April 28, 2016

Network Time Keeps on Ticking with Long-Running NTP Project


The NTP Project develops the protocol standard used to communicate time between systems.

“Time is an illusion. Lunchtime doubly so.” This quote from The Hitchhiker’s Guide to the Galaxy is the title of a recent article by George V. Neville-Neil in the Communications of the ACM that takes an in-depth look at how time is kept for individual machines and across computer networks. The article mentions one approach to improving computer timekeeping that has been around since the 1980s: the Network Time Protocol (NTP).

According to Neville-Neil, “any discussion of time should center around two different measurements: synchronization and syntonization.” Synchronization, he says, is loosely defined as “how close two different clocks are to each other at any particular instant,” whereas syntonization “is the quality of the timekeeping of an individual clock.” Computers, like wristwatches, use quartz crystals as the basis of their internal timekeeping and cheaper crystals are less stable than expensive ones.

Judah Levine, a physicist in the Time and Frequency Division of the National Institute of Standards and Technology (NIST), explained it this way: “The price of these [commodity] systems is very important, and so the cheapest possible hardware components are used. This is especially true for the timing hardware because time accuracy is not specified for these systems, and most purchasers don't choose a system based on its timing accuracy.”

Levine added, “High-end systems have somewhat better clocks. The clock in a high-end server typically gains or loses about 2 seconds per day. However, this rate is pretty stable -- the stability is much better than the accuracy, so that programs like NTP, which correct for the frequency offset, can keep the system time within a few milliseconds of the correct time.”*

Keeping Time

NTP provides “nominal accuracies of low tens of milliseconds on WANs, submilliseconds on LANs, and submicroseconds using a precision time source such as a Cesium oscillator or GPS receiver,” according to the Network Time Synchronization Research Project website. “NTP is arguably the longest running, continuously operating, ubiquitously available protocol in the Internet,” the website says.

David L. Mills of the University of Delaware began designing the NTP software as a network time service around 1980 and, by 1985, had developed the first specification and publication of NTP.  Harlan Stenn, the current maintainer and release manager of NTP, began working with NTP around 1992 and in 2011 formed the Network Time Foundation (NTF). Stenn’s work is funded in part through a grant from The Linux Foundation’s Core Infrastructure Initiative (CII), which recently renewed the grant to Stenn for a third year.

The NTP Project currently develops the protocol standard used to communicate time between systems along with the software reference implementation of that standard. The resulting software and protocol specifications now keep time for tens of millions of computers around the world.

In a 2015 article for ACM Queue, called Securing the Network Time Protocol, Stenn wrote: “People just expect accurate time, and they rarely see the consequences of inaccurate time… Last year, NTP and our software had an estimated 1 trillion hours plus of operation. We've received some bug reports over this interval, and we have some open bug reports we would love to resolve, but in spite of this, NTP generally runs very, very well.”

According to a recent report to the community, the NTP Project has accomplished much over the past year -- publishing four NTP production releases containing many improvements. Additionally, Cisco recently had two of its internal teams audit the NTP source code, providing essential feedback and resulting in the hardening of NTP source.

I spoke with Susan Graves, NTF’s director of client experience, to find out more about the project’s challenges and goals.

What are the immediate challenges for the NTP project?

The main challenge is that (maintainer) Harlan Stenn is one person, and NTP needs more paid developers to help. We also need more volunteers/contractors for things like testing and documentation -- Harlan can't do it all. NTP has had Cisco, and others, reporting mostly very low severity security issues that have taken up 90 percent of Harlan's time to fix since October, 2015.

What are the future plans for the project?

NTS (Network Time Security) for NTP, which is in Draft version 12 with the Internet Engineering Task Force (IETF). The other plan is version 5 of NTP, which will include General TimestampAPI and some other protocol enhancements. We are also helping to author a NTP BCP (Best Common Practices) draft with the IETF. We're also looking to overhaul the NTP documentation and the NTP support website. We want more comprehensive Q/A tests, and access to a bigger "compile farm."

We're (NTF) building a new online home for the research papers by (NTP creator) Dave Mills, and we're looking to augment that "library" to include or point to other pertinent materials. Once we get these going, we can start in on a number of other projects we want to begin.

What other projects would you like to start on?

We want to build a proper testing laboratory, to test all aspects of network time distribution, including GPS simulators, highly accurate time sources so we can measure and improve timekeeping on computers that we also put in environmental chambers, as temperature affects the rate at which the internal clock in a computer counts time. This also includes lots of different network configurations, as well as security vulnerability testing.

According to Graves, the NTF is also looking at a “Certification and Compliance Program that covers traceable timestamps from the National Labs to each device that requires this time, for compliance, audit, and liability protection.”

Other NTF Projects

Along with NTP, the Network Time Foundation includes the following projects:

  • Ntimed Project -- Ntimed is a "tightly focused NTP implementation" for high security and high performance. According to the website, this work is largely the result of Poul-Henning Kamp’s decades of experience as an NTP Project Developer.

  • PTPd Project -- The PTP daemon (PTPd) Project implements the Precision Time Protocol (PTP) specification as defined by relevant IEEE 1588 standards. The project page states that PTPd can run on most 32- or 64-bit, little- or big-endian processors and is open source. It does not require a Floating Point Unit (FPU), is great for embedded processors, and currently runs on Linux, uClinux, FreeBSD, and NetBSD. According to the project page, PTP itself provides precise time coordination of Ethernet LAN connected computers and was designed mainly for instrumentation and control systems.

  • Linux PTP Project -- This is a Linux-focused software implementation of the PTP specification. Its stated goals are to provide the highest possible performance levels and to be a thoroughly robust implementation of the PTP standard.

  • RADclock -- The RADclock project (formerly known as TSCclock) aims to provide a new method for network timing. It can be used as an alternative to ntpd under FreeBSD and Linux.

  • General Timestamp API Project -- A typical timestamp usually includes a date and time, sometimes with fractional seconds. The General Timestamp project’s goal is define a new “timestamp structure” that will contain more information and be more useful. It also aims to develop an efficient and portable library API that will operate on these new timestamps.

If you’re interested in contributing to any of these projects, please check out their project pages for more information.

*Judah Levine’s personal opinions do not necessarily reflect the opinions of his employer.

Click Here!