Introduction
NTP (Network Time Protocol) is used to synchronize computer clocks over a network. Accurate time is critical for logging, authentication, financial transactions, and distributed systems.
This comprehensive guide covers NTP protocol mechanics, stratum hierarchy, implementation, and configuration.
What is NTP?
NTP uses a hierarchical system of time sources called strata. It synchronizes clients to authoritative time sources with millisecond accuracy.
Stratum Levels
| Stratum | Description | Example |
|---|---|---|
| 0 | Reference clocks | GPS, atomic clocks |
| 1 | Primary servers | Stratum-1 servers |
| 2 | Secondary servers | NTP pool servers |
| 3 | Further servers | Additional layers |
Protocol Mechanics
NTP Packet
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+---------------------------+---------------------------+
| LI | VN | Mode | Stratum | Poll | Precision |
+---------------------------+---------------------------+
| Root Delay |
+---------------------------------------------------------------+
| Root Dispersion |
+---------------------------------------------------------------+
| Reference Identifier |
+---------------------------------------------------------------+
| Reference Timestamp |
+---------------------------------------------------------------+
| Originate Timestamp |
+---------------------------------------------------------------+
| Receive Timestamp |
+---------------------------------------------------------------+
| Transmit Timestamp |
+---------------------------------------------------------------+
| Authenticator (optional) |
+---------------------------------------------------------------+
Timestamp Format
NTP uses a 64-bit timestamp: 32 bits for seconds, 32 bits for fractional seconds.
Client Configuration
chrony (Recommended)
# Install
apt install chrony
# /etc/chrony/chrony.conf
# Pool servers
server 0.pool.ntp.org iburst
server 1.pool.ntp.org iburst
server 2.pool.ntp.org iburst
server 3.pool.ntp.org iburst
# Allow local network
allow 192.168.0.0/16
# Set command port
bindcmdaddress 127.0.0.1
bindcmdaddress ::1
ntpd
# /etc/ntp.conf
# Pool servers
server 0.pool.ntp.org iburst
server 1.pool.ntp.org iburst
server 2.pool.ntp.org iburst
server 3.pool.ntp.org iburst
# Drift file
driftfile /var/lib/ntp/ntp.drift
# Restrict access
restrict -4 default kod notrap nomodify nopeer noquery
restrict -6 default kod notrap nomodify nopeer noquery
Verification
chrony
# Check sources
chronyc sources
# Check tracking
chronyc tracking
# Check activity
chronyc activity
ntpd
# Query peers
ntpq -p
# Check status
ntpstat
Python NTP Client
import socket
import struct
import time
def get_ntp_time(host='pool.ntp.org', port=123):
"""Query NTP server and return timestamp"""
NTP_PACKET_FORMAT = '!12I'
NTP_MODE_CLIENT = 3
NTP_VERSION = 3
# Create NTP request packet
packet = struct.pack(NTP_PACKET_FORMAT,
(NTP_VERSION << 3 | NTP_MODE_CLIENT), # LI, Version, Mode
0, 0, 0, 0, # Root Delay, Root Dispersion
0, # Reference Identifier
0, 0, 0, # Reference Timestamp
0, 0, 0, # Originate Timestamp
0, 0, 0 # Receive, Transmit Timestamp
)
# Send request
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
sock.sendto(packet, (host, port))
# Receive response
packet, addr = sock.recvfrom(1024)
sock.close()
# Parse response
unpacked = struct.unpack(NTP_PACKET_FORMAT, packet)
# Extract transmit timestamp (index 10)
int_part = unpacked[10]
frac_part = unpacked[11]
# Convert to Unix timestamp
ntp_epoch = 2208988800 # NTP starts 1900
timestamp = int_part - ntp_epoch
return timestamp
# Usage
timestamp = get_ntp_time()
print(f"NTP Time: {time.ctime(timestamp)}")
Security
NTS (NTP Secure)
# chrony with NTS
server time.cloudflare.com nts iburst
Authentication
# /etc/chrony/chrony.conf
# Enable key authentication
cmdport 323
bindcmdaddress 127.0.0.1
Best Practices
- Use multiple time sources
- Prefer local NTP servers
- Monitor time offset
- Use NTS when available
- Configure appropriate poll intervals
Conclusion
NTP is essential for maintaining accurate time across networked systems. Proper time synchronization is critical for security, logging, and distributed applications.
Comments