Transcript PowerPoint Presentation - NTP

NTP
Network Time Protocol
Nóirín Plunkett
A Short French Lesson
 TAI – Temps Atomique International
 International Atomic Time
 UTC – Temps Universel Coordonné
 Universal Co-ordinated Time
 BIH – Bureau International de l’Heure
 International Time Bureau
Second
 SI Unit
 9,192,631,770 periods of the radiation
corresponding to the transition between the
two hyperfine levels of the ground state of
the caesium-133 atom
Brief History of Time






Second defined in 1967
UTC started on 1st January 1972
RFC 778, 1981 - Internet Clock Service
RFC 958, 1985 - description of NTP
RFC 1059, 1988 - NTPv1, protocol & algorithms
RFC 1305, 1992 - NTPv3, formal correctness
principles
 NTPv4 in use, not yet formalised
Real World
 “Time is what prevents everything from
happening at once.” - J.A. Wheeler
 Correlating logs of events
 Cryptographic expiries
 Air Traffic Control
 GPS
 Networking
Atomic Time
 260 atomic clocks in 40 labs contribute to
the international time standards contribute
to TAI
 Radio broadcasts
 DCF77, Physikalisch-Technische
Bundesanstalt, Braunschweig (77.5kHz)
 GPS based on US Naval Observatory, DC
NTP and UTC
 NTP is based on UTC
 NTP has no memory
 Every leap-second, NTP ‘resets’ itself to the
current UTC value
 Using a clock synchronised to UTC in 2005
to calculate the time of an event in early
1972 would result in 22 seconds difference
What NTP Does
 Provide most accurate time possible, based on ‘reference
time’ - not just syncing to a common time
 Keep in sync with leap seconds
 Ignore ‘falsetickers’ - clocks it could use for reference, but
which provide an apparently wrong time
 Use previous figures to estimate current difference
between system time and reference time, in the absence of
a network connection
What NTP Does Not
 Convert NTP timestamps into system time format
 Set the hardware clock
 Handle time-zones/summer time
 Recognise when the system clock is far off and
accept apparent ‘falsetickers’ as true
Some Definitions
 Reference clock - a device which gives a
known accurate time
 Accuracy - the difference between the value
of a measurement and the actual measurand
 Precision - how close two measurements of
the same value are
Precision vs Accuracy
 Exp I - Imprecise,
inaccurate
 Exp II - Imprecise,
accurate
 Exp III - Precise,
inaccurate
 Exp IV - Precise,
accurate
(image source)
NTP Packet
 UDP Packet
 Request
 Time of client system clock at sending
 Response
 Time of client system clock at sending
 Time of receipt at server
 Time of server system clock at sending
NTP Timestamp
 64-bit number
 First 32 bits represent seconds since 00:00,
January 1st, 1900
 Next 32 bits represent fractions of a second
 Sat, Nov 19 2005 19:27:30.869
 c729fb22.de8afc9d
 11000111 00101001 11111011 00100010 .
11011110 10001010 11111100 10011101
More Definitions
 Latency - the time taken for a packet to
reach its destination
 Round trip time - the time taken between
the client sending out a packet, and
receiving a response to that packet from the
server
 Jitter - variability of latency over time
Timestamps in Packets
 Client sends packet - T1
 Server receives packet, adds receipt
timestamp - T2
 Server prepares packet to send to client,
adds sending timestamp - T3
 Client receives packet - T4
 Latency client -> server = (T2-T1)
 Latency server -> client = (T4-T3)
Round Trip Times




Actual RTT =
(T4-T1)
Network RTT =
(T2-T1) + (T4-T3)
Latencies =
(T2-T1), (T4-T3)
If latencies are symmetric (within reason),
(T1+T4) = (T2+T3)
 If (T1+T4) != (T2+T3), our estimate of clock
offset is (T1+T4) - (T2+T3)
Truechimers & Falsetickers
 Multiple servers providing time estimates
 If the majority of servers provide a
consistent time - they’re probably right
 If there are one or two outliers - they’re
probably wrong
Peering
 Client should peer with multiple servers
(image source)
Law of Averages
 Peering with multiple servers makes for more
reliable results
 Falsetickers will be easier to identify
 Truechimers will be more useful (because more servers
means we can dismiss borderline true/false)
 Assumptions become statistically more reliable
 Latency symmetry
 Clock regularity
Problems with Peering
 Loops
 NTP prevents loops, through spanning-tree
mechanism
 Layers
 NTP prevents there being more than fourteen
layers, by using strata
Strata
 Radio clock - Stratum 0
 Computer running NTP syncing from radio
clock - Stratum 1
 Computer syncing from Stratum n NTP
server - Stratum n+1
 Server unreachable - Stratum 16
Lies, Damn Lies
 NTP checks that values are consistent with
previous measurements
 Deals with sudden changes in network/system load
 Allows NTP to ‘guess’, in case of network failure
 If values are very different from previously, but
remain consistent, NTP accepts that local clock
may be falseticker
Clocks
 Hardware clock - quartz crystal
 Software clock - interrupt-driven timer
chips
 Software clock more accurate for judging
interval between two times
 Both need to be set to correct time
Problems
 Inaccurate time needs to be corrected
 Massive time changes are undesirable
 Time travel is undesirable
 Skipping seconds is bad
 Going backwards is not allowed
 Best way of balancing all this is to slow
down/speed up time
 This only works with computers, and in the
movies!
Exceptions
 On system boot-up, time can be set,
regardless of offset from previous time
 init scripts are aware of this, bootup expects it,
nothing should break
 Computers do what they’re told - regardless
of what the admin intended
 If an admin tells the system to update its time, it
updates. Things may break.
Phase Lock Loops
 Raises (or lowers) frequency of an oscillator until it
matches a reference frequency
 Pauses oscillator as necessary to match ref. phase
More on PLL
 Seconds can be speeded up or slowed down,
until they happen as often as reference clock
- frequency is matched
 NTP can also use this speed change to
match the phase - some PLLs will stop the
oscillator momentarily to do this
NTP Traffic
 ntp.maths.tcd.ie
 Stratum 1 server, syncing from radio clock
Daily Peak
 Graph dates from IST - blip occurring at 1am local
time
After IST Ends
 Peak remains - still at midnight GMT
Daylight Savings Time
 NTP is time-zone agnostic
Daylight Savings Time Ends
 2005-W43-7 - Daylight Savings Time ends
Strange Happenings
References




RFC 1305
http://www.ntp.isc.org
http://www.eecis.udel.edu/~mills/
ntp.maths.tcd.ie