NTP Pool Project Reaches 500 Servers

flok writes "Finally after 3 years the NTP Pool project has reached 500 servers! The NTP pool project tries to be an accurate and free time-source to every internet-connected device. Everybody who's system has running an NTP daemon which can give an accurate time-indication can join the project. Not only is it handy to have accurate time on your workstation to be able to see when you need to leave the house to catch the train in time, it is also usefull to be able to accurately correlate events between your system and others in case one gets hacked."

But...

[joey_knisch]

I live in an area with buses and a DOT that doesn't give a shit about being 12 seconds early. Oh well. I will continue to use my watch set 5 minutes fast.

However, congrats. I will continue to use your NTP servers for computer related crap well into the future.

New Way uses HW

[putko]

Supposedly, if you need an accurate timebase, you are supposed to just use GPS (which gives the exact time) instead of relying on a complicated clock protocol.

It is great that NTP is so widely distributed. It is typical that at the moment the old technology is finally working, there is an altogether better solution.

Re:New Way uses HW

[Myself]

Of course, the CDMA cellular network derives its timing directly from a GPS-stabilized clock, and local clock standards that reference a CDMA receiver are available. These work in almost any building short of a full faraday cage. (And some of them can hook directly to a network and serve NTP!)

Also, the 1pps output of a $75 GPS unit is considerably more accurate than NTP if your network is subject to *any* sort of variable delay, which of course packet-based networks are.

Not that NTP isn't useful, just don't expect submillisecond accuracy out of it.

Re:New Way uses HW

It is great that NTP is so widely distributed. It is typical that at the moment the old technology is finally working, there is an altogether better solution.

So, you're going to connect a GPS receiver to every single workstation and server?

The way NTP works is that the primary ("Stratum 1") servers get their time from GPS (and other places). The next level (stratum two) would sync of off these and would serve time to clients (so that the primary time servers wouldn't be over burdened).

You would setup your servers and desktops (and routers, switches, etc.) to sync with the stratum two servers. These clients would in essence become "stratum three". You can go down the stratum numbers as you need for the scalability / redundancy needs that you may have. While technically a stratum x+1 server may not be as accurate as an x server, we're talking about differences of tenths of a second over the Internet.

This way you get accurate time (error of tens of milliseconds or less on a LAN), without having to add a GPS reciever on every machine. Most people only need their time sync'd to a couple of seconds, so public NTP servers are good enough.

Time sync protocol that Windows uses is a form of NTP (it goes to time.windows.com), and OS X uses the standard NTP software underneath the hood (you can edit /etc/ntp.conf on OS X).

Re:Your machine is going to party like it's 1999 .

[isj]

What keeps someone from joining the pool and giving out the wrong time?

Nothing.

However, NTP clients uses multiple servers and uses some fairly advanced correlation algorithms to detect outlyers and bad servers. The client configuration is your responsibility. So configure it to use a set of servers that you believe you can trust.

There are some nifty bits of nastiness that can be delivered when a machine is privy to having its clock changed from afar.

Then use the secure protocols.

Re:Confused

[bsd4me]

Accurate time is important when you are sharing resources with other computers. One example is running a build on an NFS share. If the file timestamps are wrong, then make may do unnecessary compiles, or skip files. Other protocols, like rsync, use timestamps to try to figure out whether updates are needed.

Re:Your machine is going to party like it's 1999 .

[wayne]

What keeps someone from joining the pool and giving out the wrong time?

All machines in the NTP pool are monitored for quality and if they are bad enough, they won't be put into the pool.

Also, it is recommended that you have at least 3, maybe up to 5, NTP servers so that you can detect a bad NTP server. (If you have one time server, you won't know that anything is wrong. If you have two, you will know something is wrong, but you won't know which NTP server is bad. If you have three or more, you can pick the best one.)

Re:500

[wayne]

Why is 500 servers notable?

Last year, the pool was falling behind on servers. More clients were joining than servers, so the load on each server was growing. Since then, Ask Bjørn Hansen has created a bunch of automated scripts to handle all of the servers and the server growth has taken off. We still need more servers, and 500 is a nice round number to give as an excuse to say "Please join the NTP pool!".

Recommended NTP clients

[ZorroXXX]

Since nobody has mentioned anything about clients yet, here are my suggestions:

• Linux: Chrony. Works very well for dial-up when you not are connected all the time.
• Windows: NetTime. Although no longer an active project, this program still works perfectly and is in my opinion better than the "official" windows service.

I run a pool server: some interesting bits

[Nelson+Minar]

Debian's default NTP configuration is to get time from pool.ntp.org. This is a significant contribution to the Linux world, similar to how Microsoft and Apple provide NTP service to their customers. Yay for us!

There is modest protection against bad servers in the pool. The time from pool servers is monitored and if a server seems insane it's taken out of the rotation.

My pool server gets about 14 requests a second from about 100,000 different IP addresses a day. Sadly, a lot of those requests are junk; 100 IP addresses account for 1/3 of all the requests I get. Fortunately NTP is a very lightweight protocol, so you can mostly ignore the spammy clients.

Re:I run a pool server: some interesting bits

Apple has been running their NTP server for a long time now, even before starting to add builtin NTP support in their OS.

Re:Why we removed our servers from the pool...

[Detritus]

Uh, your servers are supposed to only reply with *ONE* packet.

See the "iburst" keyword in ntp.conf. This results in a burst of ntp packets at startup.

Re:Stratums

[Gerald]

Try this:

    - Traceroute off your network, e.g. to cnn.com
    - For each hop in the route, run 'ntpdate -q '

9 times out of 10, you'll find an NTP server one or two hops away.

Re:PCs keep lousy time.

[LuckyStarr]

Try warming your 5 buck watch to 50C (don't know how much that is in F) hold it there for a few hours and then cool it down again to room temperature. Do this every day for a few months.

You will see your 5 buck watch will track the time as good as the Dallas chips.

Temperature affects the speed of clocks.

Re:Public NTP server?

[htmlboy]

what constitutes a "public" NTP server - the DNS name, or its inclusion on a particular published list?

in this context, public probably means that the server's listed by pool.ntp.org. isc also maintains a list of stratum 1 and 2 servers, some of which are publicly-accessible.

Re:PCs keep lousy time.

[FuzzyFox]

I remember in high school a guy from the power company came to talk to the class.

He stated that the power company tries very hard to regulate the 60 Hz power, such that, as exactly as possible, the required 5,184,000 cycles are sent out every day. As a result, any electric clock (especially one that uses a motor) would have very accurate time.

So why is it, that an electronic device, which you normally plug right into the wall, can't find a source of accurate time? There's a very reliable source of time information, right on the other side of the power supply, but the computer ignores it!