|"Internet protocol suite|
Network Time Protocol (NTP) is a "networking protocol for "clock synchronization between computer systems over "packet-switched, variable-"latency data networks. In operation since before 1985, NTP is one of the oldest "Internet protocols in current use. NTP was designed by "David L. Mills of the "University of Delaware.
NTP is intended to "synchronize all participating computers to within a few "milliseconds of "Coordinated Universal Time (UTC).:3 It uses the "intersection algorithm, a modified version of "Marzullo's algorithm, to select accurate time servers and is designed to mitigate the effects of variable "network latency. NTP can usually maintain time to within tens of milliseconds over the public "Internet, and can achieve better than one millisecond accuracy in "local area networks under ideal conditions. Asymmetric "routes and "network congestion can cause errors of 100 ms or more.
The protocol is usually described in terms of a "client-server model, but can as easily be used in "peer-to-peer relationships where both peers consider the other to be a potential time source.:20 Implementations send and receive "timestamps using the "User Datagram Protocol (UDP) on "port number 123. They can also use "broadcasting or "multicasting, where clients passively listen to time updates after an initial round-trip calibrating exchange. NTP supplies a warning of any impending "leap second adjustment, but no information about local "time zones or "daylight saving time is transmitted.
In 1979, network "time synchronization technology was used in what was possibly the first public demonstration of "Internet services running over a trans-Atlantic satellite network, at the "National Computer Conference in New York. The technology was later described in the 1981 Internet Engineering Note (IEN) 173 and a public protocol was developed from it that was documented in "RFC 778. The technology was first deployed in a local area network as part of the Hello routing protocol and implemented in the "Fuzzball router, an experimental operating system used in network prototyping, where it ran for many years.
Other related network tools were available both then and now. They include the "Daytime and "Time protocols for recording the time of events, as well as the "ICMP Timestamp and IP Timestamp option ("RFC 781). More complete synchronization systems, although lacking NTP's data analysis and clock disciplining algorithms, include the Unix daemon timed, which uses an election algorithm to appoint a server for all the clients; and the Digital Time Synchronization Service (DTSS), which uses a hierarchy of servers similar to the NTP stratum model.
In 1985, NTP version 0 (NTPv0) was implemented in both Fuzzball and Unix, and the NTP packet header and round-trip delay and offset calculations, which have persisted into NTPv4, were documented in "RFC 958. Despite the relatively slow computers and networks available at the time, accuracy of better than 100 "milliseconds was usually obtained on Atlantic spanning links, with accuracy of tens of milliseconds on "Ethernet networks.
In 1988, a much more complete specification of the NTPv1 protocol, with associated algorithms, was published in "RFC 1059. It drew on the experimental results and clock filter algorithm documented in "RFC 956 and was the first version to describe the "client-server and "peer-to-peer modes. In 1991, the NTPv1 architecture, protocol and algorithms were brought to the attention of a wider engineering community with the publication of an article by "David L. Mills in the "IEEE Transactions on Communications.
In 1989, "RFC 1119 was published defining NTPv2 by means of a "state machine, with "pseudocode to describe its operation. It introduced a management protocol and "cryptographic authentication scheme which have both survived into NTPv4. ["citation needed] The bulk of the algorithms from this era have also largely survived into NTPv4.
In 1992, "RFC 1305 defined NTPv3. The RFC included an analysis of all sources of error, from the "reference clock down to the final client, which enabled the calculation of a metric that helps choose the best server where several candidates appear to disagree. Broadcast mode was introduced.
In subsequent years, as new features were added and algorithm improvements were made, it became apparent that a new protocol version was required. In 2010, "RFC 5905 was published containing a proposed specification for NTPv4, but the protocol has significantly moved on since then, and as of 2014, an updated RFC has yet to be published. Following the retirement of Mills from the "University of Delaware, the reference implementation is currently maintained as an "open source project led by Harlan Stenn.
NTP uses a hierarchical, semi-layered system of time sources. Each level of this hierarchy is termed a "stratum" and is assigned a number starting with zero at the top. A server synchronized to a stratum n server will be running at stratum n + 1. The number represents the distance from the reference clock and is used to prevent cyclical dependencies in the hierarchy. Stratum is not always an indication of quality or reliability; it is common to find stratum 3 time sources that are higher quality than other stratum 2 time sources. (Telecommunication systems use a different definition for "clock strata.) A brief description of strata 0, 1, 2 and 3 is provided below.
The upper limit for stratum is 15; stratum 16 is used to indicate that a device is unsynchronized. The NTP algorithms on each computer interact to construct a "Bellman-Ford shortest-path "spanning tree, to minimize the accumulated round-trip delay to the stratum 1 servers for all the clients.:20
The 64-bit timestamps used by NTP consist of a 32-bit part for seconds and a 32-bit part for fractional second, giving a time scale that "rolls over every 232 seconds (136 years) and a theoretical resolution of 2−32 seconds (233 picoseconds). NTP uses an "epoch of January 1, 1900 so the first roll over will be on February 7, 2036.
Future versions of NTP may extend the time representation to 128 bits: 64 bits for the second and 64 bits for the fractional-second. The current NTPv4 format has support for Era Number and Era Offset, that when used properly should aid fixing date rollover issues. According to Mills, "the 64 bit value for the fraction is enough to resolve the amount of time it takes a photon to pass an electron at the speed of light. The 64 bit second value is enough to provide unambiguous time representation until the universe goes dim."[note 1]
A typical NTP client will regularly "poll three or more servers on diverse networks. To synchronize its clock, the client must compute their time offset and "round-trip delay. Time offset θ is defined by
and the round-trip delay δ by
The values for θ and δ are passed through filters and subjected to statistical analysis. "Outliers are discarded and an estimate of time offset is derived from the best three remaining candidates. The clock frequency is then adjusted to reduce the offset gradually, creating a "feedback loop.:20
The synchronization is correct when both the incoming and outgoing routes between the client and the server have symmetrical nominal delay. If the routes do not have a common nominal delay, there will be a "systematic bias of half the difference between the forward and backward travel times.
The NTP "reference implementation, along with the protocol, has been continuously developed for over 20 years. Backwards compatibility has been maintained as new features have been added. It contains several sensitive algorithms, especially to discipline the clock, that can misbehave when synchronized to servers that use different algorithms. The software has been "ported to almost every computing platform, including personal computers.:13 It runs as a "daemon called "ntpd under Unix or as a "service under Windows.:15 Reference clocks are supported and their offsets are filtered and analysed in the same way as remote servers, although they are usually polled more frequently.:19
A less complex implementation of NTP, using the same protocol but without requiring the storage of "state over extended periods of time, is known as the Simple Network Time Protocol (SNTP). It is used in some "embedded devices and in applications where full NTP capability is not required.
The W32Time service was originally implemented for the purpose of the "Kerberos version 5 authentication protocol, which required time to be within 5 minutes of the correct value to prevent "replay attacks. The version in Windows 2000 and Windows XP only implements SNTP, and violates several aspects of the NTP version 3 standard. Beginning with "Windows Server 2003 and "Windows Vista, a compliant implementation of full NTP is included. Microsoft says that the W32Time service cannot reliably maintain sync time to the range of 1 to 2 seconds. If higher accuracy is desired, Microsoft recommends using a different NTP implementation.
Windows Server 2016 now supports 1 ms time accuracy under the certain operating conditions.
In 2004, Henning Brauer presented "OpenNTPD, an NTP implementation with a focus on security and encompassing a privilege separated design. Whilst it is aimed more closely at the simpler generic needs of "OpenBSD users, it also includes some protocol security improvements whilst still being compatible with existing NTP servers. It was originally designed for "OpenBSD but has a portable version available and that has been made available as a package in Linux package repositories.
A new NTP client, ntimed, was started by "Poul-Henning Kamp in 2014. The new implementation is sponsored by the "Linux Foundation as a replacement for the reference implementation, as it was determined to be easier to write a new implementation from scratch than to fix the existing issues with the large existing code base. As of June 2015, no official release was done yet, but ntimed can synchronize clocks reliably. ntimed works under "Debian and "FreeBSD, but remains to be ported to Windows and macOS.
NTPsec is a "fork of the reference implementation that has been systematically "security-hardened. The fork point was in June 2015 and was in response to a rash of compromises in 2014; as of 2017, the software is in "beta testing. Between removal of unsafe features, removal of support for obsolete hardware, and removal of support for obsolete Unix variants, NTPsec has been able to pare away 60% of the original codebase, making the remainder more auditable.
On the day of a "leap second event, ntpd receives notification from either a configuration file, an attached reference clock, or a remote server. Because of the requirement that time must appear to be "monotonically increasing, a leap second is inserted with the sequence 23:59:59, 23:59:60, 00:00:00. Although the clock is actually halted during the event, any "processes that query the system time cause it to increase by a tiny amount, preserving the order of events. If a negative leap second should ever become necessary, it would be deleted with the sequence 23:59:58, 00:00:00, skipping 23:59:59.
Several security concerns arose in late 2014. Previously, researchers became aware that NTP servers can be susceptible to "man-in-the-middle attacks unless packets are cryptographically signed for authentication. The computational overhead involved can make this impractical on busy servers, particularly during "denial of service attacks. NTP message spoofing can be used to move clocks on client computers and allow a number of attacks based on bypassing of cryptographic key expiration. Some of the services affected by fake NTP messages identified are "TLS, "DNSSEC, various caching schemes (such as DNS cache), BGP, Bitcoin and a number of persistent login schemes.
Only a few other security problems have been identified in the reference implementation of the NTP codebase in its 25+ year history, but the ones that have appeared recently are cause for significant concern. The protocol has been undergoing revision and review over its entire history. As of January 2011, there are no security revisions in the NTP specification and no reports at "CERT. The current codebase for the reference implementation has been undergoing security audits from several sources for several years now, and there are no known high-risk vulnerabilities in the current released software.
Several "NTP server misuse and abuse practices exist which cause damage or degradation to a Network Time Protocol (NTP) server.
NTP has been used in "distributed denial of service (DDoS) attacks. A small query is sent to an NTP server with the return address "spoofed to be the target address. Similar to the "DNS amplification attack, the server responds with a much larger reply that allows an attacker to substantially increase the amount of data being sent to the target. To avoid participating in an attack, servers can be configured to ignore external queries, or they can be upgraded to version 4.2.7p26 or later.
A "stack-based buffer overflow exploit was discovered and a patch is available as of December 19, 2014. This includes all NTP Version 4 releases before version 4.2.8. "Apple was concerned enough that it used its auto-update capability for the first time, though only for recent versions of "macOS. In the case of version 10.6.8 there are manual fixes for the server version, and normal "client" users can just turn off automatic time updating in System Preferences for Date & Time. Researchers["which?] believe that the protocol design is excellent and that the flaws are appearing in implementations of the protocol. Some errors are basic, such as a missing return statement in a routine, that can lead to unlimited access to systems that are running some versions of NTP in the root daemon. Systems that do not use the root daemon, such as BSD, are not subject to this flaw.
Primary servers and clients complying with a subset of NTP, called the Simple Network Time Protocol (SNTPv4) [...], do not need to implement the mitigation algorithms [...] The fully developed NTPv4 implementation is intended for [...] servers with multiple upstream servers and multiple downstream servers [...] Other than these considerations, NTP and SNTP servers and clients are completely interoperable and can be intermixed [...]