Expert Network Time Protocol

Ben Rothke writes "If you review the thousands of Internet RFCs, you'd be hard pressed to find a protocol that lends itself to philosophical overtones, save for one -- the Network Time Protocol (NTP). The nature of time is abstract, difficult to measure and highly subjective. Yet time is a critical element in everyone's life, and in the effective operations of corporate networks." Read on for the rest of Rothke's review. Expert Network Time Protocol: An Experience in Time with NTP author Peter Rybaczyk pages 176 publisher Apress rating 9 reviewer Ben Rothke ISBN 1590594843 summary Expert Network Time Protocol is a fascinating look into NTP, and the stories behind the science

NTP is built on top of the TCP/IP protocol suite and is used to ensure accurate time-keeping with a trusted time reference. These references can be radio signals, GPS satellites, atomic clocks, Internet-based time servers and more. NTP is powerful enough to synchronize network clocks with millisecond accuracy.

In Expert Network Time Protocol: An Experience in Time with NTP, Peter Rybaczyk merges the philosophical aspects of time with the nuts of bolts of the NTP protocol. The book is composed of two parts, the first concerned with the meta-philosophy of time, and the second detailing the inner workings of NTP. The attempt in part one to merge technology and science with philosophy is a daunting task, and most often does not succeed. The notable exception to this is Douglas Hofstadter's Gödel, Escher, Bach: An Eternal Golden Braid.

Rybaczyk creates Sam, a fictional character who walks through the history of time. It is unclear who this Sam is -- whether he is supernatural being, or someone who got root on a time server. The author writes that the transcendental nature of time and the nuts and bolts of NTP are inseparable, but I personally found it difficult to determine what message part one was meant to convey. Fortunately, part one takes up but the first 34 pages.

Where the book shines, and where most readers will find value, is in part two, which details how to effectively design, configure, deploy and operate NTP. Where part one is conceptual, part two is extremely practical. Chapter 3 opens up with a comprehensive overview of the what, how and why effective time-keeping via NTP is needed.

The book details from a business perspective why synchronized and accurate time is a universal need. From transactional integrity, airline departures, sporting events, job shift changes, to FedEx pickups and more, nearly every activity requires time synchronization to work at peak levels. Effective network administration also requires time synchronization for network login procedures, directory synchronization, backups, and routing stability to work accurately.

From an information security perspective, password and digital ID synchronization, log file accuracy and auditing, and access control security are just a few of the areas where correct time can mean the difference between success and failure.

Where time synchronization is crucial, though, is in the realm of digital forensics. An otherwise painstaking digital forensic process might be worthless if time-related evidence from network devices is not correctly synchronized. If network devices are not correctly synchronized, you can basically forget about using them in any type of legal case.

Attorney Ronald Coleman, partner and computer law litigator at the New Jersey-based Coleman Law firm explains that in a computer law case involving serious discrepancies in network log times, the prosecution would conceivably drop the case. Similarly, a civil case to recover damages from an attacker is seriously undercut by these seemingly innocuous timing mistakes. "The network managers' lack of diligence at ensuring that the time was synchronized on their systems," explains Coleman, "opens them up to serious questions in front of a jury as to whether the logs and the system data are reliable at all -- especially with a gap of more than a couple of minutes, which might be explained away by which clocks were being relied on." In fact, an error of this magnitude would make the entire network administration suspect. That could be a disaster, Coleman says, where the network tracing record plus the human beings who sloppily set the automation in motion are going to be the chief sources of evidence against the alleged computer criminal. "A snafu such as seriously unsynchronized logs is just the sort of opening that could raise the level of doubt needed to undermine the other side's case."

Chapter 3 concludes with an interesting look at the cutting edge of time protocols, specifically the Interplanetary Internet. The Interplanetary Internet project is an attempt to synchronize computer time within the realm of deep space. NASA will in due time establish a deep space infrastructure whose purpose is to support the communication needs of multiple missions. Such an infrastructure would require time synchronization, but within a radically different framework from what exists today. The Interplanetary Internet and its underlying time synchronization are intended to solve that.

Chapter 4 brings the reader back to earth and provides vital information about how to design an effective NTP architecture. The key to designing the most appropriate NTP architecture for a given infrastructure is to first understand the different modes that NTP devices can operate in. The chapter details the five different NTP modes, the mode categories, and gives configuration information about each mode.

The chapter also provides information about NTP security. While NTP versions 3 and 4 provide added security (including symmetric private key cryptography and support of the Autokey protocol), it is ultimately up to the organization to determine what level of NTP security they need. Those organizations that don't require accurate time won't need much NTP security. But for those organizations who business requires synchronized and accurate time, such issues will drive the implementation of how they deploy NTP and its security functionality.

Chapter 5 details how organizational motivations (again, from a business perspective) will affect how you design your NTP architecture, and then describes several use scenarios. The book notes that designing an effective NTP deployment is a process that embodies four key steps: choosing a time source, deciding upon the NTP topology, determining the NTP features to configure, and then monitoring and managing the NTP operations. The chapter then goes on to describe various ways these steps can be carried out. The chapter provides a comprehensive overview on how to deploy NTP, be it on a dedicated time server, via already deployed products such as Cisco or Juniper routers, or on Unix/Linux/Windows file servers.

It is important to note that NTP is just the protocol. The actual implementation of NTP requires separate software client and server applications. The book focuses on the protocol and does not get into any specific vendors, other than a few screen shots from the configuration menu of a Symmetricom time server.

The author notes that on the surface, NTP is simple and almost inconspicuous, and overshadowed by better-known protocols such as HTTP, FTP and DNS. But once you start digging into NTP, you are dealing with one of the most pervasive elements of existence, namely time. Within NTP's scope, one could be dealing with atomic clocks, GPS satellites, clock selection, encryption algorithms and much more. So while at its heart, NTP may be a simple protocol, there is a complex infrastructure beneath it.

NTP is one of the most fundamental, yet overlooked services in the TCP/IP suite, and time synchronization is one of the most overlooked areas in networking. Hopefully, a book such as this can spark a renaissance. For far too long, time synchronization has not been afforded due diligence, and the effects have at times been disastrous. A view of the archives of the Risk Forum digest attests to this fact.

After a somewhat murky start in part one, Expert Network Time Protocol: An Experience in Time with NTP provides the reader with a superb synopsis of nearly everything he needs to know about NTP and effective time synchronization on his network, from an experienced implementer in the field. It is a fascinating look at one of the most humble, yet fundamental protocols on the Internet. For those who care about the correct time on their network, this book is required reading.

Ben Rothke, CISSP is a New-York based security consultant with ThruPoint, Inc. and the author of Computer Security: 20 Things Every Employee Should Know. He can be reached at ben@rothke.com You can purchase Expert Network Time Protocol: An Experience in Time with NTP from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

I thought I had time to read this

But I just synched my clock and it turns out I'm ten minutes behind.

Re:I thought I had time to read this

[utopianfiat]

sucks when you're using a process that uses "gettimeofday" to time itself, such as xscreensaver.
I recall when something hosed my system and set my clock back to 1970, and I used NTP which caused xscreensaver to realize that 120 seconds past 1970 was DEFINITELY at least 10 minutes earlier than January 15th, 2005

Re:I thought I had time to read this

[BlogPope]

If time is relative, it follows that time is also subjective.

Re:I thought I had time to read this

[gafisher]

It would be shorter without the minute details.

Can I get a cliff's notes version of the review...

[EvilTwinSkippy]

It was far too long and I have far too little time to read it.

Minor correction

[Bandito]

NTP is built on top of the TCP/IP protocol suite and is used to ensure accurate time-keeping with a trusted time reference.

Ummm, doesn't NTP run over UDP?

Re:Minor correction

[EvilTwinSkippy]

UDP and TCP are part of TCP/IP. (Just a question of whether we are working on level 3-4 or 4-5 on our OSI model.)

Re:Minor correction

[Nonillion]

That's what I thought. I use NTP deamons all the time, I always edit etc/ntp.conf to fetch the time from several time servers.

Re:Minor correction

[TeknoHog]

At least rdate uses TCP by default, and UDP is optional.

Re:Minor correction

[fo0bar]

> > NTP is built on top of the TCP/IP protocol suite and is used to ensure accurate time-keeping with a trusted time reference.
> Ummm, doesn't NTP run over UDP?

The term "TCP/IP protocol suite" is somewhat of a misnomer. It is a network model that is comprised of:
* Application (OSI layers 5-7)
* Transport layer (OSI layer 4)
* Internetwork layer (OSI layer 3)
* Network Interface layer (OSI layers 1 & 2)

As such, UDP is a Transport layer protocol of the TCP/IP network model. Fun, ain't it?

Re:Minor correction

[pe1chl]

But rdate does not use the NTP protocol...

Re:Minor correction

[Botia]

As such, UDP is a Transport layer protocol of the TCP/IP network model.

A square is a polygon and a pentagon is a polygon. However, this does not make a pentagon a square.

Re:Minor correction

[Dr.+Evil]

Yeah, that's a pet peeve. TCP/IP has nothing to do with OSI, but Cisco and other stupid certification mills would have you believe otherwise. There are many similarities, but there are just enough differences to cause serious confusion over the technical details.

Re:Minor correction

[Directrix1]

There is UDP/IP and TCP/IP.

Re:Minor correction

[jonadab]

UDP and ICMP, in addition to IP and TCP, are generally considered to be part of the TCP/IP protocol suite, but for some odd reason nobody wants to call it the TCP/UDP/ICMP/IP Protocol Suite (TCPUDPICMPIPPS) every time it is discussed, so we usually just call it TCP/IP. As a rule, if someone says just "TCP" or just "IP", they're talking about that specific protocol, but if they say TCP/IP, they're talking about the entire suite. HTH.HAND.

Re:Minor correction

[WAR-Ink]

You are getting mired in the real. This book is clearly intended to be a surreal examination of the philosophy of time.

Besides, TCP/123 is assigned to NTP and anybody who wants to is more than welcome to use it.

So free your mind...become one with the book to attain a higher level of NTP protocol.

Re:Minor correction

[e2d2]

Actually OSI layers 1 and 2 are the physical and data-link layers respectively. Not related to TCP/IP.

But this is all academic. Let's talk about boobies, err, I mean NTP.

Re:Minor correction

[Directrix1]

As a rule, if someone says just "TCP" or just "IP", they're talking about that specific protocol, but if they say TCP/IP, they're talking about the entire suite
No that means they are talking about TCP on top of IP. IP being the protocol to get from IP-address A to IP-address B. TCP being the stateful protocol that ensures data's arrival/correctness on a particular port.

Re:Minor correction

[joto]

There is UDP/IP and TCP/IP

No, there isn't. In common parlance, TCP/IP means all kinds of network protocols running on top of IP, such as TCP, UDP, ICMP, and others. If you specifically mean only TCP, then you just say TCP, not TCP/IP.

Re:Minor correction

[joto]

No, jonadab was correct. foldoc link

Re:Minor correction

[EvilTwinSkippy]

Bugger. I guess I'm going to need a seperate ISP feed if I want to use both networks the same time.

Re:Minor correction

[sfraggle]

"TCP/IP" is a misleading term. UDP is based on IP and so is TCP. When someone refers to "TCP/IP" they really mean anything built on IP. A better name might be "TCP/UDP/IP".

Re:Minor correction

[Directrix1]

Well, there is a UDP/IP defined a little later in the RFC, but you're right there is also the TCP/IP Protocol Suite which is the combination of them all. So, I guess technically UDP is part of TCP/IP. But even the RFC on TCP/IP says:

A more accurate term is "internet technology".

Which I would assume would imply that they thought that the clumping together of TCP/IP was kind of misleading.

Re:Minor correction

[fo0bar]

Actually, the cisco training mentality has changed a lot recently. Compare:

CCNA 640-607: OSI is king! OSI is everywhere! If something doesn't conform to the OSI model, squint at it REALLY hard until it starts to conform!

CCNA 640-801: Yeah, umm, we may have been a bit wrong about that whole OSI stuff. Here's that "TCP/IP model" we've been preventing you from learning, and how it relates to the OSI propaganda we've been feeding you for years.

Re:Minor correction

[atari2600]

Neither UDP nor TCP are based "on" IP.

Re:Minor correction

[Directrix1]

Yes, I digressed from my original oppinion above. I have just read the RFC "TCP/IP Tutorial" (Note: I have read many RFCs in their entirety including IP,TCP,UDP,ICMP I just didn't read that one). I just assumed that vendors clumped it all into a TCP/IP driver and that term just became the common term. Although, referring to UDP as being part of TCP/IP sounds ludicrous as TCP is in no way involved with UDP.

Re:Minor correction

[Directrix1]

The network is an IP network. TCP and UDP can run on top of IP networks. Although, as I digressed from my original oppinion above, I do realize that TCP/IP is an officially recognized term for the combination of all the recognized technologies. Originally, I was just under the misconception that TCP/IP was just a term that came out of common usage. But now I know there is even a whole RFC devoted to it. My bad. But UDP still has nothing to do with TCP in general.

Re:Minor correction

[Blrfl]

Since we're splitting hairs, let's at least use the right axe to do it...

There's nothing misleading about TCP/IP and UDP/IP. The former stands for Transport Control Protocol {over,for} Internet Protocol and the latter stands for User Datagram Protocol {over,for} Internet Protocol. Neither were is based on IP; it just happens that both are pretty much universally encapsulated in IP packets. Internet Control Message Protocol (ICMP) is similarly encapsulated. There's nothing in TCP, UDP or ICMP that prevents them from being run over, say, Ethernet or AX.25 frames. You'd have to use a different addressing scheme and you'd lose the use of a lot of software that assumes your host addressing scheme is IP, but it could still be done.

If you run a network that supports TCP, UDP and ICMP, it's generally called an "IP network." You can have a dumb-as-a-box-of-rocks router that can only recognize and route IP packets, and it will send TCP, UDP and ICMP on its merry way because it all looks like IP packets with some "stuff" in it.

Re:Minor correction

[Dr.+Evil]

That's good news. When I studied for the CCNA, I had to study the Cisco interpretation of OSI and how Cisco wanted me to answer the questions.

The annoying part will be the legacy of this bizzare model... things like "Layer 4 switching" devices which aren't compatible with any OSI protocol.

Re:Minor correction

[OhHellWithIt]

I guess we can engage in a big urination contest over who is more correct about whether UDP is TCP/IP, but when I was configuring NTP on my Linux box, my firewall wouldn't let the clocks sync until I told it to allow UDP in and out on that IP port.

Anyone up for starting a flame war on whether "Ethernet" means IEEE 802.3, Ethernet II, etc.? Then we can move on to other exciting issues like whether 10-base T is UTP and whether 120 volts AC includes 110 or 115 volts AC.

Re:Minor correction

[blueskies]

This is not a flamewar because one side is absolutely wrong. It won't be a problem but someone questioned "Ummm, doesn't NTP run over UDP" after reading "NTP is built on top of the TCP/IP protocol suite."

This let to a bunch of other people trying to insist that there is no UDP in TCP/IP. The original poster said "TCP/IP protocol suite" so there should be very little confusion.

As someone else posted rfc1180 defines TCP/IP to mean all of the protocols at that level.

The generic term "TCP/IP" usually means anything and everything related to the specific protocols of TCP and IP. It can include other protocols, applications, and even the network medium.

This is all important because a.) this should be common knowledge for network developers, network engineers, and such (the only types of people that should feel qualified to enter this disussion), and b.) they are going to look like a jackass when they try to correct their senior sysadmin when he mentions UDP in the TCP/IP protocol suite.

Re:Minor correction

[psmears]

There's nothing misleading about TCP/IP

Unfortunately that's not true. What you say makes sense—but the term “TCP/IP” is commonly used to mean “The whole family of protocols including TCP, UDP, ICMP etc running over IP”—not just TCP running over IP (which would, admittedly, be a more logical meaning for it...).

Re:Minor correction

[maxwell+demon]

But this is all academic. Let's talk about boobies, err, I mean NTP.

Naked Tits Protocol?

Re:Minor correction

[EvilTwinSkippy]

I have a confession to make. I'm a network engineer by trade. If anybody ought to be uptight about the difference between UDP and TCP, one would think it would be the guy who could tell you the difference between RIP and BGP.

Go figure.

Re:Minor correction

[EvilTwinSkippy]

Actually UTP refers to the wiring (Unshielded Twisted Pair.) UTP covers CAT-3, CAT-5, CAT-5e and CAT-6. (CAT is simply short for category. It's a telco standard.)

Most switching power supplies will accept voltages between 90 and 240v. It's just cheaper to make the electronics run everywhere, and then just distribute the end-plugs to adapt to the outlet in the wall. Some have a little switch to flip between the two.

Ethernet... you just have to know who you talking too. It's like the word "secure" in the military. In the Navy, secure means to lash something to a deck so it doesn't blow off rough sees. In the army, to "secure" something means to post sentries. In the marines, to "secure" something means to call in a artillary bombardment, then riddle anything that is still moving full of bullets. In the Air Force, to secure something means to fill out a purchase order.

Re:Minor correction

[IvyKing]

Ummm, doesn't NTP run over UDP?

Yes, and for good reason. The reliability aspects of TCP would really mess up the packet timing necessary for proper functioning of NTP.

Reminds me of a conversation I had with our company IT guy about opening up the firewall to allow IPSEC traffic through. The first thing he wanted to know was "what port to open" - meaningless because IPSEC uses a different IP protocol than TCP (much the same way that UDP is separate from TCP). Should note that he is normally a fairly sharp and clueful guy.

Re:Minor correction

[jonadab]

> No that means they are talking about TCP on top of IP.

We usually just say TCP if it's primarily TCP we're talking about. It's understood that it's probably layered over IP, simply because it's unusual to layer TCP over some other network layer (as the whole suite of protocols is normally kept together), but if you're talking about things at the transport layer, the underlying network layer is mostly incidental to what you're talking about. Saying "TCP/IP" to mean "TCP layered over IP" makes only marginally more sense than saying "IP/ethernet" to mean IP layered over ethernet or "IP/PPP" to mean IP layered over a point-to-point dialup connection. When people say "TCP/IP", they're normally talking about the entire protocol suite that makes the internet work, and that includes ICMP and UDP.

Re:Minor correction

[Directrix1]

Good point

meh

[ResQuad]

Does this really matter? I mean NTP works, which is great, so do I really need to understand the "meta-philosophy" behind NTP? All I know is that I have the two Domain Controllers sync to 6 outside machines (reliable servers), and all the machines internally sync off thoes two.

All the computers in the network are within a second of eachother - and thats good nuff for me.

Re:meh

[Bimo_Dude]

I can agree that time synchronization is important in many cases, but writing a book about ntp and attempting to tie it into the "philosophical aspects of time" may be just a bit overboard.

Than being said, if ntp could be used for time travel, then such a book may be more interesting (and useful).

Re:meh

[Just+Some+Guy]

Does this really matter?

Yes, if you're into the meta-philosophy of timekeeping. If not, then the first part of this book obviously isn't for you.

All I know is that I have the two Domain Controllers sync to 6 outside machines (reliable servers)

Do you know enough about NTP to be able to evaluate whether those are good sources? If not, then the second part of this book may be useful.

All the computers in the network are within a second of eachother - and thats good nuff for me.

...you hope. As the reviewer said, precise synchronization is absolutely critical for forensic purposes. Can you conclusively demonstrate that Event A on machine Foo occurred before Event B on machine Bar? Would you be willing to testify to that fact if a conviction or monetary judgment were on the line?

Even if you don't think you need it, it's so trivially easy to get millisecond accuracy on all but the most unstable tickers that I never have understood why people don't sync their computers. If nothing else, it's nice to be able to set your watch to a known-accurate time source, then use that to set the rest of the clocks in your house. Am I the only one that hates seeing different times on the combination oven and microwave that has two separate displays within two feet?

Re:meh

[b0r1s]

Agreed. It should be sufficient to point out a few facts:

1) It's important
2) You want to sync at least 2 internal machines to more than one outside system
3) You want to have internal machines sync against your two internal machines from (2)

The philosophy of time doesn't need to be in a book about NTP. Waste of paper, waste of print, waste of ... time.

Re:meh

[ResQuad]

There is very little done that I know of that requires millisecond accuracy. I'd be willing to testify that the times were syncronized with in +/- 1 second on all the machines in the office.

If you think your machines are synced closer than that... your probably lieing. Remember that the internal clocks run at slightly different rates between hardware vendors. While two nearly identicle machines will slow down at the same rate (which is fine), two machines from different companies will speed up/slow down at different rates. I once had two machines that were only sync'd about once a day. One would gain over a minnutes everday and the other would loose about 5 seconds.

Unless you have every single machine plugged into a GPS/radio time unit - or syncronizing every minute ... there is just no way to be sure that every machine in a mixed hardware enviroment is exactly the same time.

Re:meh

[stefanb]

Am I the only one that hates seeing different times on the combination oven and microwave that has two separate displays within two feet?

I don't understand. My clocks always show the same number. On the other hand, I get really annoyed by the flashing being out of sync between all the kitchen applicances...

Re:meh

[Yobgod+Ababua]

"Unless you have every single machine plugged into a GPS/radio time unit - or syncronizing every minute ... there is just no way to be sure that every machine in a mixed hardware enviroment is exactly the same time."

Actually there is... a properly set up NTP infrastructure. The NTP server on each host not only periodically resynchronizes to known good time sources, but uses the results of those synchronizations to track the drift of it's own internal clock, which then allows it to compensate (generally quite well) for it's own unique flaws.

Re:meh

[greed]

Syncing once a day is not how NTP works.

NTP will basically build a new calibration map for your system's time-of-day clock. Many operating systems allow the clock ratio, that of clock ticks to seconds, to be adjusted. This helps compensate for characteristic error in the oscillator.

All your left with is temperature-induced drift, as machine load and ambient air affects the oscillator's frequency.

NTP adjusts the drift parameters much more frequently than once a day, so machines maintain very, very close time. It's easy to get within 100 msec from a stratum 3 server.

Basically, consistent clock gain or loss, like you described, will be compensated for by re-calibrating the system clock against the NTP servers. (Where Facilities Exist... if your system can't do that, well, you should ask your vendor to fix it because the free ones can.)

Re:meh

[flosofl]

Remember that the internal clocks run at slightly different rates between hardware vendors.

That's why we have a drift file. As more and more NTP synchs happen the drift file becomes more and more precise. Maybe a couple days or so depending on update frequency (I usually update at 1024 seconds) the clock will eventually converge with the authoritative time server.

I once had two machines that were only sync'd about once a day.

You may want to increase that, if you are concerned about accuracy. IIRC, NTP updates can be set from 2^2 seconds to 2^16 seconds. Unless you have a saturated pipe or very limited bandwidth, there's no reason to limit the updates to once a day.

Re:meh

[jericho4.0]

" There is very little done that I know of that requires millisecond accuracy"

The review mentions forensics, but I would extend it to any time when you need to check log files with time stamps on two seperate machines. Having accurate clocks saves a lot of hassle.

Re:meh

[klaun]

...you hope. As the reviewer said, precise synchronization is absolutely critical for forensic purposes. Can you conclusively demonstrate that Event A on machine Foo occurred before Event B on machine Bar? Would you be willing to testify to that fact if a conviction or monetary judgment were on the line?

Well, since different observers have different simultaneity space-times, in general two observers cannot be assumed to agree on whether event A preceded or followed event B. (if it event B does not reside in event A's light-cone and vice-versa)... time ordering of events and simultaneity are illusions.

-m

Re:meh

[Just+Some+Guy]

We'll assume that non-relativistic simultaneity is a reasonable model for the current Internet for the sake of conversation. It's more polite for the non-physicists among us.

Re:meh

[Just+Some+Guy]

Who said anything about system compromise? I was thinking along the lines of "the mail was sent 1.23 seconds after user A got a DHCP lease for the sending address, which was 0.58 seconds after user B gave up that address". "Forensic" has a meaning outside of computer security circles, you know.

Its called a cell phone.

Good for you. I prefer a nicely analog Swiss model, myself. My timepiece of choice isn't very external-clock compatible.

Re:meh

[eli173]

Agreed. It should be sufficient to point out a few facts:

Maybe... but when you really care about millisecond or sub-millisecond timing, you wind up digging pretty deep. And you have to understand that two clocks will differ from each other; you can't have two separate clocks in exact lock-step. At some resolution of measure, they _are_ going to differ over time.

To complicate matters: Oscillators speed up and slow down. Network traffic varies over time. Network delays are asymmetric. Server response delays can vary. Packets can get lost. Network connectivity may be sporadic, or only available occasionally such as with a notebook. Some time servers are misconfigured and give bad time, but how do you tell which ones are false-tickers, and which are true-chimers? What happens if you're synchronizing to a (Sun) box with a really bad local clock that speeds up and slows down a lot? What do you have to do to avoid whip-lash?
How do you keep accurate time when your local time source varies? What is "the right" time, if even the official atomic clocks differ? How do you define "at the same time" for two different locations in an Einsteinian world?

You can fall into philosophy faster than you might expect.

Re:meh

[bluGill]

Do you know enough about NTP to be able to evaluate whether those are good sources? If not, then the second part of this book may be useful.

I know that I query 3 different servers, scattered around the country. They are unrelated on an administrative level, and are either official seconds to the US government run atomic clock, or sync with official seconds.

While it is possible for one server to be compromised, it is unlikely that you could compromise all servers (remember the administrators are not related). NTP rejects servers that are seriously out of sync.

pool.[country code].ntp.org is great for your sync duties. Enough servers there (in most countries) that you are unlikely to get several servers that are related and intentionally messing with your time. (I also sync with my local university which is an official second to the main US clocks)

Not for Windows users, or BSD users

[Anne+Thwacks]

Windows does not support NTP properly, and most of the earlier versions don't support it at all.

It works fine in BSD, but you dont need a whole book, just tick the NTP box during the install process. (Linux is probably the same).

Re:Not for Windows users, or BSD users

[pe1chl]

How do you enable true NTP support in Windows (any version)?
All I ever found was SNTP and other names for "regularly poll some real server and smack the result into the clock".
No PLL, no filtering, no multiple sources, no local clock support, nothing.

Or do you mean an xntpd port to Windows?

Re:Not for Windows users, or BSD users

[hey]

You seem very incurious. Ever considered running for president?

Re:Not for Windows users, or BSD users

[maird]

I run ntpd built for Win32 on one of my Windows hosts. I can't remember if I built it or just downloaded a pre-built binary. Try the links or download page at http://ntp.isc.org/ Strictly it isn't an answer to the question you asked (enable NTP) but it does solve the problem (install NTP).

Re:Not for Windows users, or BSD users

[pe1chl]

I am aware of such possibilities, but I thought the poster claimed that W2K somehow has usable NTP support builtin. I never found it...

I run ntpd on a Linux system to keep accurate time, and let the Windows sytems get their time from it over the LAN. SNTP is usable for that (not for syncing over a WAN link that is also used for other purposes). For that, a Windows version of ntpd is a much better choice.

Re:Not for Windows users, or BSD users

[sk8king]

I like Tardis2000. But I must admit I'm not overly knowledgeable in the area of NTP. I mostly like the icon but it does allow for different protocols and multiple servers to sync from.

Re:Not for Windows users, or BSD users

[bedroll]

I believe that if Windows does what you're asking it's documented here. [caution, pdf link]

Re:Not for Windows users, or BSD users

[KenSeymour]

I have used this binary with success: ntp4172.zip

Just checking today, this source seems more up to date.

Re:Not for Windows users, or BSD users

[gnalre]

try tardis or if you only want a NTP client its sister product K9

Re:Not for Windows users, or BSD users

[maird]

It's arguable that this is evasive. It plainly declares a method to configure the "NTP" client in Windows but the (circumstancial) evidence is that it is a SNTP client. Assuming this is wrong and it really is a NTP client with only two configurable features (the NTP source and a poll interval plus phase correction on 2003) then it probably qualifies as "usable". FWIW, I don't see how NTP is better on a WAN link. I'm not really qualified to comment but I've written a few SNTP clients (shameless plug for one) and it seemed to me, when using the RFC to develop the app, that SNTP generated less traffic per cycle since it didn't care about delay, skew, dispersion and convergence or anything else beyond "what's the time". Is the cycle frequency going to be higher for SNTP or are we talking about many Windows hosts polling the same NTP source, something that you can do with many NTP clients (on any platform) anyway.

NB: The SNTP app I link to above isn't a client, it's a monitoring tool so it will generate excessive amounts of (S)NTP traffic - it's a test tool for a bug I found in a NTP service many years ago.

Re:Not for Windows users, or BSD users

[pe1chl]

I don't see how NTP is better on a WAN link.

SNTP usually means "send a query, receive a response, put that time into the computer clock, wait some fixed amout of time, repeat".

This is not good on a WAN link because each query may be delayed a different amount of time (mainly depending on queue length on a maxed-out local connection) and thus the actual time set into the clock may vary so much that the clock sometimes steps backward.

A complete NTP implementation avoids this by using filtering and by steering the rate of the clock rather than its actual time setting.

For timesyncing on a fast LAN it does not matter too much, as the variation in delay is very small.

Re:Not for Windows users, or BSD users

[pe1chl]

I was not really looking for any add-on product. When I want a credible NTP implementation I can install ntpd (isc.org).

I wondered if Windows really had a builtin NTP client, not the simple NTP (SNTP) that I know about. But I think it hasn't.

Re:Not for Windows users, or BSD users

[radish]

I use automachron. It runs as a tray app but seems a pretty complete client.

Re:Not for Windows users, or BSD users

[maird]

OK, I agree that SNTP is not bad for a WAN link but a WAN link can be bad for SNTP. I read your OP as saying the former.

RFC1361 only implies the estimation of propagation delay whereas RFC2030 discusses it directly. The scheme looks to be capable of independently determining the outbound and inbound propagation time if more than one request is used. This should allow it to cope with an asymmetric round trip. That should prevent the host clock from going backwards as a result of network behaviour, though it will anyway if the host clock intrinsically running too fast. It's all academic really, there's nothing you've said that I disagree with, I just didn't get how SNTP could have a negative effect on a WAN, i.e. your OP was ambiguous to me (may not have been to anyone else).

Re:Not for Windows users, or BSD users

[putko]

I see the word "SNTP" on that page, so I guess it is SNTP.

Doesn't it suck that you can't really find out? You have no way of easily discovering what it does. Contacting MS is useless, you can't look at the source. HAHA.

So awful. And I think this is the tip of the iceberg.

Re:Not for Windows users, or BSD users

[FreeForm+Response]

Tardis 2000 is a Windows service that implements the NTP protocol, both as a client and (optionally) as a server.

I love this thing, I've been running it for years.

Subjective?

[mybecq]

The nature of time is ... highly subjective

But only when discussed by metaphysical artists approaching the speed of light...

A good description of NTP...

[shadowmatter]

... without any of that mumbo-jumbo from RFCs can be found here [warning: PostScript file]. It's well written, and the safeguards and filtering techniques are very interesting.

- shadowmatter

Re:A good description of NTP...

[bedessen]

PDF version of the above paper from the author's site

If you enjoyed this book...

[Momoru]

Be sure to purchase these books on other such stimulating topics:

Ping, For Dummies!
Gopher: The Next Generation
All you ever wanted to know about the "yes" command

Re:If you enjoyed this book...

[RamboIII]

Hey cool. I wonder if they will come up with any hardware books. Like...

"The dynamics of the floppy drive"
"Monitoring your monitor"
"Desktop speakers, the truth"

Re:If you enjoyed this book...

[justforaday]

Ping, For Dummies!

Check out the first review for The Story About Ping.

Re:If you enjoyed this book...

[bchapp]

My boss just came in to see if i was ok... "All you ever wanted to know about the "yes" command" made me fall out of my chair.

Re:If you enjoyed this book...

[rhendershot]

same here. Well, except *MY* boss doesn't care enough to come on in to see if I'm alrigh... oh wells...

I prefer clockspeed's taiclock

[Lost+Found]

DJB's clockspeed package:

http://cr.yp.to/clockspeed.html

Includes an SNTP client, TAI client, TAI server, and clock correction program. It's very simple and it keeps my entire cluster to within a very small amount of drift of the atomic clock, with the sync interval doubling at every sync.

I use SNTP to get Stratum-1 time from NIST, then TAI to serve Stratum-2 time to my cluster.

Re:I prefer clockspeed's taiclock

[Just+Some+Guy]

I use SNTP to get Stratum-1 time from NIST

Don't be so needlessly antisocial. Pick a nice public stratum-2 server and leave the big guys alone. It reduces load (thus latency, thus inaccuracy) at the top and probably gives you better accuracy, assuming you're not in the same building as tycho.

I'd much rather sync against my ISP's GPS-based NTP server than a better source far away. It's better in every way, and it won't make the stratum-1 guys want to punch you.

By the way, clockspeed hasn't been updated since October 1998. OpenNTPD is a light, modern client that you might wish to consider.

Re:I prefer clockspeed's taiclock

[Krach42]

It uses the RDTSC assembly command on the x86. While this is good and nice if you don't have a speedstep technology computer, if you do, then the clockspeed of the CPU actually varies, and the RDTSC is defined to increment every clock-edge of the CPU.

This means that if you have the SpeedStep technology in your computer, then RDTSC is not a reliable time source.

This should be noted as a particular caveat on anything relying on RDTSC as a reliable timer.

Re:I prefer clockspeed's taiclock

[Just+Some+Guy]

I usually use good ol' ISC ntpd, but I've been looking at OpenNTPD for leaf nodes. Do you have any links to criticisms handy? I remember one that included things like "it's mainly developed on OpenBSD" that seemed to be pretty well debunked.

Re:I prefer clockspeed's taiclock

[Lost+Found]

The fact that clockspeed hasn't been updated since October 1998 makes absolutely no difference to me. DJB got the design right -- it accounts for leap seconds, it syncs the clock, and if I lose my internet connection for a month I'm still within a second of the atomic clock.

NTP is based on UTC and doesn't handle leap seconds as gracefully as TAI. Further discussion:

http://cr.yp.to/proto/utctai.html
http://cr.yp.to/proto/taiclock.txt

Re:I prefer clockspeed's taiclock

[alta]

Ah yes... DJB... one of the largest ego's on the net. I'm surprised he doesn't have his own TLD...

That way his email can be dan@djb

Re:I prefer clockspeed's taiclock

[Lost+Found]

Like him or not, he's the only software author I'm familiar with that has written a package as large as qmail that gets distributed and used all over the Internet (even Hotmail used it for some point, and kept using it for a while after Microsoft bought them)... and, what's this? No one's ever found a security hole in any of his packages?

People hate him for his attitude... but frankly, I find it downright hilarious, because not once have I heard a brutal comment from DJB that wasn't based 100% in fact.

And I sleep well at night knowing my cluster is not going to get hacked.

Re:I prefer clockspeed's taiclock

[BitHive]

DJB already has one of the coolest domain names. How can you not love a name like 'cr.yp.to'?

Also, his ego may be huge, but it's not entirely unwarranted. The man wrote qmail.

Re:I prefer clockspeed's taiclock

[Just+Some+Guy]

if I lose my internet connection for a month I'm still within a second of the atomic clock.

ISC ntpd does the same thing (see "FREQUENCY DISCIPLINE" in ntpd(1) on a Unix machine near you). OpenNTPD depends on the kernel to Do The Right Thing, which the BSDs, at least, seem to do. It has the additional advantage of not being under Dan's Crackpot License so people who actually want to develop it have the legal right to do so, which makes it a much more attractive target for people who want to add features, fix bugs, etc.

NTP is based on UTC and doesn't handle leap seconds as gracefully as TAI.

That may or may not be true - I don't know enough about that exact topic to comment - but POSIX is also based on UTC and not TAI. DJB's tools may perfectly implement the standard that noone else uses, but I'm not ready to consider that a benefit.

Re:I prefer clockspeed's taiclock

[TrueKonrads]

time.nist.gov is windows xp second choice for timeserver. Tell to keep away from nist to the windows horde

Re:I prefer clockspeed's taiclock

[Lost+Found]

So DJB's tools perfectly implementing the standard isn't a benefit because other people decided to do it wrong? In what fucking world does that make sense? I don't have any problems - I spent about an hour setting the whole cluster up to sync time, and it works flawlessly, never requiring maintenence or consideration or monitoring.

As for ntpd relying on the kernel, clockspeed doesn't, so I don't even have to worry about it.

You suggested I consider switching to OpenNTPD, but you've provided absolutely zero good reasons to do so.

Re:I prefer clockspeed's taiclock

[Lost+Found]

You really need to clarify 2-B. If someone merely loads a file, rather than deliberately executing it, and the result is that code is run (as point 2-C implies), then it is DEFINITELY a security hole.

Think of it like this... someone e-mails you a JPEG. You view it, and now you're a spambot.

Re:I prefer clockspeed's taiclock

[Lost+Found]

And if the legislators ruled pi to be exactly 3, I'm sure Just Some Guy would immediately switch to software packages that recognized the rule. It wouldn't be a "benefit" that the competition still saw pi as 3.1415.

Re:I prefer clockspeed's taiclock

[Triumph+The+Insult+C]

most of the openntpd criticisms are unfounded and are from an ntp.org fanboy

i don't know what the grandparent is referring to in that openntpd opens connections to the servers too frequently ... the time between syncs is determined by the drift, which, with -s at boot is pointless

Re:I prefer clockspeed's taiclock

[metamatic]

NIST's published instructions on setting up NTP for Windows and Mac users actively invite using them as your NTP server. (Check the PDFs.) If they don't want to be used as time server, they shouldn't have invited it.

Re:I prefer clockspeed's taiclock

[internewt]

So Windows is coded to phone home to the .gov?

</tinfoilhat>

Re:I prefer clockspeed's taiclock

[Lost+Found]

Well, it's certainly a) remote, because you don't have to have a local user account on the system in order to exploit it. I suppose b) depends on whether or not root loads the file in question.

Sorry, the original post just seemed like a really silly attack on DJB. People make them all the time because the only other legitimate grounds on which to attack him is his personality.

Re:I prefer clockspeed's taiclock

[metamatic]

According to chronyd's documentation, it doesn't support leap seconds. WTF is the point of an NTP replacement that doesn't handle leap seconds?!

Re:I prefer clockspeed's taiclock

[slamb]

So DJB's tools perfectly implementing the standard isn't a benefit because other people decided to do it wrong?

No, DJB's tools perfectly implementing a standard isn't a benefit because the designers of the operating system decided on a completely different standard. There's little difference between a correct implementation of an incompatible standard and an incorrect implementation of the standard you're using.

I'm not familiar enough with UTC and TAI to know the distinction, but I do know there is one, and I do know you misunderstood the parent post.

Re:I prefer clockspeed's taiclock

[LordMyren]

I've heard terrible terrible things about GPS based clocks. Generally, just dont do it...

Re:I prefer clockspeed's taiclock

[Lost+Found]

I'm referring to the standard (if you could call it that) of dealing with time. I've been developing portal software for a while now, and it's becoming increasingly clear to me that the most difficult problems to conquer in computer science aren't "how do I make it secure?" or "how do I make it perform" or "how do I make it reliable", but "how do I make it follow the local standards of time perfectly as the software is deployed and used internationally?"

Leap years, leap seconds, months with uneven numbers of days, nothing is an even multiple of ten, some people follow daylight savings, some don't, hell - not everyone even uses the Gregorian calendar. I do *not* envy the developers of the libraries that have to deal with all of this nonsense, but I'm damn glad they've done so in order for the rest of us not to have to deal with it.

If you'll refer to one of my other replies in this thread, I link DJB's notes about UTC and TAI. UTC is broken, and moreover, the POSIX rules for operating systems and time are totally broken:

=============
The main obstacle is POSIX. POSIX is a ``standard'' designed by a vendor consortium several years ago to eliminate progress and protect the installed base. The behavior of the broken localtime() libraries was documented and turned into a POSIX requirement.

Fortunately, the POSIX rules are so outrageously dumb---for example, they require that 2100 be a leap year, contradicting the Gregorian calendar---that no self-respecting engineer would obey them.
=============

Re:I prefer clockspeed's taiclock

[cwj123]

Yes, purely to make all Windows users late for work one day.

Re:I prefer clockspeed's taiclock

[QuietLagoon]

I liked it when one time djb visited the ntp mailing list and had to run away with his tail between his legs. He just couldn't handle the fact that his view was correct only in a very narrow sense.

It was a delicious moment.

Re:I prefer clockspeed's taiclock

[DNS-and-BIND]

Yeah, I remember when that came out. DJB came onto comp.protocols.ntp and flamed all the regulars. I mean, he was vindictive to the point of enjoying it. Before that, it was one of the most civil, academic newsgroups on the net.

P.S. you don't need time from a Stratum-1 server.

As a recovering hater

[Recovering+Hater]

I would just like to say that seeing articles like this one... well, it doesn't help speed up the recovery process. It's like leading an alcoholic to the door of a bar.

Time, is an illusion.

[eno2001]

Lunchtime, doubly so. ;P

Damn!

[dal20402]

the transcendental nature of time

I tried to explain this to my boss when I showed up for work at 10:30 today. But he's such a moron, he didn't understand it. Instead of being impressed by my knowledge and intelligence, he fired me. Dammit!

Maybe if the title included "hack"

slashdotters would find it interesting.

Biggest complaint

[markov_chain]

The most annoying thing about dealing with NTP for me was that nowhere in the documentation or on the 'net was there a clear, simple, one-command way to sync a machine's time to a given time server.

Re:Biggest complaint

[boy_of_the_hash]

man ntpdate

Re:Biggest complaint

[Iphtashu+Fitz]

You mean like "ntpdate "?

Re:Biggest complaint

[AlXtreme]

ntpdate server

Now don't tell me you couldn't have found that using a 2-second google search...

Re:Biggest complaint

[markov_chain]

Sorry, this was way before google, and it left me permanently traumatized :)

You need a book for this?

[xxxJonBoyxxx]

You need a book for this?

C:\>net time /setsntp:ntp.yourisp.net
C:\>w32tm /resync (windows 2k3)
C:\>w32tm -once (win 2k)

Re:You need a book for this?

[Just+Some+Guy]

You need a book for this?

Only if you want to understand what it's actually doing and intelligently discuss it. Otherwise, nope.

Re:You need a book for this?

[mollymoo]

If that's all you think there is to NTP then you definitely need a book.

Cliff sez...

[fm6]

There's this protocal called NTP that's used to synchronize computer clocks. That's not enough to fill out a book, so the author padded it out with a lot of stuff from history and philosophy. At least, that's my summary of the review.

Really, all most of us need to know about NTP can be found on Ntp.org.. Particularly useful is their NTP Pool project, which uses DNS aliasing to allow you to sync from random servers, and avoid placing a burden on any one server.

Re:Cliff sez...

[EvilTwinSkippy]

You know, people manage to fill books on just about anything. And the padding usually centers around the Philosophy behind it.

(Glances at shelf... sees "Longitude", Talbot's "The Holographic Universe", Glieck's "Chaos"... Ok, I never did read Longitude. That was for a Engineering Humanities course.)

Re:Cliff sez...

[hal9000(jr)]

Duuuude. Longitude is a brief history of the development of navigation and an interesting read. Whoda thunk that determining your longitude would be such a problem. Besides, it's short. But what I have found is that many, many technical books are either way to general about things you need to know and way to specific about stuff you do.

Re:Cliff sez...

[j-beda]

You should read "Longitude"", it is really good

Re:Cliff sez...

[fm6]

The books you cite are about the history and philosophy of navigation, chaos, etc. If this book pretended to be along those lines, you'd have a point. But it doesn't. It's an NTP handbook, supposedly written for people who want to use the NTP protocol.

I read about the H&P of various obscure subjects myself. (And watch people's eyes glaze over when I talk about what I've read!) But I read about them in books that are about, not technical manuals that need filler. And yes, they're filler, because they're not useful to the intended audience.

Re:Cliff sez...

[einhverfr]

Longitude is a brief history of the development of navigation and an interesting read.

And to think I gave up trying to teach myself spherical trig..... Actually, I suspect that determining longitude is probably a lot easier than mastering distance calculations on spherical scalene triangles (I think you could do it with an isosolise triangle instead which should make it easier).

Actually, this is exactly the sort of book I would like to read. Thanks for the recommendation.

Re:Cliff sez...

[Thuktun]

You know, people manage to fill books on just about anything. And the padding usually centers around the Philosophy behind it.

I had a college philosophy course that resembled that remark.

The first couple of papers I did, I managed to convey every bit of information necessary to support my case using the minimum amount of words. I got reduced grades on these papers, as the TA said that they were too short and needed more support. I tried an experiment. For the next paper, I wrote it the way I wanted it at first. Then, I edited the paper, taking selected paragraphs and re-inserting reworded copies of them nearby. I got full marks on that paper.

This may have just been the TA and/or instructor, but I got a bad impression of philosophy from that course. Of course, it didn't help that they spent time teaching logic (to some mathematics and computer science students, no less) at the beginning of the quarter, then showed us philosophical "proofs" that jumped from deduction to deduction without any obvious support at all.

Re:Cliff sez...

[EvilTwinSkippy]

Er, I was making that point through sarcasm, and a bit of self deprication. I chide a book for being filler, while admitting that I've been influenced by a lot of books filled with, er, filler.

I think.

Actually, I'll shut up now.

Re:Cliff sez...

[IvyKing]

Glances at shelf... sees "Longitude"

The central theme of "Longitude" is knowing what time it is at a reference longitude (e.g. the time in Greenwich). For a ship, the only practical method prior to radio was having a very accurate and stable clock. (On land you use a telescope to measure the motions of the moons of Jupiter to determine the time in Paris - from the late 1700's on).

A few decades later, the railroads needed an accurate source of time for dispatching trains by time-table. Fortunately, the electric telegraph came into being not long after the railroads to allow signaling of time and then dispatching (prodding of Charles Minot of the Erie RR in 1851). By the late 1870's, the northeast US had an electric time service (the ball dropped on Times Square on New Year's Eve probably descends from the time balls used to indicate 12 noon).

With the advent of clocks being set by telegraphic signals, there came a need for a means of keeping all of the clocks in synch - and lots of patent applications were filed for means of assuring or improving synchronization. There is speculation that seeing all these patent applications caused one Swiss patent examiner to muse on the nature of time. The examiner being a young Albert Einstein.

One of the first topics covered in books on astrodynamics or planetary motion (e.g. "Astronomical Algorithms" by Meeus) is - time. In this case talking about the difference between UTC, TDT (TAI) and GPS time.

He didn't create him

[cryptochrome]

Rybaczyk creates Sam, a fictional character who walks through the history of time. It is unclear who this Sam is -- whether he is supernatural being, or someone who got root on a time server.

We do know, however, that he has a holographic partner named Al who talks to a computer named Ziggy a lot, and that he hopes that his next leap will be the leap home.

calendar puzzle

[ch-chuck]

At your command prompt type $ cal 9 1752
explain.

Re:calendar puzzle

[fputs(shit,+slashdot]

bash-3.00$ cal 9 1752
September 1752
Su Mo Tu We Th Fr Sa
1 2 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30

bash-3.00$

That is serious glitch in teh matrix.

Re:calendar puzzle

[Toba82]

That's when Great Britain switched from the Julian to the Gregorian calendar. See http://webexhibits.org/calendars/year-text-British .html

Re:calendar puzzle

[NeoBeans]

Two explanations:

1. An "off by one" programmer error
2. Adoption of the Gregorian Calendar affected Julian Dates

I'd bet on the second explanation... see below excerpt:

In September 1752 the Julian calendar was replaced with the Gregorian calendar in Great Britain and its American colonies. The Julian calendar was 11 days behind the Gregorian calendar, so 14 September got to follow 2 September on the day of the change. The result was that between 3 and 13 September, absolutely nothing happened!

Re:calendar puzzle

[njfuzzy]

I don't have to stand for this interrogation. Don't look at me. Ask pope Gregory!

Re:calendar puzzle

[kclittle]

google: calendar 1752

Take first match.

Re:calendar puzzle

[madaxe42]

Correct. Russia didn't switch fully until 1940, even though they started switching in 1917, so a lot of the dates you see in history books (births, deaths) are inaccurate.

Re:calendar puzzle

[KenSeymour]

That was a good link. I also remember reading that there were riots in the streets because renters thought they were getting cheated.

They were still being changed "a month's rent."

Re:calendar puzzle

[nagora]

renters thought they were getting cheated. They were still being changed "a month's rent."

They were being cheated: they were being paid for the days they worked but charged for the month they rented, so they were screwed that month.

TWW

Re:calendar puzzle

[DLWormwood]

cal 9 1752

I'm not a time expert, but this, I believe, was related to the transition from Julian to Gregorian time or some other form of seasonal adjustment. Prior to 1752, the solistices and equinoxes were over a week off from their historically recorded "official" dates on the Western calendar. I'm sure some other /.'er will provide a Wikipedia link to the exact explaination...

Re:calendar puzzle

[repetty]

Your leading spaces got trimmed. Took me a second to realize why your calendar differed from mine:

. $ cal 9 1752
.
. September 1752
. S M Tu W Th F S
. 1 2 14 15 16
. 17 18 19 20 21 22 23
. 24 25 26 27 28 29 30

--Richard

Re:calendar puzzle

[Shimbo]

The Gregorian Reformation is assumed to have occurred in 1752 on the 3rd of September. By this time, most countries had recognized the reformation (although a few did not recognize it until the early 1900's.) Ten days following that date were eliminated by the reformation, so the calendar for that month is a bit unusual

Close but no cigar: the gap had become eleven days by 1752, because 1700 isn't a leap year in the Gregorian calendar.

Re:calendar puzzle

[Guy+Harris]

I'm using Windows and took you literally.

Surely you mean "I'm using Windows, you insensitive clod!"

Simultaneity

[hcg50a]

Chapter 3 (a look at the cutting edge of time protocols, specifically the Interplanetary Internet) should be pretty short.

In a relativistic universe, the concept of absolute simultaneity is gone. Given two events separated in space (like two nearby supernovae, or two alarm clocks going off), depending on their speeds and distances, two observers may disagree on which one occurred first, even after they make various relativistic corrections for their own speed.

If two observers can't agree on simultaneity of two events, they will not be able to agree on the correct time.

Of course, this won't matter practically within the solar system, but between solar systems, it could start to make a difference.

Re:Simultaneity

[iggymanz]

even for atomic clock on aircraft, flying from U.S. to London resulting in difference on the order of 53 ns, and 39 ns for return trip, so I'd say that with current computers and their GHz clocks we're slightly into the realm of relativistic effects being noticable on our planet.

Re:Simultaneity

[GigsVT]

Definitely.

The speed of light is becoming a factor in motherboard layouts. I mean technically the speed of electrical signals in copper, but that's a large fraction of the speed of light.

Re:Simultaneity

[tendays]

You can define a official/base coordinate system (e.g. that of the Sun) relative to which common/universal time is to be measured, just like gmt etc is defined for the greenwhich meridian.
Then just like gmt-noon is in the middle of the night for some parts of the planet, two gmt-simultaneous events will seem to occur non-simultaneously for some observers - yet any observers can still compute the official time for these events (and find the same value. Therefore agreeing on time and simultaneity)

Re:Simultaneity

[jericho4.0]

Timekeeping in space takes relativity into account. They have to, or they would wind up in the wrong place. Interplanetary NTP, IIRC, has some fancy tricks to manage this. Interstellar distances and velocities should make no difference, but we're a long way from that.

Re:Simultaneity

[magarity]

The speed of light is becoming a factor in motherboard layouts
 
"Becoming"? Where have you been? The Cray-2, vintage 1985, was a big circular computer because that minimized the lengths of the wiring for exactly that reason.

Re:Simultaneity

[iggymanz]

the cray-2 didn't have a single "motherboard" though, its registers and pipelines were spread over many boards. for a "one board" design on the order of about a foot (or say 30 cm), a wavelength of signal in copper is about motherboard length at roughly 1GHz.

The question I want answered is.

[papasui]

Precisely how long has it been since this guy last got laid.... DON'T ANSWER IT'S AN INFINITE LOOP!

With apologies to Peter Lorre

[bobalu]

"Time, time, what is time? The Swiss manufacture it, Italians squander it, French hoard it, the Americans say it is money and the Hindus say it does not exist.

I think time is a crook".

From "Beat The Devil", 1953:
http://www.imdb.com/title/tt0046414/

Re:Time is an illusion.

[It+doesn't+come+easy]

I contend that time is truly an illusion based on our perception of the laws of physics. Consider this: According to our perception of time, events, changes in state, motion, etc., all of these things "take time" to occur. While sometimes we can't precisely know when an event will occur (the uncertainty principle in quantum mechanics, for example) we can say positively that we never perceive all events in the universe occurring simultaneously. Thus we "perceive" the passage of time. However, we also always measure the rate of time passage as a constant (it always passes at the same rate, except during tax time). For example, even if we were traveling close to the speed of light, our measurement would be that time would pass at exactly the same rate for us. Others who were not moving close to the speed of light would also measure time passing at the same rate as they always had. In other words, if we both had atomically precise clocks with each of us, both of us would report that each second took exactly 9,192,631,770 oscillations of a Cesium-133 atom.

So what? That could mean that time is simply a physical property of matter and energy (whatever they are). Just as matter has inertia and takes up space, it also has a property that says all of the events that matter can participate in cannot happen simultaneously. There is only "room" for so many events in a given amount of space. (I'm trying to avoid using the word "time" :). As space contracts (we speed up) or expands (we slow down), from the outsider's point of view of course, the room we have for events shrinks or grows in step with the change in our space. From our point of view, our space remains constant and so our room for events remains constant. In this regard, time could alternatively be considered a physical property of space itself instead of the matter found in space. But it doesn't seem likely that time is it's own dimension. Not that we really understand what a dimension is...

I think it's time for a beer...

The great thing about humans is that...

[exp(pi*sqrt(163))]

...there's a human for every task. For every tedious nerdy task that needs doing you'll find some human who will not only work on it, but will enthuse over the subject matter and do their job well. Whether it's maggot farming or telling the time this is a wonderful thing. But there's no need to tell everyone else about your job.

Is it really that complicated?

[m50d]

I mean, if I was a protocol engineer making a protocol for synchronising the time between systems, there'd be two packets, one that says "tell me the time" and one that says "this is the time" with a space for the time, and that would be it.

Maybe this is why I'm not a protocol engineer.

Re:Is it really that complicated?

[WoTG]

I don't really know the nitty gritty either... but I do know that one of the big pieces missing in the two packet system is the time delay. A round trip packet to a random server on the internet for me would be about 150ms, but it varies, a LOT. The time protocol needs to be a lot more accurate than that (well, for some tasks, not so much for others).

Re:Is it really that complicated?

[Just+Some+Guy]

That's basically NTP. Congrats!

Of course, the interesting part is that packets don't travel instantaneously. It's not enough to ask what the time is - you also need to know how long it takes the responder to answer. Furthermore, travel times aren't symmetric and you have to estimate how much of the total elapsed time between sending the request and receiving the answer occurs during each leg of the trip. Remember, the other guy faces the same constraints that you do - you can't just ask him for the answer.

Time synchronization is a deceptively simple concept. I'm very grateful that some very smart people have thought this through to a level of detail that I probably never would.

Re:Is it really that complicated?

Yes, it is, you have to take all this into account:

1) the delay between sending the request and getting response.

2) the fact that the delay might be different upstream and downstream

3) the fact that the delay might be highly random from call to call.

4) the fact that your clock should also be correct BETWEEN the calls, not just at the instant of synchronization

5) choosing the "best" time from a handful of servers (you can't rely on ONE server because it might be hacked or just wrong)

6) the fact that you shouldn't "jump" the clock on a server with critical processes running on it. you have to change the speed of the clock so that it gradually goes into sync

6b) you also have to make sure #6 doesn't cause slow oscillations or other weird behavior.

7) the fact that your server might also be relaying time to other servers, how do you communicate how "accurate" the clock is to these other servers, so they can apply #5?

8) leap seconds (okay, NTP kinda fudges this, but nobody's perfect)

Plus all the other stuff that goes into a protocol, authentication, security, etc.

It ain't rocket science, but it's pretty close. More engineering of dynamic systems than CS.

But don't worry, NTP has taken care of all this, all you have to do is point it at a few servers and it takes care of ALL of this crap.

Re:Is it really that complicated?

[Quince+alPillan]

You're forgetting the time it takes for one packet to be received by the other, processed, and sent back. That means you have to include what time you think it is so that the time server can calculate the difference in a reply back so the client can fudge the number based on the calculated time it takes for one packet to be processed and sent from the server to the client.

Of course, this gets seriously fubared when you have really high latency on only one transport (upstream or downstream)

It also doesn't take into account any drifting that might occur (ie a clock that's fast or slow) should the client be unable to contact the server.

To read more, see here.

Re:Is it really that complicated?

[Animats]

Maybe this is why I'm not a protocol engineer.

I used to be. And I knew Dave Mills, who designed NTP.

There are quite a number of problems in time synchronization. Here are a few of them.

• Authoritative source You have to get time from a better source than you have locally. So you need some scheme to identify time source quality. And it has to detect and prevent loops, so you don't get a group of machines all synchronizing to each other and behaving as if they're synchronized to a primary standard.
• Overhead You don't want to be hammering some primary time standard with requests at a huge rate. So the number of requests must be held down.
• Drift Clocks, other than primary time standards, drift. That drift has to be measured, so you can tell how often a correction is necessary.
• Lag There's propagation delay on time requests, so there's lag. Less than there used to be, but still, lag. That has to be compensated for.
• Monotonicity Many programs behave badly if time moves backwards. So correction shouldn't move time backwards unless the change needed is so big that it's unavoidable.
• Leap seconds Leap seconds have real consequences. When a leap second is inserted, every AC generator on the grid has to make 60 extra turns. And they do. It takes about four hours for them to catch up.

Re:Is it really that complicated?

[fred+fleenblat]

Leap seconds Leap seconds have real consequences. When a leap second is inserted, every AC generator on the grid has to make 60 extra turns. And they do. It takes about four hours for them to catch up.

That's so funny. Working so hard to keep a bunch of clock radios from getting off by one second...on most models you can't even set the seconds.

Re:Is it really that complicated?

[ratsg]

and don't forget server insanity!!

Re:Is it really that complicated?

[QuietLagoon]

Drift Clocks, other than primary time standards, drift. That drift has to be measured, so you can tell how often a correction is necessary.

Primary standards also drift, there is just nothing to measure it against. :-)

Re:Is it really that complicated?

[QuietLagoon]

Working so hard to keep a bunch of clock radios from getting off by one second...on most models you can't even set the seconds

It is significantly more serious than that. Imagine if you connect two power grids together, and those grids are 1/120 of a second apart in the 60Hz cycle. They are effectively out of phase, resulting is some rather significant fireworks.

Re:Is it really that complicated?

[fred+fleenblat]

How would revving all the generators up for 4 hours decrease the likelyhood of something being 1/2 cycle off? Seems like it would actually increase the chance of such a problem.

Re:Is it really that complicated?

[QuietLagoon]

It is not revving the generators up for 4 fours, but slightly adjusting their speed over the course of 4 hours to gain the leap second.

Re:Is it really that complicated?

[antispam_ben]

# Drift Clocks, other than primary time standards, drift. That drift has to be measured, so you can tell how often a correction is necessary.

You clearly know more than me, but if one knows drift and it is consistent (say, the computer's hardware clock is always 470 milliseconds fast every 12 hours), one can drop a millisecond every 1.53 whatever minutes, and maintain good accuracy while hitting on the primary less often. I suppose this sort of thing is done and your mention of drift is just the main simplification.

# Leap seconds Leap seconds have real consequences. When a leap second is inserted, every AC generator on the grid has to make 60 extra turns. And they do. It takes about four hours for them to catch up.

This appears a little misleading, after the leap second the clocks are one second too fast, so 60 cycles have to be removed by running the generators slower. The wording that they are 'catching up' is misleading.

Re:Is it really that complicated?

[Animats]

if one knows drift and it is consistent

It's usually not. Crystal oscillators have some temperature dependency, and this is a major reason PC clocks drift in an inconsistent way. A 10 degree C temperature change typically results in about a minute of clock error per month. See "Crystal considerations for Dallas real time clocks

Re:Is it really that complicated?

[m50d]

But surely it would be better to just leave the generator "where it is", running at normal speed, and then no generators would be going out of phase?

Re:Is it really that complicated?

[QuietLagoon]

That may be a possibility. I don't know if the power utils do it that way or not. I do know the power grid needs to stay synchronized, lest major sparks occur.

There is no such thing as time...

[vudufixit]

Only measurements of change events compared against arbitrarily chosen units (rotation/revolution of *our* planet around the Sun and fractions thereof).

Re:There is no such thing as time...

[FLAGGR]

In other news, NTP has been renamed to NMoCECAACUStRRooPATSP (network measurments of change eveents compared against arbitrarily chosen units specificaly the retoation/revolution of our planet around the sun protocol.

According to your argument, distance also doesn't exist. In fact I bet you could use your argument to prove that nothing really exists.

p.s. that means your argument is crap.

Re:There is no such thing as time...

[CrazedWalrus]

There is no such thing as distance; only measurements of some king's foot or *our* planet's size and fractions thereof.

I'm not sure that the arbitrary nature of a unit of measure negates the existence of *what* is being measured.

SNTP

[NoMercy]

Few people need sub milisecond accuracy of full NTP, and if they do there's a few nice servers available for that, for clients a simple client is all you need, and it's not that complex, you send a UDP datagram asking for the time, you get one back with the time in it, if your feeling fancy you can even improve SNTP by calculating network delay and factoring that into the time calculation.

Re:SNTP

[pe1chl]

The problem of naive SNTP implementations is that varying delays on your link can make the clock jump backward in time regularly.
That is not a good thing.

Re:SNTP

[studpuppy]

Few people need sub milisecond accuracy of full NTP

I guess I was one of those. Back in 1990, I was designing SS7 control points (SCP's) for the Advanced Intelligent Network. Had to make sure two geographically diverse clusters of AIX systems were kept in sync, because SS7 requests could be routed to any server in either cluster (given the requirements of a five-9's uptime system), and any message that appeared older than 130 miliseconds from the start of the request chain was dropped, causing phone calls to be blocked.

It was hard enough convincing folks to abandon point to point X.25 links in favor of an IP network between the servers and their management systems, but when I suggested that we use a "freeware" program to keep all the systems in sync.... I think there are still some fingergrip marks on the arms of the chair that the director was sitting in. Of course, all that was missing was the smoke curling out from his ears like it does in the cartoons.

Also... on the subject of clockspeed-NIST

[Lost+Found]

Oh, and on the subject of hitting Stratum-1 servers... I'm not too worried about it. An NTP client may be configured to hit them every hour, or some such nonsense, but as I stated in my post, every time I hit NIST I double the amount of time I wait before I hit them again.

We had to move our cluster onto a new UPS about a month ago, so I just have a 33 day uptime on my local Stratum-2, but as you can see:

----------------------
Sleeping 1228800 seconds ...
before: 2005-08-14 23:36:57.248578000000000000
after: 2005-08-14 23:36:57.218957999778524040
before: 2005-08-14 23:36:57.268270000000000000
after: 2005-08-14 23:36:57.268270000333328132
----------------------
Sleeping 2457600 seconds ... ... it will be 28 and a half days before my cluster touches NIST again. After that, it will be 56 days... etc. If you notice from the log output, the previous interval was 14 days, and in those 14 days we only drifted 3 hundredths of a second.

I doubt any Stratum-1 guys want to punch me for syncing at the intervals I do...

Set your time wrong, lose your case?

This sounds to me like the first thing a hacker should do is to screw up your clock upon getting root: voila, get out of jail free card.

cygwin settles the debate

[blu3+b0y]

'man cal' on cygwin gives this handy explanation:

The Gregorian Reformation is assumed to have occurred in 1752 on the 3rd of September. By this time, most countries had recognized the reformation (although a few did not recognize it until the early 1900's.) Ten days following that date were eliminated by the reforma- tion, so the calendar for that month is a bit unusual.

Nasty Microsoft Outlook Bug!

[Procyon101]

I just scheduled a meeting for September 5th, 1752!

Re:Nasty Microsoft Outlook Bug!

[Procyon101]

KDE's Kontact does something REALLY weird.

It shows the days in september wrongly, but the weird thing is, if you go before september, it jumps you to near the year 3000000, but it is NOT an integer rollover because it doesn't jump you to the max integer... you can go up from there.

Re:Can I get a cliff's notes version of the review

[nocomment]

Chapter 1: Meet Sam

Chapter 1: Sam sets up NTP on Linux
Section1: Sam meets the man in the Red Hat: In this chapter Sam types rpm -i ntp.rpm && ntpd
Section2: Sam meets Mandrake: In this chapter Sam types urpmi ntp && ntpd
Section3: Sam meets Gentoo: In this chapter Sam types emerge ntp && ntpd
Section 4: Sam meets Debian and battles the GNU: In this chapter Sam types apt-get install ntp && ntpd

Chapter 2: Sam set up NTP on other Unixes
Section 1: In this chapter Sam meets puffy the blowfish and types pkg_add ntp.tgz && ntpd
Section 2: In this chaper Sam meets Beastie and types pkg_add ntp.tgz && ntpd
Section 3: In this chapter Sam battles his way to the Oracle at Solaris and types pkg_add ntp.tgz && ntpd

Everything I've wanted to learn about NTP...

[slacktide]

I learned at timecube.com

Re:Minor correction (Occam's Razor)

[einhverfr]

I am sure I will be modded down, but what the heck....

UDP and TCP are part of TCP/IP. (Just a question of whether we are working on level 3-4 or 4-5 on our OSI model.)

Ummm.... TCP/IP and OSI were designed to be completely separate networking protocol suites. Ultimately, TCP/IP does not mesh well with the OSI model.

After the failure of anyone to actually impliment OSI, it became a great tool to confuse wannabe network techs.

For the record, TCP/IP was designed around (and runs on) a 4-layer model. This model (known as the DoD model) actually matches what is happening. Again, the OSI model would have matched what happened with the OSI protocol suite but such a suite was never fully implimented. Trying to fit 4 layers into 7 is a complete waste of time and only serves to confuse the subject.

UDP is pretty simple. It is just like a stripped down version of TCP which was designed as its name suggests for sending application-specified datagrams over a network (TCP handles the datagramming so you handle it as a stream).

The three major Transport Layer (DoD model) protocols in TCP/IP are TCP, UDP, and ICMP. There are others, like IGMP and other multicasting protocols, but these are not as major as those three.

Using the OSI model for describing TCP/IP is about like using the Ptolomeic model for describing planetary motions in that making it work requires needless complexity. Because it is not a simple solution (Occam's Razor: "One Should Not Needlessly Multiply Entities"), and making it work conceptually requires needless complexity, I am convinced that we should stop teaching the OSI model except in the History of Computer Networking ;-)

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:No. TCP/IP refers to TCP and IP...

[Kiryat+Malachi]

RFC1180 says you're an idiot.

Actually, it says 'The generic term "TCP/IP" usually means anything and everything related to the specific protocols of TCP and IP. It can include other protocols, applications, and even the network medium. A sample of these protocols are: UDP, ARP, and ICMP. A sample of these applications are: TELNET, FTP, and rcp. A more accurate term is "internet technology". A network that uses internet technology is called an "internet".'

But I choose to rephrase that as "You're an idiot."

Re:Minor correction (Occam's Razor)

[monkeydo]

The three major Transport Layer (DoD model) protocols in TCP/IP are TCP, UDP, and ICMP. There are others, like IGMP and other multicasting protocols, but these are not as major as those three.

There are quite a few more than that.

I don't need no stinking time server!

[phallstrom]

I just keep track of the dupes on slashdot. When I see this story again, I'll know it's four hours later... ... give or take a month or two... :)

Actuall, RFC1180 says...

[msauve]

"Status of this Memo...This RFC is a tutorial on the TCP/IP protocol suite, focusing particularly on the steps in forwarding an IP datagram from source host to destination host through a router. It does not specify an Internet standard."

Note the specific and correct first use of "TCP/IP protocol suite." No proper name has ever been given to the entire suite of Internet protocols, so the need has been filled through the use of terms such as "TCP/IP based" or "Internet Protocol suite." Such terms are often simplifed to "TCP/IP" or "IP" for sake of brevity, at the expense of correctness, as is the case in RFC1180. Subsequent usage there is of an abbreviated form, suitable for a tutorial, although technically incorrect.

You're obviously unaware of the nature of RFCs. Historically, anyone could write anything and submit it as an RFC, correctness be damned. As RFC30 states: "The content of a NWG note may be any thought, suggestion, etc. related to the HOST software or other aspect of the network. Notes are encouraged to be timely rather than polished...These standards (or lack of them) are stated explicitly for two reasons. First, there is a tendency to view a written statement as ipso facto authoritative, and we hope to promote the exchange and discussion of considerably less than authoritative ideas." For you to base an argument on RFC1180 being somehow authoritative in regard to terminology simply demonstrates your lack of understanding of both RFCs and the reason for RFC1180, which is not to define terminology, but to describe the IP forwarding process.

If you examine the actual standards (i.e. STD5/RFC791/IP and STD7/RFC793/TCP) you will not find the terms used with such imprecision. Since the trigger for this thread branch is UDP, it's helpful to examine STD6/RFC768. It is clear from a reading that UDP works with IP, but is separate and distinct from TCP. UDP is no more a part of TCP/IP than is 802.3 Ethernet, although they're commonly used together.

I won't even call you an idiot, because you're obviously thinking, just ignorant of the facts.

I'll also point out that Internet is capitalized when used to refer to the global internet based on the IP suite of protocols. When not capitalized, it can refer to any network, not limited to those based on IP. IPX, Decnet, Appletalk, OSI suites of protocols can all be used to form internets.

Forensic purposes

[metamatic]

As the reviewer said, precise synchronization is absolutely critical for forensic purposes. Can you conclusively demonstrate that Event A on machine Foo occurred before Event B on machine Bar?

If you think you might ever need to do that, better hope you're not using BSD syslog or that the intruders are kind enough not to do so during the wrong time window.

Re:Forensic purposes

[espo812]

better hope you're not using BSD syslog

Simple solution: have syslogd log when the time changes. That way if there's a "time adjusted for daylight savings time" between events, you know to add an hour. Make checks payable to my /. account.

Re:MODS ON CRACK...

[maxwell+demon]

Can't even properly moderate a reference to The Hitch Hiker's Guide to the Galaxy, tsk...

That's because Score:42 isn't supported by Slashdot.

All I want to know about NTPD

[Xenophon+Fenderson,]

...is how to stop it from listening on port 123/UDP. Any suggestions? And yes, I did read the fine manual.

Philosophy and practice are not so far apart

[Anthony]

I haven't read this book but I have read "Confessions". St Augustine in the late 5th Century wrote of the impreciseness of time, especially when defining the present. Actions remembered are past. Are they real? The present is immeasurable as it lies between the past and the future. The future does not exist and passes into the past which again does not exist but in memories and consequences of actions.

Perhaps the discrete quantisation of time by a computer clock and the act of recording logs at the time of events overcomes the issue? No, again the computer logs are recorded after the event. In the case of a disk log write, a very long time after the event (in the scale of the computer clock quanta). Lots of things can happen in that time to potentially change the record. Add in network logging and it is real ancient news.

Haha

[lullabud]

That is hilarious. What adds to it is the fact that 7804 people have rated it, a childrens book, but only 104 people have rated the review right below it. :)

Re:Minor correction (Occam's Razor)

[einhverfr]

There are quite a few more than that.

I said there were others. But most of those on the IANA list are either internetwork or network access protocols tunnelled over IP (GRE, IP/IP, etc) or they are seldom-used transport layer protocols which are almost never used by applications. IGMP is the only real transport level protocol protocol which I did not list that could be argued to be major in that it is used by routers to rebuild routing tables, etc.

So how many real *transport* protocols are actually used?

Re:Minor correction (Occam's Razor)

[EvilTwinSkippy]

The first rule of the OSI model is that you don't talk about the OSI model!

Seriously though, the trades are littered with terminology that is WAY outdated and I swear is just out there to confuse the laymen. If you've ever studied electricty, our notion of + and - comes from Benjamin Franklin, and he had it backwards. In truth, the negative end of the circuit is where the electrons are coming from. The whole notion of Voltage is a bit confused (people think it's anything from speed to pressure. It's actually neighter.) And then when you start getting into alternating current, whoooohaa, watch the sparks fly literally.

/Recoving EE major.
//Did you know that alternating current has a magentic component that you have to take into account when designing circuits to handle large motors and whatnot?
///And that magentic field is an imagionary number. There's complex math, and then there is Complex Math.

Re:Can I get a cliff's notes version of the review

[EvilTwinSkippy]

But when does Sam get to Mount Doom?

Re:Minor correction (Occam's Razor)

[einhverfr]

//Did you know that alternating current has a magentic component that you have to take into account when designing circuits to handle large motors and whatnot?

I was aware of that. I believe this is how crosstalk happenes on telephone lines (induced electric current due to magnetic fields from the alternating current component of the speach signal). ///And that magentic field is an imagionary number. There's complex math, and then there is Complex Math.

Brilliant. But Complex Math doesn't have to be that complex :-)

The art of waiting

[ockegheim]

Accurate time keeping is great in modern society for catching trains and making appointments (though I've had more success catching trains since my housemate set the microwave clock in the kitchen a couple of minutes fast). I suspect that overall we tend to be too uptight about time: for 99.5% of human history we've watched time pass with the sun, moon and seasons. If several Australian aboriginal tribes were having a council, the first to arrive would almost certainly have to wait a few days for the last to arrive, but this didn't bother them as presumably they had enjoyable or productive ways of filling in their time. In our modern society, we're often stuck with a long wait ahead and nothing to do.

Re:Can I get a cliff's notes version of the review

[Baricom]

He has to ask Al first, and Al will naturally have to ask Ziggy.

Subtitle:

[gafisher]

"No More Sloppy Seconds"

Re:Can I get a cliff's notes version of the review

[mercury83]

Once when I was in Hawaii, on the island of Kauai, I met a mysterious old stranger. He said he was about to die and wanted to tell someone about the treasure. I said, "Okay, as long as it's not a long story. Some of us have a plane to catch, you know." He stared telling his story, about the treasure and his life and all, and I thought: "This story isn't too long." But then, he kept going, and I started thinking, "Uh-oh, this story is getting long." But then the story was over, and I said to myself: "You know, that story wasn't too long after all." I forget what the story was about, but there was a good movie on the plane. It was a little long, though.

From Jack Handy :-)