NTP Pool Project Reaches 500 Servers

flok writes "Finally after 3 years the NTP Pool project has reached 500 servers! The NTP pool project tries to be an accurate and free time-source to every internet-connected device. Everybody who's system has running an NTP daemon which can give an accurate time-indication can join the project. Not only is it handy to have accurate time on your workstation to be able to see when you need to leave the house to catch the train in time, it is also usefull to be able to accurately correlate events between your system and others in case one gets hacked."

oooo so exciting

[SpaceCadetTrav]

Congratulations. If you are reading a Slashdot thread about 500 time servers, you really are a nerd.

Re:oooo so exciting

[Hatta]

Congratulations. If you are reading a Slashdot thread about 500 time servers, you really are a nerd.

And what if you're posting in one?

Re:oooo so exciting

You know, the part before "stuff that matters"?

I've always wondered about that phrase -- who is this "Matters", and why would I want to stuff him?

Even more puzzling: with what?

Re:oooo so exciting

[Xugumad]

Or a sys-admin, maybe? I work with computer systems that need to be kept reasonably in sync, time wise, and NTP is a good way of doing that...

Trains aren't that reliable

[Ithika]

And what makes sure the trains are on time?

But...

[joey_knisch]

I live in an area with buses and a DOT that doesn't give a shit about being 12 seconds early. Oh well. I will continue to use my watch set 5 minutes fast.

However, congrats. I will continue to use your NTP servers for computer related crap well into the future.

Confused

[Alarash]

I'm confused. They are supposed to be a reliable time source, and their home page doesn't even show the current time!

Re:Confused

[bsd4me]

Accurate time is important when you are sharing resources with other computers. One example is running a build on an NFS share. If the file timestamps are wrong, then make may do unnecessary compiles, or skip files. Other protocols, like rsync, use timestamps to try to figure out whether updates are needed.

Re:Confused

[Almost-Retired]

Well now, if you stop and think of it, that would be the worst case scenario one could imagine, cause some dip would leave his web browser sitting on the page watching the clock update itself every second. Do that 10 times and you've used a quite measurable portion of the servers bandwidth.

You would be amazed at the number of folks who figure its allright to do that, I mean its there, why not use it attitude? So no, no admin in his right mind would set that up. Or if he did, he should be dismissed as not being worthy of the job title of a sysadmin.

I swear, the average intelligence of a slashdot post is dropping below the average intelligence at large these days.

So prove me wrong and lets see if there is such a thing in this thread.

However, I'd like to see the instructions for making a server out of one box and keeping the rest of the local system synched to it made more widely available. You have to dig to find them, and I think they are a bit dated but I could reduce the 'client' count by 2 here at home by doing it.

--
Cheers, Gene

Your machine is going to party like it's 1999 ....

[TallMatthew]

What keeps someone from joining the pool and giving out the wrong time?

There are some nifty bits of nastiness that can be delivered when a machine is privy to having its clock changed from afar.

PCs keep lousy time.

What is it with PCs? I've owned several over the last 15 years, and without exception
the clocks simply could not keep accurate time. I've bought 5 buck watches at wal-mart that
kept better time than my PCs. In some cases, they lose (or gain) several (somtimes tens of)
seconds per day.

Is it those Dallas chips that can't keep time? or is it the clock frequency division that
most PCs use?

Re:PCs keep lousy time.

[LuckyStarr]

Try warming your 5 buck watch to 50C (don't know how much that is in F) hold it there for a few hours and then cool it down again to room temperature. Do this every day for a few months.

You will see your 5 buck watch will track the time as good as the Dallas chips.

Temperature affects the speed of clocks.

Re:PCs keep lousy time.

[FuzzyFox]

I remember in high school a guy from the power company came to talk to the class.

He stated that the power company tries very hard to regulate the 60 Hz power, such that, as exactly as possible, the required 5,184,000 cycles are sent out every day. As a result, any electric clock (especially one that uses a motor) would have very accurate time.

So why is it, that an electronic device, which you normally plug right into the wall, can't find a source of accurate time? There's a very reliable source of time information, right on the other side of the power supply, but the computer ignores it!

Re:PCs keep lousy time.

[Almost-Retired]

Thats only as good as the operators on duty when looked at on a shorter term than a daily basis. So I have to tell a story here that illustrates the problem, in this case one that having an NTP setup (which didn't exist except in older protocols in 1978) wouldn't have fixed unless it was applied directly to the generator controls on the power grid.

Anyway, about 2pm my board operator at the tv station I was the CE at came running into my office and said the tape machine was going crazy, he though it was running fast and the on air picture wasn't viewable even after being time base corrected.
He'd put that tape in 3 of them without making it work.

As I walked through the control room I was just barely aware that the air conditioning and all the fans in the transmitter seemed to be working real well. I looked at the tape machine, whose main drive motor was a synchronous type whose speed is locked to the powerline frequency, and it did indeed appear to be running fast by a rather large margin. Looking at a motorized wall clock, I noted it was about 18 minutes faster than my trusty timex. So I timed the wall clock second hand against the timex and came up with a powerline frequency of around 71 hz. Voltage was also up a bit, to about 130 at the wall socket, so my transmitter was running very well indeed.

Calling the local electrickery people, I got a number for the WAPA control center up in Utah someplace and called them up. Argueing with the sexytary for a couple of minutes I finally got through to an operator on duty, introduced myself as the CE at a tv station down in New Mexico and then asked him if his clocks were fast. He first didn't get it, then checked his watch against the wall clock and muttered OMG. He said I'll get that fixed asap and I hung up since there wasn't a watts line account there & Ma Bell was very proud of her daytime business rates...

About 2 minutes later you could hear the fans and stuff gradually slowing down, and it finally settled at about 59hz until time had caught up with the wall clocks again.

I think some folks either got some overtime or got to go home a few minutes early that day, so there were what one could have called collateral damages, if even only to the economy west of the mississippi. The whole west side of the country is all synched up, presumably so is whats east of the river. Anyway, it was such an odd occurance that I still have to grin when I recall it nearly 30 years later. One of those things that couldn't ever happen, but did. :-)

--
Cheers, gene

Why we removed our servers from the pool...

[jafo]

We've run public NTP servers for the better part of a decade now, mostly for the convenience of geographically local folks like the various LUGs. When I found out about the pool, I had our servers added there. Everything was fine for a few months, then over a month we started getting phone calls from firewall admins about how our time servers were attacking their networks. Every time a machine in their network would ask our servers for the time, our servers responded with 10 packets spaced at 1 second intervals, so these improperly configured firewalls were logging a lot of packets from us.

I finally shut it down after one particular call, the third that week, where the caller was rude and abusive when I suggested that he should be doing more investigation about the traffic before calling someone else to complain about it. Being a public service, it's just not something that scales well to have to field these calls. I hated to do it, but it was just too much of a distraction.

I'm not saying that you shouldn't add your servers to the pool... I just thought it was an amusing story.

Sean

Re:Why we removed our servers from the pool...

[wayne]

Every time a machine in their network would ask our servers for the time, our servers responded with 10 packets spaced at 1 second intervals

Uh, your servers are supposed to only reply with *ONE* packet.

That said, I have also had a few people complain to me about my machine attacking them because they have configured their machine to use the NTP pool. Over the last 2 years, it has totalled around 3, so you must have had really bad luck.

Overall, I have been very happy with my involvement with the NTP pool. It has been working very well and I like being to help others out. I have also created a bunch of NTP monitoring scripts to help NTP pool members make sure things are running smoothly. These scripts confirm that being in the pool really doesn't generate that much traffic, so even people with cable modems/DSL (with static IP addresses) can easily participate.

Re:Why we removed our servers from the pool...

[Detritus]

Uh, your servers are supposed to only reply with *ONE* packet.

See the "iburst" keyword in ntp.conf. This results in a burst of ntp packets at startup.

New Way uses HW

[putko]

Supposedly, if you need an accurate timebase, you are supposed to just use GPS (which gives the exact time) instead of relying on a complicated clock protocol.

It is great that NTP is so widely distributed. It is typical that at the moment the old technology is finally working, there is an altogether better solution.

Re:New Way uses HW

What do you mean by "finally working"? It's been working for ages, I've been using public NTP servers much before I found about pool.ntp.org.

Besides, what a GPS receiver gives you is a stratum 1 host. What are you going to do, get a receiver per machine? Of course not, you connect it to one box with a NTP server, and make the rest synchronize with it.

Perhaps the usefulness of public NTP servers is somewhat less now, but they're still good to have. I'm sure at many companies buying a GPS receiver could be complicated, even though accurate time is a very, very nice thing to have these days.

Re:New Way uses HW

[cswiger2005]

GPS does indeed make a wonderful external time reference, and many stratum-1 NTP timeservers are using it.

Of course, most machines locked in a rack in a hosting facility don't have even the slightest chance of seeing enough sky to lock onto GPS, so it's safe to say that NTP's death or obsolesence is premature to announce just yet. :-)

--
-Chuck

PS: O Slashdot wizards, why does Slashdot's posting filter claim ntpq output is lame?
It's a conspiracy, I tell you, to force me to write more text!
Bah, that doesn't work, the lameness filter doesn't like a line filled with "=" signs at all, even if I use an <ecode> tag.

Re:New Way uses HW

[tpgp]

Supposedly, if you need an accurate timebase, you are supposed to just use GPS (which gives the exact time) instead of relying on a complicated clock protocol.

Unless your data center is inside a shielded room / underground / in the center of your building.

It is great that NTP is so widely distributed. It is typical that at the moment the old technology is finally working, there is an altogether better solution.

Its not a better solution - its a better solution in some cases.

NTP has the massive advantage of working anywhere you have a network connection and not requiring expensive hardware (GPS hardware you can attach to a PC & match the reliability of NTP is not your yum-cha $75 GPS unit)

Re:New Way uses HW

[Myself]

Of course, the CDMA cellular network derives its timing directly from a GPS-stabilized clock, and local clock standards that reference a CDMA receiver are available. These work in almost any building short of a full faraday cage. (And some of them can hook directly to a network and serve NTP!)

Also, the 1pps output of a $75 GPS unit is considerably more accurate than NTP if your network is subject to *any* sort of variable delay, which of course packet-based networks are.

Not that NTP isn't useful, just don't expect submillisecond accuracy out of it.

Re:New Way uses HW

[pe1chl]

Even ONE receiver (GPS) can be a problem in an office building with metalized glass windows and no access to the roof.
Also, not everyone wants to setup an antenna on the roof and wire it into the computer room.

For typical computer network purposes (where relative time accuracy is more important than absolute accuracy), NTP is a very good solution. It will get all systems on your lan within milliseconds or better, and the whole network within tens of milliseconds. It will be better than a message-based (non-PPS) GPS receiver connected to all your systems!

When you require nanosecond accuracy, you probably don't need it on all systems in your network.

Re:Your machine is going to party like it's 1999 .

[bsd4me]

A proper NTP implemetation for a computer gathers information from several clock sources. The NTP protocol also has provisions to determine whether a clock is accurate or not based on the responses from other clocks. IIRC, this is called a "false ticker" in the spec.

Re:Your machine is going to party like it's 1999 .

[isj]

What keeps someone from joining the pool and giving out the wrong time?

Nothing.

However, NTP clients uses multiple servers and uses some fairly advanced correlation algorithms to detect outlyers and bad servers. The client configuration is your responsibility. So configure it to use a set of servers that you believe you can trust.

There are some nifty bits of nastiness that can be delivered when a machine is privy to having its clock changed from afar.

Then use the secure protocols.

Re:500

[leonmergen]

... because they clearly need more publicity to reach something like 5,000 :)

Re:500

[Heembo]

Well, would 459 be a notable checkpint? Since most humans use base-10 math these days, 500 is a comfortable and familiar socio-mathematical number in terms of a good notable checkpoint. Now, since we are nerds, I believe that 512 would have been a much greater checkpoint. All praise binary!

Re:Your machine is going to party like it's 1999 .

[wayne]

What keeps someone from joining the pool and giving out the wrong time?

All machines in the NTP pool are monitored for quality and if they are bad enough, they won't be put into the pool.

Also, it is recommended that you have at least 3, maybe up to 5, NTP servers so that you can detect a bad NTP server. (If you have one time server, you won't know that anything is wrong. If you have two, you will know something is wrong, but you won't know which NTP server is bad. If you have three or more, you can pick the best one.)

Re:500

[wayne]

Why is 500 servers notable?

Last year, the pool was falling behind on servers. More clients were joining than servers, so the load on each server was growing. Since then, Ask Bjørn Hansen has created a bunch of automated scripts to handle all of the servers and the server growth has taken off. We still need more servers, and 500 is a nice round number to give as an excuse to say "Please join the NTP pool!".

Recommended NTP clients

[ZorroXXX]

Since nobody has mentioned anything about clients yet, here are my suggestions:

• Linux: Chrony. Works very well for dial-up when you not are connected all the time.
• Windows: NetTime. Although no longer an active project, this program still works perfectly and is in my opinion better than the "official" windows service.

I run a pool server: some interesting bits

[Nelson+Minar]

Debian's default NTP configuration is to get time from pool.ntp.org. This is a significant contribution to the Linux world, similar to how Microsoft and Apple provide NTP service to their customers. Yay for us!

There is modest protection against bad servers in the pool. The time from pool servers is monitored and if a server seems insane it's taken out of the rotation.

My pool server gets about 14 requests a second from about 100,000 different IP addresses a day. Sadly, a lot of those requests are junk; 100 IP addresses account for 1/3 of all the requests I get. Fortunately NTP is a very lightweight protocol, so you can mostly ignore the spammy clients.

UIC's "unofficial" time server

[jms]

Back when I was a university system programmer, I had an officemate named Tim. One day, Tim was poking around and discovered that hundreds of computers all across campus were synchronizing their clocks to his desktop workstation. He quickly figured out why.

The naming standard for desktop machines was to take the employee's first name and concatinate it with the first letter of their last name. So my desktop machine was named "johns.cc.uic.edu". Tim's machine was named "time.cc.uic.edu" because his last name began with "E". (cc meaning a "computer center" machine.)

Apparently many many university departments and users poked around and discovered what was obviously an official time server and configured their computers to synchronize to Tim's desktop machine. Tim, of course, had set his computer's clock by the office clock and never given it a second thought.

Stratums

[bsd4me]

It would also be nice if ISPs would set up their own pools (and advertise them) so clients wouldn't have to go off network, and then if end-users would would set up their own pool for their networks. Not every machine that needs accurate time has to be at stratum-2 or stratum-3, especially workstations. The NTP Pool website makes it look like it is a good idea if every machine on a network syncs to the NTP Pool, instead of setting up internal servers, which is how NTP is really designed to work.

Re:Stratums

[Gerald]

Try this:

    - Traceroute off your network, e.g. to cnn.com
    - For each hop in the route, run 'ntpdate -q '

9 times out of 10, you'll find an NTP server one or two hops away.

Re:wow...

[jherrick]

Or spell-checking software!

Re:Your machine is going to party like it's 1999 .

[OneSmartFellow]

Two main design decisions preclude this from causing disaster.

1.) A proper NTP implementation will only normally change the skew of your clock, so it speeds up or slows down, but does not jump around.

2.) A proper NTP implementation will assume that a clock with a large variance compared to other sources is unreliable, and so it will try not to use it. Of course this assumes you have more than one time source available (and configured).

Auto-configure ntp via dhcp

[jrp2]

"It would also be nice if ISPs would set up their own pools (and advertise them) so clients wouldn't have to go off network"

Agreed. Most do, but as you mention, don't advertise them. I am not sure how many people would actually know what to do with them if they were advertised though.

It would be quite slick if they advertised them via DHCP, and clients used that info to auto-configure their ntp client. All quite possible and very easy to do by the ISP. NTP servers can be advertised via dhcp.

http://gentoo-wiki.com/HOWTO_NTP

http://www.greyware.com/software/domaintime/techni cal/architecture/dhcp.asp

Re:Public NTP server?

[htmlboy]

what constitutes a "public" NTP server - the DNS name, or its inclusion on a particular published list?

in this context, public probably means that the server's listed by pool.ntp.org. isc also maintains a list of stratum 1 and 2 servers, some of which are publicly-accessible.

Re:more useful for nfs, clustering

[ThaFooz]

other than that I don't think I'd bother. a couple of minutes here or there hardly matters.

Yeah, I didn't think it mattered too much on non-critical systems either. Then I ran MythTV and missed the last couple minutes on my Futurama episodes. Never again.