Slashdot Mirror

← Back to Stories (view on slashdot.org)

NTP's Fate Hinges On "Father Time"

Posted by samzenpus on from the time-will-tell dept.

Esther Schindler writes In April, one of the open source code movement's first and biggest success stories, the Network Time Protocol, will reach a decision point, writes Charlie Babcock. At 30 years old, will NTP continue as the preeminent time synchronization system for Macs, Windows, and Linux computers and most servers on networks? Or will this protocol go into a decline marked by drastically slowed development, fewer bug fixes, and greater security risks for the computers that use it? The question hinges to a surprising degree on the personal finances of a 59-year-old technologist in Talent, Ore., named Harlan Stenn.

50 of 287 comments (clear)

  1. Fewer bug fixes? by Anonymous Coward · · Score: 3, Insightful

    What the hell is there to fix in a protocol solely designed to return a string of numbers?

    1. Re:Fewer bug fixes? by nitehawk214 · · Score: 4, Interesting

      If it is not broke, fix it until it is.

      Is this what keeps projects alive?

      --
      I'm a good cook. I'm a fantastic eater. - Steven Brust
    2. Re:Fewer bug fixes? by BitZtream · · Score: 5, Interesting

      NTP doesn't just 'return a string of numbers'.

      But either way, the article isn't about NTP the protocol, its about one shitty implementation of NTP that I don't think anyone even uses anymore. Windows and OS X certainly don't.

      The summary and headline are equivalent to saying 'Netscape is going out of business, HTTP in danger of disappearing'

      If he were to drop dead right this instant ... no one that matters would notice beyond his family.

      --
      Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
    3. Re:Fewer bug fixes? by Anonymous Coward · · Score: 4, Insightful

      If it is not broke, fix it until it is.

      Is this what keeps projects alive?

      Yep. New is always better, because shiny.

    4. Re:Fewer bug fixes? by garyisabusyguy · · Score: 5, Informative

      Feeling grumpy?
      From page 2 of the linked article:
      Apple Macintosh computers and servers running OSX use NTP, and Stenn said Apple developers have called him for help on several NTP issues. In the last such incident, he said he delayed a patch to give Apple more time to prepare OS X for it. When they were ready, he applied the patch and asked "whether Apple could send a donation to the Network Time Foundation," Stenn recalled. "They said they would do their best to see that Apple throws some money our way." But it hasn't happened yet.

      Apparently somebody is under the impression that OSX still uses it, unfortunately this is how the business majors deal withit:
      "Everybody loves us," Stenn said. "But people with money say, 'We don't give to open source projects.'"
      http://www.informationweek.com...

      --
      Wherever You Go, There You Are
    5. Re:Fewer bug fixes? by msauve · · Score: 3, Interesting
      So, what implementation of the NTP protocol do you use? Chrony?

      The reference implementation, which is the subject of the article, is what's used by pretty much everyone. Name a significant OS/distribution which doesn't use ntpd.

      Oh, and that includes OS X, contrary to your incorrect claim:

      macmini-2:~ msauve$ ntpd --version
      ntpd - NTP daemon program - Ver. 4.2.6

      --OS X Yosemite

      You are correct about one thing - it is a shitty implementation. It doesn't even follow RFC 5905, which it's supposed to be the reference for.

      --
      "National Security is the chief cause of national insecurity." - Celine's First Law
    6. Re:Fewer bug fixes? by Anonymous Coward · · Score: 5, Insightful

      "Everybody loves us," Stenn said. "But people with money say, 'We don't give to open source projects.'"

      They don't give to GPL projects.

      They hire BSD developers (CUPS, Clang, etc) because they can keep the parts closed they want.

    7. Re: Fewer bug fixes? by kthreadd · · Score: 2

      Red Hat Enterprise Linux uses Chrony by default since release 7.0.

    8. Re:Fewer bug fixes? by Crashmarik · · Score: 4, Interesting

      So he patched for and worked with Apple and they said we'll see ?

      If his time isn't valuable to him why should it be to Apple ? Next time they call he should tell them he can't talk to them unless they fax back a block time purchase agreement with either a check or credit card and a statement they won't charge back.

    9. Re:Fewer bug fixes? by f3rret · · Score: 5, Informative

      NTP doesn't just 'return a string of numbers'.

      No, sometimes it returns A lot of strings of numbers.

      --
      Admit nothing. Deny Everything. Make Counter-accusations.
    10. Re:Fewer bug fixes? by gnasher719 · · Score: 5, Informative

      So he patched for and worked with Apple and they said we'll see ?

      The way he did this, it is probably difficult for the responsible person at Apple to actually pay him. He should have offered to do the work as a contractor, someone would have found money in a budget, and when he sends a bill for five days contracting work they pay the bill. That's how it works.

      He seems to be asking for a donation to an open source project. How can someone at a commercial company put that in a budget? The financial guys say "is there any legal reason why we have to pay this money", the answer is no, so it won't get paid.

    11. Re:Fewer bug fixes? by hairyfeet · · Score: 2

      Windows uses the Windows Time Service which IIRC is compatible with but NOT ntpd which is why there is a port of ntpd for Windows if you would desire to use it.

      --
      ACs don't waste your time replying, your posts are never seen by me.
    12. Re:Fewer bug fixes? by RabidReindeer · · Score: 2

      What the hell is there to fix in a protocol solely designed to return a string of numbers?

      Yeah. All You Have To Do Is...

      (screams)

    13. Re: Fewer bug fixes? by Anonymous Coward · · Score: 5, Funny

      systemd will perform the functionality at some point.

    14. Re: Fewer bug fixes? by jcdr · · Score: 5, Informative

      Already done for the client part of the NTP: systemd-timesyncd

    15. Re:Fewer bug fixes? by Anonymous Coward · · Score: 2, Informative

      NTP is not GPL.

      See http://www.ntp.org/copyright

  2. /. is not kickstarter by borcharc · · Score: 2, Insightful

    stop hitting us up for money

    1. Re:/. is not kickstarter by snowsnoot · · Score: 5, Insightful

      Yes but there are an assload of companies out there making a shit-tonne of cash using these FOSS programs and not contributing in any way whatsoever. Its a complete disgrace and they should be exposed for the cheapskates they are.

    2. Re:/. is not kickstarter by Anonymous Coward · · Score: 2, Informative

      And nobody is putting a gun to the corporations head to make them give money.

      Just because something is legal doesn't mean it's not assholish and deserving of public shame.

    3. Re:/. is not kickstarter by silentcoder · · Score: 2

      >The software author has the power to control the licence

      Except when, like here, it's not the original author. Stenn is maintaining the code and has been for a long time, but NTP was originally written by David Mills.
      Mills didn't have the associated costs that Stenn has to deal with - he could do it as a hobby, Stenn can't - that's not viable for NTP today anymore.

      Mills is long retired, but HE holds the original copyright and only HE could change the license.

      Now of course Stenn could just walk away and go do something more lucrative and, indeed, if funding doesn't pick up that's exactly what he will have to do but he can't change the license of NTP and if he could the entire internet would pretty much collapse (indeed if Mills had not used a free license - the internet probably wouldn't EXIST).

      --
      Unicode killed the ASCII-art *
    4. Re:/. is not kickstarter by inflex · · Score: 4, Insightful

      I really don't see the internet collapsing from him walking away. If it was a legitimate issue it'd be quickly picked up by another party, commercial or otherwise. I'd suggest he does just walk away from it. Even if a lot of money was pushed his way, I'm willing to speculate that he's burned out from all those hours (100/wk?) over the years and now wants to just set things up for a new person, step out, and close the door; been there, done that.

      If we ceased having any NTP servers, then there's a more likely internet collapse scenario. The current NTP software seems to have been doing pretty good over the last couple of decades; or is there something that's progressively changing?

      I appreciate that the guy has put a lot of work in to it, a lot of us (OSS developers) have and it's a passion more than anything else; if you get money out of it, it's a bonus, but one should never engage in it thinking there'll be any rewards other than seeing that the software itself grows and maybe a little bit of acknowledgement of what you've done. The OSS community can't get all up in arms with disgust when large corps use our software to help them progress, while not all corps give back to all projects, there's still a lot of stuff that is given back, or donated, even when not legally required.

      The ethics of earning money off the back of OSS could be debated, but that's a whole different sphere. A lot of us already donate a lot of money already to various OSS projects as a nice feel-good gesture as well as a way to encourage further developments.

  3. Bugs? by YrWrstNtmr · · Score: 2

    Given 30 years, a single protocol, and 'many eyes'...what is there to fix or update?

    1. Re:Bugs? by garyisabusyguy · · Score: 5, Informative

      Here is an interesting interview with Harlan Stenn at the 2013 Google Summer of Code
      https://www.youtube.com/watch?...

      Apparently he is keeping 7 doctoral and post-doc students busy working on timestamps, noise and 'something' that he did not seem to have a firm grasp on
      He also mentioned a need for admins, a webmail guy and people who want to do documentation

      Having been handed projects after a leads retirement, I think that documentation may be the more pressing need

      --
      Wherever You Go, There You Are
    2. Re:Bugs? by mjgday · · Score: 2

      I think that documentation may be the more pressing need

      But the code IS the documentation!!!!

      --
      foo
  4. Not only finances are an issue by macraig · · Score: 5, Insightful

    At 59 years old, statistically Mr. Stenn isn't going to live long enough to maintain NTP for another 30 years. Perhaps something so crucial should be a voluntary communal effort?

    1. Re:Not only finances are an issue by invictusvoyd · · Score: 3, Funny

      I think it will be forked if there is a need to do so . I dont see the point in this article.

    2. Re:Not only finances are an issue by Anonymous Coward · · Score: 5, Interesting

      And at the Google Summer of Code summits I've seen the NTP devs (I can't say if it was him or not) stand up in front of a couple hundred FOSS project leaders begging for help with their bus factor problem.

      This sort of infrastructure code is at once niche, genuinely hard work, demanding the highest quality programming skill, unrewarded, non-sexy,
      and vitally important to the world.

  5. Protocol vs software that implements it by QuietLagoon · · Score: 5, Insightful
    The summary makes the mistake of conflating the NTP protocol with the messy NTP software developed by ntp.org.

    .
    Hopefully the ntp.org software fades away.

    However, the Network Time Protocol should live on in more secure and more easily maintained implementations (e.g., NTimed and OpenNTPd).

    1. Re:Protocol vs software that implements it by Dog-Cow · · Score: 5, Funny

      You should try to keep up. :)

      He doesn't have time.

    2. Re:Protocol vs software that implements it by Anonymous Coward · · Score: 2, Informative

      The timekeeping of openntpd is normally quite good, but there can be really large outliers (up to several 100 ms) which is totally unacceptable for most use cases. Not so much that the time is wrong by 100 ms (almost noone cares) but the fact that it slews the clock way fast/slow to get there messes up many things.

      It also cannot correctly deliver time to other systems, as it claims to be way more accurate than it is.

  6. 100 hours a week? by Anonymous Coward · · Score: 4, Interesting

    For the last three-and-a-half years, Stenn said he's worked 100-plus hours a week answering emails, accepting patches, rewriting patches to work across multiple operating systems, piecing together new releases, and administering the NTP mailing list.

    100 hours a week to maintain NTP? How much of that comes down to answering emails that maybe don't need to be answered? I have a ton of respect for Mr. Stenn, whose name, incidentally, I don't think I'd ever heard until today despite having two systems in pool.ntp.org for years and using NTP in or on nearly every device I've owned for two decades. But there's simply no way there's enough going on in NTP to generate 100 hours of work per week. I see the changelog is active and fresh, but I still can't imagine those releases driving a "crunch time" developer schedule, week in and week out for 3+ years.

    I hope he backs away from the email before tossing in his hat entirely. Engaging random strangers in thoughtful discussion is probably consuming a lot more of his time than it needs to, and maybe more than he's noticing.

    1. Re:100 hours a week? by Dutch+Gun · · Score: 5, Insightful

      For someone who's so deeply invested in managing the Network Time Protocol, this dude really doesn't seem to be able to manage his time very well.

      --
      Irony: Agile development has too much intertia to be abandoned now.
  7. Re:someone should check... by Holistic+Missile · · Score: 2

    Actually, it will fail the second after 03:14:07 on January 19, 2038 UTC. It's a Tuesday.

    --
    When you're dead, you don't know you're dead. It only affects the people around you. Same thing when you're stupid.
  8. Re:Windows uses NTP now? by suutar · · Score: 2

    yeah, on my personal laptop (not part of a domain) the Date and Time window has a tab named "Internet Time" that my work laptop doesn't. That's NTP (or was last time I actually dug into it), though their list of servers is kinda small.

  9. I have two problems with this article. by tlambert · · Score: 4, Funny

    I have two problems with this article.

    (1) $7,000/month * 12 months + additional $12,000/year = $96,000/year, not including any other contributions that come into his non-profit on top of that.

    (2) Most of the need for NTP is driven by bad protocol design in client/server software.

    NFS, for example, would not need synchronized time if the client would include a "this is my idea of the current time" timestamp in time related requests, e.g. "set mtime".

    The server then does:

    (clients idea of current time) - (clients desired mtime) + (servers idea of current time) = mtime to set on server

    Voila: everything is consistent, clocks don't need synchronized between the client and the server.

    Bonus points: network latency adjustment is automatic; no need to go off and implement PTP to get an even more precise version of NTP.

    So most of this is a problem we've brought on ourselves by stupidly assuming a client and a server need synchronized time values in the first place, and then designing asinine protocol that build this assumption into the infrastructure built on top of those protocols.

    Maybe instead of making NTP more reliable - at a pretty high expense for the small town in Oregon where he lives, and the cost of living is relatively low - we should work to get the rest of our infrastructure away from being addicted to having a synchronized time base in the first place?

    PS: Yes, I brought this issue up in the IETF when NFSv4 was being designed in the first place.

    1. Re:I have two problems with this article. by Trepidity · · Score: 2

      Didn't the NFSv4 design decision to use Kerberos for authentication mean that some kind of time sync would be needed anyway whether NFS itself mandated it or not, since Kerberos relies on synchronized clocks?

      --
      10 PRINT CHR$(205.5+RND(1)); : GOTO 10
    2. Re: I have two problems with this article. by BitZtream · · Score: 2

      It is impossible to "synchronize" time between gravity wells because time ticks at different rates.

      No, it doesn't.

      It is observed differently.

      Keeping the observations in sync is easy, you base your ticks so they synchronize with ticks of a stationary object in free space. So if you happen to be near a black hole, your clock has to 'tick' much much faster to stay 'in sync' with the pacemaker. Its trivial to synchronize clocks since time is an arbitrary measurement.

      --
      Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
    3. Re:I have two problems with this article. by caseih · · Score: 2

      Correct. Kerberos requires a reasonable synchronization of system clocks in order to work. Thus NFSv4 indirectly requires some form of time synchronization.

    4. Re:I have two problems with this article. by gl4ss · · Score: 2

      time synchro service doesn't need to care about timezones, daylight savings or such.

      the client operating system needs to know it's relation to utc.

      --
      world was created 5 seconds before this post as it is.
    5. Re:I have two problems with this article. by tlambert · · Score: 3

      Correct. Kerberos requires a reasonable synchronization of system clocks in order to work. Thus NFSv4 indirectly requires some form of time synchronization.

      Only if you do not also update the Kerberos protocol.

    6. Re:I have two problems with this article. by dAzED1 · · Score: 4, Insightful

      you, know - you're right. Instead of having a simple, lightweight protocol that keeps time accurate across the globe, to the tiniest portion of a second...we should have every single time-sensitive thing on every single machine everywhere re-write their own time service. That way, not only will everything suddenly become substantially more noisy, but risk factors will go through the roof and code complexity across all of the IT universe will dramatically increase! Or, we could just use the tiny, lightweight, extremely accurate tool that's been doing it very well for decades. Damn, such hard decisions...

    7. Re:I have two problems with this article. by tlambert · · Score: 2

      "network latency adjustment is automatic" - I don't understand this statement.
      If you are only taking two time stamps - client transmit and server receive - then you have no information about the network latency.

      You don't NEED information about the latency, as long as the latency in both directions is equal. It's going to be included in the delta + now on the mtime set, and it's going to be subtracted back out on the -delta + mtime stat on the way back.

      As long as it round-trips like this, the latency is actually immaterial. Which is the point, since your latency between your NTP source and your file server vs. your latency between your NTP source and your file server client can be unequal, which will screw your time sync to hell for client/server communications. This is something that NTP can't account for, but which PTP *can* (which is why it had to be invented), and which is irrelevant, if you are sending around delta calculations.

      PS: The reason you send around two factors for the delta calculation, rather than just the delta itself is to *allow* protocols like NTP and PTP to sync the clocks without everything being screwed up by that happening, but it's not *necessary* to sync the clocks, it's just *allowed*.

    8. Re:I have two problems with this article. by jcdr · · Score: 2

      It would be a giant step forward if NTP will be able to broadcast TAI, the leap second table, and the timezone database.

      The leap second table and the timezone database are dynamic informations that need to be updated at least 2 times per years. You can arg that this can be done using the operating system upgrade, but the reality is that many machines will not be updated for whatever bad reasons. So carrying the informations using NTP (or PTP or GPS for that matter) will be an clear advantage.

  10. Summary of above post by dbIII · · Score: 3, Informative

    It's just a computer. It only has to work. How hard can it be?
    Wasn't that ridiculous
    NTP is also not trivial due to among many other things the large amount of clock drift on a lot of motherboards. If you had an alarm clock that lost an hour in a week you would throw it away, but that's seen as acceptable even for some server boards. So then you fetch the time but it takes time for the signal to get to you, so the time is out of date by the time you get it - which then means trying to work out how long it takes for the time signal to get to you. There's plenty more after that.

    1. Re:Summary of above post by Darinbob · · Score: 2

      Now add security, because if someone is spoofing the time they can really mess things up badly in a lot of ways.

  11. Re:There are 3 types of time that matter to comput by dAzED1 · · Score: 3, Insightful

    I'm just staring at your comment and blinking, because...wow. Even if I ignore #1&2, #3..."and is typically only an issue for calendaring and scheduling." How about queuing? How about clustering? How about expiration of millions of things (tokens, certs, leases, etc). How about practically everything your computer is doing? Unless you're meaning to say that everything really does boil down to "calendaring" and "scheduling," and you're not just making some Outlook comment. If timing wasn't important, there wouldn't be circuits dedicated to keeping it, on practically every electronic device on the planet.

  12. No business sense by melchoir55 · · Score: 4, Insightful

    It is absurd to expect a corporation of any size to "toss something your way". He should have told apple, when it mattered to them, that they could pay a service fee to have him delay the patch for their benefit. No, this isn't how you want to deal with individual people. Yes, this is how you must deal with a corporation.

    Life lesson: mega corps don't even care for the people they employ, and much less people outside the corporation. A corp is an abstract non-human entity. It doesn't deserve your charity.

    1. Re:No business sense by Pi1grim · · Score: 2

      Not to protect douchebag apple guys, but even if developers who contacted the "NTP dad" wanted Apple to throw a donation, then it would be real hard to push by the accounting. If they, on the other hand would be billed for "3rd party expert services" - noone would blink an eye, so, yes, if a large corporation contacts you asking to help fix something - send them a bill first.

    2. Re:No business sense by TFlan91 · · Score: 4, Funny

      "A corp is an abstract non-human entity"

      I know of 9 judges who would tell you otherwise.

  13. I am one of the ntpd maintainers by Terje+Mathisen · · Score: 5, Interesting

    I've been on the "NTP Hackers" mailing list for ~15 years now, my last major effort was to develop a server-optimized multi-threaded version of the core ntpd sw: I was hoping for wire speed packet processing on an embedded linux platform, but had to settle for 3-500 Mbit/s since the target kernel version did not support multi-thread targeting of incoming packets, i.e. I needed to have a single receive thread which would fetch the incoming packets, timestamp them and queue them up, then all the other threads/cores would grab them from there.

    Back to the "why are there bugs in such a trivial protocol?" question:

    By far the biggest cause of required effort when trying to modify or optimize the NTPD distribution is the need to support a big number of OSs and even larger number of OS versions, some of them more than 20 years old, even if the main targets are Unix-like or Windows.

    The second problem is the need to support 30+ reference clocks, with all sorts of OS/version specific interfaces needed in order to timestamp events as accurately as possible.

    The third and final major stumbling block is all the crypto stuff, which got added in order to be able to authenticate both time packets and monitoring/configuration requests, and this is where the latest major bugs have been found.

    PHK (who is working on Ntimed) has spent a lot of time on NTP, including his time as a core FreeBSD hacker when he made sure that the FBSD had the best possible timekeeping kernel. This is the reason that my personal pool server has always used FreeBSD.

    If your only need is to get 0.1s level time sync on a number of client only machines, then it really doesn't matter how you implement the NTP protocol, except that you should really try to measure and adjust the local clock frequency so as to track the reference time!

    The default Windows time code implements Simple NTP (SNTP) which uses the NTP packet format but doesn't try to implement the proper control loop to steer the local clock, instead it just yanks the OS clock resulting in a sawtooth-like pattern of clock offsets.

    Terje

    --
    "almost all programming can be viewed as an exercise in caching"