NTP's Fate Hinges On 'Father Time' - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
IT Life
News
3/11/2015
06:06 PM
Connect Directly
Twitter
RSS
E-Mail
100%
0%

NTP's Fate Hinges On 'Father Time'

The Network Time Protocol provides a foundation to modern computing. So why does NTP's support hinge so much on the shaky finances of one 59-year-old developer?

(Image: 237607 via Pixabay)

(Image: 237607 via Pixabay)

Why Synchronizing Time Matters

Every computer has a clock, but in general computers "are known to have bad clocks," said John Engates, CTO of Rackspace, in talking about NTP. Getting two computers to agree on the time can be difficult. The NTP protocol has, for 30 years, consulted the best clocks available and derived a consensus time, which it then imposes across a mapped hierarchy of servers and their client PCs.

Greenwich Mean Time is a known source of reliable time, as is the US Naval Observatory. Their time is based on the solar day -- the time it takes for the earth to complete one 24-hour, 360-degree rotation while in orbit around the sun. NTP consults UTC or Universal Coordinated Time, which is Greenwich Mean Time expressed in the military's 24:00:00 hours terms.

On a daily basis, NTP also consults atomic clocks, which tick off precise seconds based on radioactive Cesium-133 decomposition. A GPS receiver can be tied into an NTP server, and use the transmission of a GPS satellite to get the correct atomic time. A GPS satellite has three atomic clocks, so if one falls out of synch, the other two can overrule it and keep the system on track. For GPS time to be off by a billionth of a second means its answer to a location query will be off by a foot. So GPS relies on precisely counted time, not the solar day.

NTP's job is, in some ways, simple: Consult UTC and atomic clocks and come up with the correct time. But, as Engates said, "Time gets complicated fast."

The solar day varies slightly from year to year. The earth wobbles. Tidal friction slows the earth's rotation by a tiny fraction of a second each year. Geophysical events, like the huge earthquake in 2004 in the Indian Ocean, cost the earth's rotation another fraction of a second. GMT and UTC account for these changes with leap seconds; atomic clocks do not. Currently, there's a 35-second gap between the two.

NTP can referee those differences, allowing it to synchronize operations as computer systems grow larger and more distributed. The Internet wouldn't function as well without it. Network Time Protocol doesn't just determine the correct time, but implements synchronized time between two systems. NTP software on a client or remote server asks an NTP reference server for a time check. The NTP software on the requestor captures how long it took for the query to reach its destination, and adds that amount of time to the time stamp that comes back.

Despite variances in traversing a network due to congestion and other causes, this NTP process will usually leave two systems coordinated to within 10 milliseconds (10 thousandths of a second) of each other. If the two are on the same campus network, the adjustment is likely to be within one thousandth of a second or less.

That's not as precise as what can be achieved with Precision Time Protocol, an IEEE standard released in 2002. But NTP is already in place, with proven reliability, and it's easy to use. "Basic configurations [of an NTP server] involve no more than a few statements," wrote Peter Rybaczyk in his book, Expert Network Time Protocol. Even PTP starts with NTP, then tries to make it more precise.

NTP has another point in its favor: A strong record on security (so far). It's a protocol whose misuse could corrupt and cause the failure of manufacturing systems, chemical processing, financial markets, and satellite communications. Its reliability is tied to billions of dollars of transactions a day; the NTP time stamp is one of the few ways equities firms have of proving to regulators they were in compliance of making a trade when they said they did. So far, it has withstood the danger of being hacked.

The Heartbleed vulnerability in OpenSSL opened the open source community's eyes to the threat from benign neglect of these foundational elements of the computing world and the Internet. As with Secure Sockets Layer, the Linux Foundation views NTP as critical to the continued reliability of both Linux and the Internet.

Next Page: NTP on shaky financial ground

Charles Babcock is an editor-at-large for InformationWeek and author of Management Strategies for the Cloud Revolution, a McGraw-Hill book. He is the former editor-in-chief of Digital News, former software editor of Computerworld and former technology editor of Interactive ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Previous
3 of 5
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Page 1 / 4   >   >>
akostadinov
50%
50%
akostadinov,
User Rank: Apprentice
8/18/2015 | 10:50:33 AM
alternatives
chronyd anybody? (chrony.tuxfamily.org)

works better at least for some use cases...

Competition is good, otherwise things rot anyway.
kstaron
50%
50%
kstaron,
User Rank: Ninja
3/25/2015 | 3:52:11 PM
So the people using it aren't wiling to pay?
Can I guess that by the lack of this guy's wallet, that the companies who claim to care, like Google, have not stepped up and given the the guy funding to make sure the clock keeps ticking? If he has not yet, I would suggest he approach each of the companies that uses NTP and tell them it's in danger of being unsupported without financial backing. Wake up the guys who use it and let them know the free ride is about over.
Charlie Babcock
50%
50%
Charlie Babcock,
User Rank: Author
3/23/2015 | 11:51:33 PM
Has this issue kept you up late at night?
This may not be something you've worried about lately, but the 32-bit counter in the Network Time Protocol's time stamp is able to designate any second that's occurred since Jan.1, 1900. The only thing bad about covering such an expanse of time is that the counter runs out of numbers sometime in 2036. Like I said, maybe you haven't worried about it -- yet. Harlan Stenn is up late at night thinking about the solution... Better keep him on the case.
Charlie Babcock
50%
50%
Charlie Babcock,
User Rank: Author
3/18/2015 | 1:46:40 PM
Just a minute, Mr. Gigabob
Your answer is straightforward, Mr. Gigabob, except for the part about how we've had for years many companies with a vested interest in sychronizing time and they haven't done what you say should happen.
Mr. Gigabob
50%
50%
Mr. Gigabob,
User Rank: Strategist
3/18/2015 | 12:45:27 PM
Re: Is there really a problem?
The process is straightforward - an industry group with a vested interest steps in and enlists support from an eco-system by starting a "Time Committee" with contributions from those organizations in the form of team members and fiscal backing levels.  DLNA, USB, WiFi all started this way as a prelude to creating and adopting a standard.  The more groups the get behind supporting NTP - the more that will build in NTP into their systems.  

Ideally, increased investment in time synchronization for security, log management and other roles will add many paths to orbiting atomic clocks in GPS satellites to increase accuracy of NTP so it eclipses PTP - Precision Time Protocol (IEEE1588).

NTP and PTP approach the problem from different angles.  PTP uses hardware to provide a precise local clock with accuracy to 100ns and very little software sophistication.  NTP uses software and statistics to get time from local motherboards and other sources then distribute across a network.  Accuracy varies widely from micro-seconds to 10's of milliseconds, as distribution delays across shared network links are impacted by busy workloads.  Until there is a ubiquity of precision time sources available with known latency, we need both.

As an example of industry standard support - suppose members of the "TIME ASSOCIATION" included all the major home network router vendors.  Their support for NTP might include some local intelligence and a dedicated port channel for distributing time information that would have a prioritezed Quality of Service level enabling it to consistently provide microsecond accuracy in the home.  This would be advertised as a selling point and if embraced by users would prolieferate across the Customer Premises landscape.

Ironically we have access to precision time in to 100ns today.  Everyone with a GPS chip in their mobile phone leverages the GPS time in the orbiting satellites.  Perhaps it is time to codify that into a new standard.
pzjones
50%
50%
pzjones,
User Rank: Apprentice
3/18/2015 | 12:28:30 PM
Demonstrates change in motivation
I think this article clearly demonstrates what attracts people to IT now is not what drove many of us into IT 20+ years ago. It wasn't about the "job" or the "salary." It was about the love of this new technology, about being a pioneer in this industry, about collaboration, about conquering and innovating.

 It was nice that it came with a salary but that wasn't the driving force. I've seen many come because they thought they would make the big bucks but didn't have the heart or the passion and now they have gone...some stick around because "it's a job" and they don't want to go back to school. For those like Stenn, it is much more than that...it's in the blood. We need to figure out how to ignite that fire in the younger generation that has come to rely on technology without a desire to be part of it.
Charlie Babcock
50%
50%
Charlie Babcock,
User Rank: Author
3/17/2015 | 2:07:46 PM
You're right, Cesium-133 is stable, not decomposing
mbperezpinilla, A second as measured by an atomic clock is "9,192,631,770 cycles of radiation" reflecting the transition in energy levels of the Caesium-133 atom, according to the International System of Units. I didn't realize radiation in this case doesn't mean (ouch) radioactive. I've always thought atomic cloicks were using a measure of radioactive decomposition as a precise time-keeper. Instead, it's vibrations of the stable Cesium-133 atom that's keeping the beat. It's Cesium-137, used in medical imaging, that's radioactive. Oh boy, time to brush up on my physics.

 

 
mbperezpinilla
50%
50%
mbperezpinilla,
User Rank: Apprentice
3/17/2015 | 7:07:24 AM
Radioactive Cesium-133???
Cesium-133 is the only stable isotope of Cesium!
vorlonken
50%
50%
vorlonken,
User Rank: Apprentice
3/16/2015 | 1:28:34 PM
Here's the proper solution
Author: "So, Mr Stenn, what will you do if huge companies like Google, Microsoft, IBM, Apple, Cisco, Intel, etc don't start contributing? They could each donate $10 million/year with the change culled from under the driver's seat of the CEO!" Stenn: (shrugs) That's how the article should end. I hope everyone out there got my very unsubtle reference.
Susan_Nunziata
50%
50%
Susan_Nunziata,
User Rank: Strategist
3/16/2015 | 7:48:06 AM
Re: Is there really a problem?
@Gigabob: Your comment caught my eye, especially this: creating a better vehicle to support critical open source protocols like NTP.

Having been thru a similar experience yourself, what would you say is required to create such a vehicle for NTP (and other critical open source projects).

 

 
Page 1 / 4   >   >>
Slideshows
Data Science: How the Pandemic Has Affected 10 Popular Jobs
Cynthia Harvey, Freelance Journalist, InformationWeek,  9/9/2020
Commentary
How to Eliminate Disruptive Technology's Risk
Andrew Froehlich, President & Lead Network Architect, West Gate Networks,  8/31/2020
News
How Analytics Helped Accenture's Pandemic Plans
Jessica Davis, Senior Editor, Enterprise Apps,  9/1/2020
White Papers
Register for InformationWeek Newsletters
2020 State of DevOps Report
2020 State of DevOps Report
Download this report today to learn more about the key tools and technologies being utilized, and how organizations deal with the cultural and process changes that DevOps brings. The report also examines the barriers organizations face, as well as the rewards from DevOps including faster application delivery, higher quality products, and quicker recovery from errors in production.
Video
Current Issue
IT Automation Transforms Network Management
In this special report we will examine the layers of automation and orchestration in IT operations, and how they can provide high availability and greater scale for modern applications and business demands.
Slideshows
Flash Poll