Network Time Protocol

The Network Time Protocol (NTP) is a networking protocol for clock synchronization between computer
systems over packet-switched, variable-latency data networks. In operation since before 1985, NTP is one of
the oldest Internet protocols in current use. NTP was designed by David L. Mills of the University of
Delaware.

NTP is intended to synchronize all participating computers to within a few milliseconds of Coordinated
Universal Time (UTC).[1]:3 It uses the intersection algorithm, a modified version of Marzullo's algorithm, to
select accurate time servers and is designed to mitigate the effects of variable network latency. NTP can
usually maintain time to within tens of milliseconds over the public Internet, and can achieve better than one
millisecond accuracy in local area networks under ideal conditions. Asymmetric routes and network
congestion can cause errors of 100 ms or more.[2][3]

The protocol is usually described in terms of a client-server model, but can as easily be used in peer-to-peer
relationships where both peers consider the other to be a potential time source.[1]:20 Implementations send
and receive timestamps using the User Datagram Protocol (UDP) on port number 123.[4][5] They can also
use broadcasting or multicasting, where clients passively listen to time updates after an initial round-trip
calibrating exchange.[3] NTP supplies a warning of any impending leap second adjustment, but no
information about local time zones or daylight saving time is transmitted.[2][3]

The current protocol is version 4 (NTPv4), which is a proposed standard as documented in RFC 5905 (http
s://tools.ietf.org/html/rfc5905). It is backward compatible with version 3, specified in RFC 1305 (https://tool
s.ietf.org/html/rfc1305).

Contents
History
Clock strata
Timestamps
Clock synchronization algorithm
Software implementations
Reference implementation
SNTP
Windows Time
OpenNTPD
Ntimed
NTPsec
chrony
Leap seconds
Security concerns
See also
Notes
References
Further reading
External links

History

In 1979, network time synchronization technology was used in what was

possibly the first public demonstration of Internet services running over a
trans-Atlantic satellite network, at the National Computer Conference in
New York. The technology was later described in the 1981 Internet
Engineering Note (IEN) 173[17] and a public protocol was developed from it
that was documented in RFC 778 (https://tools.ietf.org/html/rfc778). The
technology was first deployed in a local area network as part of the Hello
routing protocol and implemented in the Fuzzball router, an experimental
operating system used in network prototyping, where it ran for many years.

Other related network tools were available both then and now. They include
the Daytime and Time protocols for recording the time of events, as well as
the ICMP Timestamp and IP Timestamp option (RFC 781 (https://tools.ietf.
org/html/rfc781)). More complete synchronization systems, although
lacking NTP's data analysis and clock disciplining algorithms, include the
Unix daemon timed, which uses an election algorithm to appoint a server for
all the clients;[18] and the Digital Time Synchronization Service (DTSS),
which uses a hierarchy of servers similar to the NTP stratum model.
NTP was designed by David
In 1985, NTP version 0 (NTPv0) was implemented in both Fuzzball and L. Mills.
Unix, and the NTP packet header and round-trip delay and offset
calculations, which have
RFC evolution for NTP persisted into NTPv4, were
documented in RFC 958 (ht
2020 —
tps://tools.ietf.org/html/rfc9
– RFC 7822[11] 58). Despite the relatively
slow computers and
2015 — networks available at the
– RFC 5905[10] RFC 4330[15]
time, accuracy of better
than 100 milliseconds was
2010 — usually obtained on
Atlantic spanning links,
– with accuracy of tens of
2005 — milliseconds on Ethernet
networks.
–
RFC 1305[9] RFC 2030[14] In 1988, a much more
2000 — complete specification of
the NTPv1 protocol, with
–
associated algorithms, was
1995 — RFC 1769[13] published in RFC 1059 (htt
RFC 1361[12] ps://tools.ietf.org/html/rfc1
– 059). It drew on the
←SNTP
1990
 S
1990 — experimental results and
RFC 1119[8]
RFC 1059[7] clock filter algorithm
–
RFC 958 [6] documented in RFC 956 (ht
1985 — tps://tools.ietf.org/html/rfc9
56) and was the first
–
version to describe the
←DCNET Internet
1980 — Clock Service[16] client-server and peer-to-
peer modes. In 1991, the
NTPv1 architecture, protocol and algorithms were brought to the attention of a wider engineering
community with the publication of an article by David L. Mills in the IEEE Transactions on
Communications.[19]

In 1989, RFC 1119 (https://tools.ietf.org/html/rfc1119) was published defining NTPv2 by means of a state
machine, with pseudocode to describe its operation. It introduced a management protocol and cryptographic
authentication scheme which have both survived into NTPv4, along with the bulk of the algorithm. However
the design of NTPv2 was criticized for lacking formal correctness by the DTSS community, and the clock
selection procedure was modified to incorporate Marzullo's algorithm for NTPv3 onwards.[20]

In 1992, RFC 1305 (https://tools.ietf.org/html/rfc1305) defined NTPv3. The RFC included an analysis of all
sources of error, from the reference clock down to the final client, which enabled the calculation of a metric
that helps choose the best server where several candidates appear to disagree. Broadcast mode was
introduced.

In subsequent years, as new features were added and algorithm improvements were made, it became
apparent that a new protocol version was required.[21] In 2010, RFC 5905 (https://tools.ietf.org/html/rfc590
5) was published containing a proposed specification for NTPv4. The protocol has significantly moved on
since then, and as of 2014, an updated RFC has yet to be published.[22] Following the retirement of Mills
from the University of Delaware, the reference implementation is currently maintained as an open source
project led by Harlan Stenn.[23][24]

Clock strata
NTP uses a hierarchical, semi-layered system of time sources. Each
level of this hierarchy is termed a stratum and is assigned a number
starting with zero for the reference clock at the top. A server
synchronized to a stratum n server runs at stratum n + 1. The number
represents the distance from the reference clock and is used to
prevent cyclical dependencies in the hierarchy. Stratum is not always
an indication of quality or reliability; it is common to find stratum 3 The U.S. Naval Observatory
time sources that are higher quality than other stratum 2 time Alternate Master Clock at Schriever
sources.[note 1] A brief description of strata 0, 1, 2 and 3 is provided AFB (Colorado) is a stratum 0 source
below. for NTP

Stratum 0
These are high-precision timekeeping devices such as atomic clocks, GPS or other radio
clocks. They generate a very accurate pulse per second signal that triggers an interrupt and
timestamp on a connected computer. Stratum 0 devices are also known as reference clocks.
Stratum 1
These are computers whose system time is synchronized to within a few microseconds of
their attached stratum 0 devices. Stratum 1 servers may peer with other stratum 1 servers
for sanity check and backup.[25] They are also referred to as primary time servers.[2][3]
Stratum 2
 These are computers that are synchronized over a
network to stratum 1 servers. Often a stratum 2
computer queries several stratum 1 servers. Stratum 2
computers may also peer with other stratum 2
computers to provide more stable and robust time for all
devices in the peer group.
Stratum 3
These are computers that are synchronized to stratum 2
servers. They employ the same algorithms for peering
and data sampling as stratum 2, and can themselves act
as servers for stratum 4 computers, and so on.

The upper limit for stratum is 15; stratum 16 is used to indicate that Yellow arrows indicate a direct
a device is unsynchronized. The NTP algorithms on each computer connection; red arrows indicate a
interact to construct a Bellman-Ford shortest-path spanning tree, to network connection.
minimize the accumulated round-trip delay to the stratum 1 servers
for all the clients.[1]:20

In addition to stratum, the protocol is able to identify the synchronization source for each server in terms of
reference identifier (refid).
 Common time reference identifiers (refid) codes
Reference identifier
Clock Source
(refid)[26]
GOES Geosynchronous Orbit Environment Satellite
GPS Global Positioning System
GAL Galileo Positioning System
PPS Generic pulse-per-second
IRIG Inter-Range Instrumentation Group
WWVB LF Radio WWVB Fort Collins, Colorado 60 kHz
DCF LF Radio DCF77 Mainflingen, DE 77.5 kHz
HBG LF Radio HBG Prangins, HB 75 kHz (ceased operation)
MSF LF Radio MSF Anthorn, UK 60 kHz
JJY LF Radio JJY Fukushima, JP 40 kHz, Saga, JP 60 kHz
LORC MF Radio Loran-C station, 100
TDF MF Radio Allouis, FR 162 kHz
CHU HF Radio CHU Ottawa, Ontario
WWV HF Radio WWV Fort Collins, Colorado
WWVH HF Radio WWVH Kauai, Hawaii
NIST NIST telephone modem
ACTS NIST telephone modem
USNO USNO telephone modem
PTB German PTB time standard telephone modem
MRS Multi Reference Sources
XFAC Inter Face Association Changed (IP address changed or lost)
Step time change, the offset is less than the panic threshold (1000 s) but greater than the
STEP
step threshold (125 ms)

Timestamps
The 64-bit timestamps used by NTP consist of a 32-bit part for seconds and a 32-bit part for fractional
second, giving a time scale that rolls over every 232 seconds (136 years) and a theoretical resolution of 2−32
seconds (233 picoseconds). NTP uses an epoch of January 1, 1900. Therefore, the first rollover occurs on
February 7, 2036.[27][28]

NTPv4 introduces a 128-bit date format: 64 bits for the second and 64 bits for the fractional-second. The
most-significant 32-bits of this format is the Era Number which resolves rollover ambiguity in most
cases.[29][30] According to Mills, "The 64-bit value for the fraction is enough to resolve the amount of time
it takes a photon to pass an electron at the speed of light. The 64-bit second value is enough to provide
unambiguous time representation until the universe goes dim."[31][note 2]

Clock synchronization algorithm

A typical NTP client regularly polls one or more NTP servers. The
client must compute its time offset and round-trip delay. Time offset
θ, the difference in absolute time between the two clocks, is defined
by

,
Round-trip delay time δ

and the round-trip delay δ by

where

t0 is the client's timestamp of the request packet transmission,

t1 is the server's timestamp of the request packet reception,
t2 is the server's timestamp of the response packet transmission and
t3 is the client's timestamp of the response packet reception.[1]:19

The values for θ and δ are passed through filters and subjected to statistical analysis. Outliers are discarded
and an estimate of time offset is derived from the best three remaining candidates. The clock frequency is
then adjusted to reduce the offset gradually, creating a feedback loop.[1]:20

Accurate synchronization is achieved when both the incoming and outgoing routes between the client and
the server have symmetrical nominal delay. If the routes do not have a common nominal delay, a systematic
bias exists of half the difference between the forward and backward travel times.[32]

Software implementations

Reference implementation

The NTP reference implementation, along with the protocol, has

been continuously developed for over 20 years. Backwards
compatibility has been maintained as new features have been added. The NTP management protocol utility
It contains several sensitive algorithms, especially to discipline the ntpq being used to query the state of
a stratum 2 server.
clock, that can misbehave when synchronized to servers that use
different algorithms. The software has been ported to almost every
computing platform, including personal computers. It runs as a
daemon called ntpd under Unix or as a service under Windows. Reference clocks are supported and their
offsets are filtered and analysed in the same way as remote servers, although they are usually polled more
frequently.[1]:15–19 This implementation was audited in 2017, finding numerous potential security issues.[33]

SNTP

Simple Network Time Protocol (SNTP) is a less complex implementation of NTP, using the same protocol
but without requiring the storage of state over extended periods of time.[34] It is used in some embedded
systems and in applications where full NTP capability is not required.[35]

Windows Time
All Microsoft Windows versions since Windows 2000 include the Windows Time service (W32Time),[36]
which has the ability to synchronize the computer clock to an NTP server.

W32Time was originally implemented for the purpose of the Kerberos version 5 authentication protocol,
which required time to be within 5 minutes of the correct value to prevent replay attacks. The version in
Windows 2000 and Windows XP only implements SNTP, and violates several aspects of the NTP version 3
standard.[37]

Beginning with Windows Server 2003 and Windows Vista, a compliant implementation of NTP is
included.[38] Microsoft states that W32Time cannot reliably maintain time synchronization with one second
accuracy.[39] If higher accuracy is desired, Microsoft recommends using a newer version of Windows or
different NTP implementation.[40]

Windows 10 and Windows Server 2016 support 1 ms time accuracy under certain operating
conditions.[41][39]

OpenNTPD

In 2004, Henning Brauer presented OpenNTPD, an NTP implementation with a focus on security and
encompassing a privilege separated design. Whilst it is aimed more closely at the simpler generic needs of
OpenBSD users, it also includes some protocol security improvements while still being compatible with
existing NTP servers. A portable version is available in Linux package repositories.

Ntimed

A new NTP client, ntimed, was started by Poul-Henning Kamp in 2014.[42] The new implementation is
sponsored by the Linux Foundation as a replacement for the reference implementation, as it was determined
to be easier to write a new implementation from scratch than to reduce the size of the reference
implementation. Although it has not been officially released, ntimed can synchronize clocks reliably.[43]

NTPsec

NTPsec is a fork of the reference implementation that has been systematically security-hardened. The fork
point was in June 2015 and was in response to a rash of compromises in 2014. The first production release
shipped in October 2017.[44] Between removal of unsafe features, removal of support for obsolete hardware,
and removal of support for obsolete Unix variants, NTPsec has been able to pare away 75% of the original
codebase, making the remainder more auditable.[45] A 2017 audit of the code showed eight security issues,
including two that were not present in the original reference implementation, but NTPsec did not suffer from
eight other issues that remained in the reference implementation.[46]

chrony

chrony comes by default in Red Hat distributions[47] and is available in the Ubuntu repositories.[48] chrony
is aimed at ordinary computers, which are unstable, go into sleep mode or have intermittent connection to
the Internet.[49] chrony is also designed for virtual machines, a much more unstable environment. It is
characterized by low resource consumption (cost) and supports Precision Time Protocol as well as NTP. It
has two main components: chronyd, a daemon that is executed when the computer starts, and chronyc, a
command line interface to the user for its configuration. It has been evaluated as very safe and with just a
few incidents,[50] its advantage is the versatility of its code, written from scratch to avoid unnecessary
complexity.[51] chrony is available under GNU General Public
License version 2, was created by Richard Curnow in 1997 and is
currently maintained by Miroslav Lichvar.[52]

Leap seconds
On the day of a leap second event, ntpd receives notification from
either a configuration file, an attached reference clock, or a remote
server. Because of the requirement that time must appear to be chronyc, user license and command
monotonically increasing, a leap second is inserted with the line help. Terminal window under
sequence 23:59:59, 23:59:60, 00:00:00. Although the clock is Ubuntu 16.04.
actually halted during the event, any processes that query the system
time cause it to increase by a tiny amount, preserving the order of
events. If a negative leap second should ever become necessary, it would be deleted with the sequence
23:59:58, 00:00:00, skipping 23:59:59.[53]

An alternative implementation, called leap smearing, consists in introducing the leap second incrementally
during a period of 24 hours, from noon to noon in UTC time. This implementation is used by Google (both
internally and on their public NTP servers) and by Amazon AWS.[54]

Security concerns
Only a few other security problems have been identified in the reference implementation of the NTP
codebase, but the ones that appeared in 2009 were cause for significant concern.[55][56] The protocol has
been undergoing revision and review over its entire history. As of January 2011, there are no security
revisions in the NTP specification and no reports at CERT.[57] The current codebase for the reference
implementation has been undergoing security audits from several sources for several years, and there are no
known high-risk vulnerabilities in the current released software.[58]

Several security concerns arose in late 2014. Previously, researchers became aware that NTP servers can be
susceptible to man-in-the-middle attacks unless packets are cryptographically signed for authentication.[59]
The computational overhead involved can make this impractical on busy servers, particularly during denial
of service attacks.[60] NTP message spoofing can be used to move clocks on client computers and allow a
number of attacks based on bypassing of cryptographic key expiration.[61] Some of the services affected by
fake NTP messages identified are TLS, DNSSEC, various caching schemes (such as DNS cache), BGP,
Bitcoin and a number of persistent login schemes.[62][63]

A 2017 security audit of three NTP implementations, conducted on behalf of the Linux Foundation's Core
Infrastructure Initiative, suggested that both NTP[64][65] and NTPsec[66] were more problematic than
Chrony[67] from a security standpoint.[68]

NTP has been used in distributed denial of service (DDoS) attacks.[69][70] A small query is sent to an NTP
server with the return address spoofed to be the target address. Similar to the DNS amplification attack, the
server responds with a much larger reply that allows an attacker to substantially increase the amount of data
being sent to the target. To avoid participating in an attack, servers can be configured to ignore external
queries, or they can be upgraded to version 4.2.7p26 or later.[71]

A stack-based buffer overflow exploit was discovered and a patch is available as of 19 December 2014. This
includes all NTP Version 4 releases before version 4.2.8.[72] Apple was concerned enough that it used its
auto-update capability for the first time,[73] though only for recent versions of macOS. In the case of version
10.6.8 there are manual fixes for the server version, and normal "client" users can just turn off automatic
time updating in System Preferences for Date & Time.[74] Some implementation errors are basic, such as a
missing return statement in a routine, that can lead to unlimited access to systems that are running some
versions of NTP in the root daemon. Systems that do not use the root daemon, such as BSD, are not subject
to this flaw.[75]

See also
Allan variance
Clock network
International Atomic Time
IRIG timecode
NITZ
NTP pool
NTP server misuse and abuse
Ntpdate
Precision Time Protocol (IEEE 1588 PTP)

Notes
1. Telecommunication systems use a different definition for clock strata.
2. 2−64 seconds is about 54 zeptoseconds (light would travel 16.26 picometers, or approximately
0.31 × Bohr radius), and 264 seconds is about 585 billion years.

References
1. David L. Mills (12 December 2010). Computer Network Time Synchronization: The Network
Time Protocol (https://books.google.com/books?id=pdTcJBfnbq8C&pg=PA12). Taylor &
Francis. pp. 12–. ISBN 978-0-8493-5805-0.
2. "Executive Summary: Computer Network Time Synchronization" (http://www.eecis.udel.edu/~
mills/exec.html). Retrieved 2011-11-21.
3. "NTP FAQ" (http://www.ntp.org/ntpfaq/NTP-s-algo.htm#Q-ACCURATE-CLOCK). The NTP
Project. Retrieved 2011-08-27.
4. "Port Numbers" (http://www.iana.org/assignments/port-numbers). The Internet Assigned
Numbers Authority (IANA).
5. Page 16 (http://tools.ietf.org/html/rfc5905)
6. RFC 958 Network Time Protocol (NTP), september 1985.
7. RFC 1059 Network Time Protocol (Version 1) Specification and Implementation, july 1988.
8. RFC 1119 Network Time Protocol (Version 1) Specification and Implementation, september
1989.
9. RFC 1305 Network Time Protocol (Version 3) Specification, Implementation and Analysis,
march 1992.
10. RFC 5905 Network Time Protocol Version 4: Protocol and Algorithms Specification, june 2010.
11. RFC 7822 Network Time Protocol Version 4 (NTPv4) Extension Fields, march 2016.
12. RFC 1361 Simple Network Time Protocol (SNTP), august 1992.
13. RFC 1769 Simple Network Time Protocol (SNTP), march 1995.
14. RFC 2030 Simple Network Time Protocol (SNTP) Version 4 for IPv4, IPv6 and OSI, october
1996.
15. RFC 4330 Simple Network Time Protocol (SNTP) Version 4 for IPv4, IPv6 and OSI, january
2006
16. RFC 778 DCNET Internet Clock Service, april 1981.
17. D.L. Mills (25 February 1981), Time Synchronization in DCNET Hosts (https://web.archive.org/
web/19961230073104/http://www.cis.ohio-state.edu/htbin/ien/ien173.html), archived from the
original (http://www.cis.ohio-state.edu/htbin/ien/ien173.html) on 1996-12-30
18. "TIMED(8)" (http://www.skrenta.com/rt/man/timed.8.html), UNIX System Manager's Manual,
retrieved 2017-09-12
19. David L. Mills (October 1991). "Intern Time Synchronization: The Network Time Protocol" (htt
p://www3.cs.stonybrook.edu/~jgao/CSE590-spring11/91-ntp.pdf) (PDF). IEEE Transactions on
Communications. 39 (10): 1482–1493. doi:10.1109/26.103043 (https://doi.org/10.1109%2F26.
103043).
20. "RFC 1305" (https://tools.ietf.org/html/rfc1305). IETF: Internet Engineering Taskforce. IETF.
Retrieved 6 December 2019. "The clock-selection procedure was modified to remove the first
of the two sorting/discarding steps and replace with an algorithm first proposed by Marzullo
and later incorporated in the Digital Time Service. These changes do not significantly affect the
ordinary operation of or compatibility with various versions of NTP, but they do provide the
basis for formal statements of correctness."
21. David L. Mills (15 November 2010). Computer Network Time Synchronization: The Network
Time Protocol on Earth and in Space, Second Edition (https://books.google.com/books?id=Bx
TOBQAAQBAJ&pg=PA377). CRC Press. p. 377. ISBN 978-1-4398-1464-2.
22. "Future Plans", Network Time Synchronization Research Project (https://www.eecis.udel.edu/~
mills/ntp.html), retrieved 24 December 2014
23. "NTP Needs Money: Is A Foundation The Answer?" (http://www.informationweek.com/cloud/inf
rastructure-as-a-service/ntp-needs-money-is-a-foundation-the-answer/d/d-id/1319557).
InformationWeek. March 23, 2015. Retrieved April 4, 2015.
24. "NTP's Fate Hinges On 'Father Time' " (http://www.informationweek.com/it-life/ntps-fate-hinges
-on-father-time/d/d-id/1319432?cmp=em-prog-na-na-newsltr_20150313_control&imm_mid=0c
e65e&page_number=2). InformationWeek. March 11, 2015. Retrieved April 4, 2015.
25. "Network Time Protocol: Best Practices White Paper" (http://www.cisco.com/en/US/tech/tk869/
tk769/technologies_white_paper09186a0080117070.shtml). Retrieved 15 October 2013.
26. " 'ntpq -p' output" (https://nlug.ml1.co.uk/2012/01/ntpq-p-output/831). NLUG.ML1.co.uk.
27. David L. Mills (12 May 2012). "The NTP Era and Era Numbering" (https://www.eecis.udel.edu/
~mills/y2k.html). Retrieved 24 September 2016.
28. W. Richard Stevens; Bill Fenner; Andrew M. Rudoff (2004). UNIX Network Programming (http
s://books.google.com/books?id=ptSC4LpwGA0C&pg=PA582). Addison-Wesley Professional.
pp. 582–. ISBN 978-0-13-141155-5.
29. "How NTP Represents the Time (Computer Network Time Synchronization)" (http://what-when-
how.com/computer-network-time-synchronization/how-ntp-represents-the-time-computer-netw
ork-time-synchronization/). Retrieved 2018-07-20.
30. "A look at the Year 2036/2038 problems and time proofness in various systems" (http://www.lie
berbiber.de/2017/03/14/a-look-at-the-year-20362038-problems-and-time-proofness-in-various-
systems/). Retrieved 2018-07-20.
31. University of Delaware Digital Systems Seminar presentation by David Mills, 2006-04-26
32. Gotoh, T.; Imamura, K.; Kaneko, A. (2002). Improvement of NTP time offset under the
asymmetric network with double packets method. Conference on Precision Electromagnetic
Measurements. pp. 448–449. doi:10.1109/CPEM.2002.1034915 (https://doi.org/10.1109%2FC
PEM.2002.1034915). ISBN 0-7803-7242-5.
33. "Pentest-Report NTP 01.2017" (https://wiki.mozilla.org/images/e/ea/Ntp-report.pdf) (PDF).
Cure53. 2017. Retrieved 2019-07-03.
34. "Network Time Protocol Version 4: Protocol and Algorithms Specification" (https://tools.ietf.org/
html/rfc5905#section-14). June 2010. p. 54. Retrieved 2012-08-26. "Primary servers and
clients complying with a subset of NTP, called the Simple Network Time Protocol (SNTPv4)
[...], do not need to implement the mitigation algorithms [...] The fully developed NTPv4
implementation is intended for [...] servers with multiple upstream servers and multiple
downstream servers [...] Other than these considerations, NTP and SNTP servers and clients
are completely interoperable and can be intermixed [...]"
35. Simple Network Time Protocol (SNTP) Version 4 for IPv4, IPv6 and OSI (https://tools.ietf.org/ht
ml/rfc4330). doi:10.17487/RFC4330 (https://doi.org/10.17487%2FRFC4330). RFC 4330.
36. "Windows Time Service Technical Reference" (https://technet.microsoft.com/en-us/library/cc77
3061%28WS.10%29.aspx). technet.microsoft.com. 2011-08-17. Retrieved 2011-09-19.
37. "Windows Time Service page at NTP.org" (https://support.ntp.org/bin/view/Support/WindowsTi
meService). Support.NTP.org. 2008-02-25. Retrieved 2017-05-01.
38. "How the Windows Time Service Works" (https://technet.microsoft.com/en-us/library/cc77301
3%28WS.10%29.aspx). technet.microsoft.com. 2010-03-12. Retrieved 2011-09-19.
39. "Support boundary to configure the Windows Time service for high accuracy environments" (ht
tp://support.microsoft.com/kb/939322). Microsoft. 2011-10-19.
40. Ned Pyle (2007-10-23). "High Accuracy W32time Requirements" (https://blogs.technet.com/b/a
skds/archive/2007/10/23/high-accuracy-w32time-requirements.aspx). Microsoft. Retrieved
2012-08-26.
41. "Windows Server 2016 Accurate Time" (https://technet.microsoft.com/en-us/windows-server-d
ocs/identity/ad-ds/get-started/windows-time-service/windows-2016-accurate-time).
technet.microsoft.com.
42. Poul-Henning, Kamp. "20140926 – Playing with time again" (http://phk.freebsd.dk/time/201409
26). PHK's Bikeshed. Retrieved 4 June 2015.
43. Poul-Henning, Kamp. "Network time synchronization software, NTPD replacement" (https://gith
ub.com/bsdphk/Ntimed). ntimed git repository README file. Github. Retrieved 4 June 2015.
44. "The Secure Network Time Protocol (NTPsec) Distribution" (https://ntpsec.org). Retrieved
2019-01-12.
45. Liska, Allan (December 10, 2016). NTP Security: A Quick-Start Guide (https://books.google.co
m/books?id=AB-1DQAAQBAJ&pg=PA80). Apress. pp. 80–. ISBN 978-1-4842-2412-0.
46. "Pentest-Report NTPsec 01.2017" (https://wiki.mozilla.org/images/1/10/Ntpsec-report.pdf)
(PDF). Cure53. 2017. Retrieved 2019-07-03.
47. Lichvar, Miroslav (20 July 2016). "Combining PTP with NTP to Get the Best of Both Worlds" (ht
tps://web.archive.org/web/20160730091110/http://rhelblog.redhat.com/2016/07/20/combining-
ptp-with-ntp-to-get-the-best-of-both-worlds/). Red Hat Enterprise Linux Blog. Red Hat.
Archived from the original (http://rhelblog.redhat.com/2016/07/20/combining-ptp-with-ntp-to-get
-the-best-of-both-worlds/) on 30 July 2016. Retrieved 19 November 2017. "Starting with Red
Hat Enterprise Linux 7.0 (and now in Red Hat Enterprise Linux 6.8) a more versatile NTP
implementation is also provided via the chrony package"
48. Lichtenheld, Frank. "Package: chrony (2.1.1-1) [universe]" (https://web.archive.org/web/20171
119213641/https://packages.ubuntu.com/xenial/chrony). Ubuntu Package. Ubuntu Package.
Archived from the original (https://packages.ubuntu.com/xenial/chrony) on 19 November 2017.
Retrieved 19 November 2017. "Versatile implementation of the Network Time Protocol"
49. Both, David. "Manage NTP with Chrony" (https://opensource.com/article/18/12/manage-ntp-chr
ony). Opensource.com. Retrieved 29 June 2019.
50. Heiderich, Mario (August 2017). "Pentest-Report Chrony 08.2017" (https://web.archive.org/we
b/20171005123643/https://wiki.mozilla.org/images/e/e4/Chrony-report.pdf) (PDF). Cure53.de
Team. wiki.mozilla.org, AKA MozillaWiki or WikiMO. Archived from the original (https://wiki.moz
illa.org/images/e/e4/Chrony-report.pdf) (PDF) on 5 October 2017. Retrieved 19 November
2017. "Withstanding eleven full days of on-remote testing in August of 2017 means that
Chrony is robust, strong, and developed with security in mind."
51. "Securing Network Time" (https://web.archive.org/web/20171028123642/https://www.coreinfra
structure.org/news/blogs/2017/09/securing-network-time). Core Infrastructure Initiative, a Linux
Foundation Collaborative Project. Core Infrastructure Initiative. 27 September 2017. Archived
from the original (https://www.coreinfrastructure.org/news/blogs/2017/09/securing-network-tim
e) on 28 October 2017. Retrieved 19 November 2017. "In sum, the Chrony NTP software
stands solid and can be seen as trustworthy"
52. "chrony introduction" (https://web.archive.org/web/20091209115945/https://chrony.tuxfamily.or
g/). TuxFamily, a non-profit organization. chrony. Archived from the original (https://chrony.tuxfa
mily.org/) on 9 December 2009. Retrieved 19 November 2017. "The software is supported on
Linux, FreeBSD, NetBSD, macOS, and Solaris."
53. David Mills. "The NTP Timescale and Leap Seconds" (http://www.eecis.udel.edu/~mills/leap.ht
ml). Retrieved 15 October 2013.
54. "Google Developers Leap Smear" (https://developers.google.com/time/smear). Retrieved
4 April 2019.
55. "Security Notice" (http://support.ntp.org/security). Support.NTP.org. 2009-12-10. Retrieved
2011-01-12.
56. results returned by a search on "Network Time Protocol" (http://search.cert.org/search?q=%22
Network+Time+Protocol%22&btnG.x=0&btnG.y=0&btnG=Go&entqr=0&ud=1&sort=date%3A
D%3AL%3Ad1&output=xml_no_dtd&oe=UTF-8&ie=UTF-8&client=default_frontend&proxystyle
sheet=default_frontend&site=default_collection) at [1] (http://cert.org)
57. in RFC 778 (https://tools.ietf.org/html/rfc778), RFC 891 (https://tools.ietf.org/html/rfc891),
RFC 956 (https://tools.ietf.org/html/rfc956), RFC 958 (https://tools.ietf.org/html/rfc958),
RFC 1305 (https://tools.ietf.org/html/rfc1305), RFC 5905 (https://tools.ietf.org/html/rfc5905),
and the NTPv4 specification (http://www.eecis.udel.edu/%7emills/database/reports/ntp4/ntp4.p
df)
58. "Code Audit" (http://support.ntp.org/Main/CodeAudit). Support.NTP.org. 2009-06-13. Retrieved
2011-01-12.
59. "Network Time Protocol Version 4: Autokey Specification" (https://tools.ietf.org/html/rfc5906).
IETF. 2010. Retrieved 2014-10-16.
60. "NTP Security Analysis" (http://www.eecis.udel.edu/~mills/security.html). Retrieved 11 October
2013.
61. Jose Selvi (2014-10-16). "Bypassing HTTP Strict Transport Security" (https://www.blackhat.co
m/docs/eu-14/materials/eu-14-Selvi-Bypassing-HTTP-Strict-Transport-Security-wp.pdf) (PDF).
Retrieved 2014-10-16.
62. Aanchal Malhotra; Isaac E. Cohen; Erik Brakke & Sharon Goldberg (20 October 2015).
"Attacking the Network Time Protocol" (http://www.cs.bu.edu/~goldbe/papers/NTPattack.pdf)
(PDF). NDSS.
63. "Attacking the Network Time Protocol" (http://www.cs.bu.edu/~goldbe/NTPattack.html).
www.cs.bu.edu. Retrieved 2015-10-27.
64. NTP SecurityNotice Page (http://support.ntp.org/bin/view/Main/SecurityNotice)
65. NVD NIST Product Search NTP (https://nvd.nist.gov/vuln/search/results?form_type=Advanced
&results_type=overview&search_type=all&cpe_vendor=cpe%3A%2F%3Antp&cpe_product=cp
e%3A%2F%3A%3Antp)
66. NVD NIST Product Search NTPsec (https://nvd.nist.gov/vuln/search/results?form_type=Advan
ced&results_type=overview&search_type=all&cpe_vendor=cpe%3A%2F%3Antpsec&cpe_pro
duct=cpe%3A%2F%3A%3Antpsec)
67. NVD NIST Product Search Chrony (https://nvd.nist.gov/vuln/search/results?form_type=Advanc
ed&results_type=overview&search_type=all&cpe_vendor=cpe%3A%2F%3Atuxfamily&cpe_pr
oduct=cpe%3A%2F%3A%3Achrony)
68. "CII Audit Identifies Most Secure NTP Implementation" (https://web.archive.org/web/20180203
195701/https://www.linuxfoundation.org/blog/cii-audit-identifies-secure-ntp-implementation/).
The Linux Foundation. September 28, 2017. Archived from the original (https://www.linuxfound
ation.org/blog/cii-audit-identifies-secure-ntp-implementation/) on 2018-02-03. Retrieved
2019-07-03.
69. Goodin, Dan (2014-01-13). "New DoS attacks taking down game sites deliver crippling
100Gbps floods" (https://arstechnica.com/security/2014/01/new-dos-attacks-taking-down-gam
e-sites-deliver-crippling-100-gbps-floods/). Ars Technica. Retrieved 2014-01-25.
70. Lee, Dave (2014-02-11). "Huge Hack 'Ugly Sign of Future' for Internet Threats" (https://www.bb
c.co.uk/news/technology-26136774). BBC. Retrieved 2014-02-12.
71. "DRDoS / Amplification Attack using ntpdc monlist command" (http://support.ntp.org/bin/view/
Main/SecurityNotice#April_2010_DRDoS_Amplification_A). support.NTP.org. 2010-04-24.
Retrieved 2014-04-13.
72. "Network Time Protocol Vulnerabilities (Update C) | ICS-CERT" (https://ics-cert.us-cert.gov/adv
isories/ICSA-14-353-01). Ics-cert.us-cert.gov. Retrieved 2015-04-15.
73. Cunningham, Andrew (Dec 23, 2014). "Apple automatically patches Macs to fix severe NTP
security flaw" (https://arstechnica.com/apple/2014/12/apple-automatically-patches-macs-to-fix-
severe-ntp-security-flaw/). arstechnica. Retrieved Apr 29, 2015.
74. "NTP vulnerability on versions prior to 4.2.8 -- we OK?" (https://discussions.apple.com/thread/6
735082?start=16). Apple Support Communities.
75. Fairhead, Harry (23 December 2014). "NTP The Latest Open Source Security Problem" (http://
www.i-programmer.info/news/149-security/8120-ntp-the-latest-open-source-security-problem.ht
ml). I Programmer.

Further reading
Definitions of Managed Objects for Network Time Protocol Version 4 (NTPv4) (https://tools.ietf.
org/html/rfc5907). doi:10.17487/RFC5907 (https://doi.org/10.17487%2FRFC5907). RFC 5907.
Network Time Protocol (NTP) Server Option for DHCPv6 (https://tools.ietf.org/html/rfc5908).
doi:10.17487/RFC5908 (https://doi.org/10.17487%2FRFC5908). RFC 5908.

External links
Official website (https://www.ntp.org/)
IETF NTP working group (https://datatracker.ietf.org/wg/ntp/charter/)
Microsft Windows accurate time guide (https://docs.microsoft.com/en-us/windows-server/netw
orking/windows-time-service/accurate-time) and more (https://docs.microsoft.com/en-us/windo
ws-server/networking/windows-time-service/configuring-systems-for-high-accuracy?tabs=MinP
ollInterval)
Time and NTP paper (https://www.ijs.si/time/)
NTP Survey 2005 (http://www.ntpsurvey.arauc.br/)
Test time in browser (https://time.is)
NTP Server Test Online Tool (https://servertest.online/ntp)
 Current NIST leap seconds file compatible with ntpd (https://www.ietf.org/timezones/data/leap-
seconds.list)
David L. Mills, A Brief History of NTP Time: Confessions of an Internet Timekeeper (https://ww
w.eecis.udel.edu/~mills/database/papers/history.pdf)
Galleon Systems, NTP Server Check (https://www.ntp-time-server.com/ntp-software/ntp-check.
html) used to query NTP servers.

Retrieved from "https://en.wikipedia.org/w/index.php?title=Network_Time_Protocol&oldid=947224770"

This page was last edited on 25 March 2020, at 01:26 (UTC).

Text is available under the Creative Commons Attribution-ShareAlike License; additional terms may apply. By using this
site, you agree to the Terms of Use and Privacy Policy. Wikipedia® is a registered trademark of the Wikimedia
Foundation, Inc., a non-profit organization.