more accurate than that, look to Precision Time Protocol (PTP)…but that’s for another post.
Want to learn more? Check out these related courses:
TSHOOT - Troubleshooting and Maintaining Cisco IP Networks v2.0
SWITCH - Implementing Cisco IP Switched Networks v2.0
CIERS1 – Cisco Expert-Level Training for CCIE Routing and Switching v5.0