NTP, Network Time Protocol, is a time synchronization protocol defined by RFC 1305 that is used to synchronize time between distributed time servers and clients. NTP is transmitted based on UDP packets, using a UDP port number of 123.
The purpose of using NTP is to synchronize the clocks of all devices with clocks within the network so that the clocks of all devices within the network are consistent, allowing the device to provide multiple applications based on uniform time.
For local systems running NTP, you can either receive synchronizations from other clock sources, synchronize other clocks as clock sources, and synchronize with other devices.
How NTP works
The basic principle of NTP works as shown in the figure. Device A and device B are connected through the network, they all have their own independent system clock, need to use NTP to realize the automatic synchronization of their system clocks. For ease of understanding, make the following assumptions:
Before device A and device B's system clock synchronization, device A's clock set to 10:00:00am,device B is set to 11:00:00am.
Device B acts as an NTP time server, which means that device a synchronizes its clock with device B's clock.
The time required for a one-way transmission between device A and device B for NTP messages is 1 seconds.
The system clock synchronization process is as follows:
Device A sends an NTP message to device B, which has a timestamp of when it left device a, and the timestamp is 10:00:00am (T1).
When this NTP message arrives at device B, device B adds its own time stamp, which is 11:00:01am (T2).
When this NTP message leaves device B, device B adds its own time stamp, which is 11:00:02am (T3).
When device a receives the response message, the local time of device A is 10:00:03am (T4).
At this point, Device a already has enough information to calculate two important parameters:
The round-trip delay of the NTP message delay= (T4-T1)-(T3-T2) = 2 seconds.
Device A has a time difference of offset= ((T2-T1) + (T3-T4))/2=1 hours relative to device B.
In this way, device a can set its own clock based on this information and synchronize it with device B's clock.
the message format of NTP
NTP has two different types of messages, one is a clock synchronization message and the other is a control message. The control message is only used in situations where network management is required, and it is not required for clock synchronization functions and is not described here.
The main fields are explained as follows:
L LI (Leap Indicator): 2 bits in length, with a value of "11" indicating an alarm state, the clock is not synchronized. For other values, NTP itself does not do the processing.
L VN (version number): 3 bits long, representing the version of NTP, the current version is 3.
L Mode: Length is 3 bits, which indicates the working mode of NTP. The meanings represented by different values are: 0 undefined, 1 for active peer mode, 2 for passive peer mode, 3 for customer mode, 4 for server mode, 5 for broadcast mode or multicast mode, 6 for NTP control message, 7 for internal use.
L Stratum: The number of layers of the system clock with a value range of 1~16, which defines the accuracy of the clock. The clock with a number of layers of 1 is the highest, the accuracy is reduced from 1 to 16, the clock with a layer of 16 is in an unsynchronized state and cannot be used as a reference clock.
L Poll: Polling time, which is the time interval between two consecutive NTP messages.
L Precision: Accuracy of the system clock.
L Root Delay: The round-trip time from the local to the primary reference clock source.
L Root Dispersion: The maximum error of the system clock relative to the main reference clock.
L Reference Identifier: Identification of the reference clock source.
L Reference Timestamp: The time the system clock was last set or updated.
L originate the local time of the sending end of the TIMESTAMP:NTP request message when it leaves the sending end.
L Receive TIMESTAMP:NTP The local time of the receiving end when the request message arrives at the receiving end.
L Transmit Timestamp: The local time of the responder when the response message leaves the responder.
L Authenticator: Verify the information.
NTP mode of Operation
The device can synchronize time with a variety of NTP operating modes:
Client/server Mode
Peer mode
Broadcast mode
multicast mode
Users can choose the right mode of work as needed. In the case of not determining the server or peer IP address, the network needs to synchronize the device in many cases, such as the broadcast or multicast mode to achieve clock synchronization; In client/server and peer mode, the device obtains clock synchronization from the specified server or peer, increasing the reliability of the clock.
1. client/server Mode
In client/server mode, the client sends a clock synchronization message to the server, and the Mode field in the message is set to 3 (Customer mode). After the server receives the message, it automatically works in server mode and sends the response message, and the Mode field in the message is set to 4 (server mode). After the client receives the response message, the clock is filtered and selected, and synchronized to the preferred server.
In this mode, the client can synchronize to the server, and the server cannot synchronize to the client.
2. Peer mode
In peer mode, the first interaction between the active peer and the passive peer is an NTP message with a mode field of 3 (client mode) and 4 (server mode). After the active peer sends a clock synchronization message to the passive peer, the Mode field in the message is set to 1 (active peer), the passive peer automatically works in the passive peer mode after receiving the message, and the response message is sent, and the Mode field in the message is set to 2 (passive peer). Through the interaction of the message, the peer mode is established. Active peers and passive peers can synchronize with each other. If both clocks are synchronized, the clock with a small number of layers will prevail
3. Broadcast mode
In broadcast mode, the server side periodically sends a clock synchronization message to the broadcast address 255.255.255.255, and the Mode field in the message is set to 5 (broadcast mode). The client listens for broadcast messages from the server. When the client receives the first broadcast message, the client interacts with the server with the Mode field of 3 (Customer mode) and 4 (server mode) NTP messages to obtain the network latency between the client and the server. The client then enters the broadcast client mode and continues to listen for the arrival of the broadcast message, synchronizing the system clock according to the incoming broadcast message.
4. Multicast mode
In multicast mode, the server side periodically configures the multicast address to the user (or, if the user does not configure a multicast address, uses the default NTP multicast address 224.0.1.1) to send the clock synchronization message, and the Mode field in the message is set to 5 (multicast mode). The client listens for the group broadcast text from the server. When the client receives the first group broadcast, the client interacts with the server with the Mode field of 3 (Customer mode) and 4 (server mode) NTP messages to obtain the network latency between the client and the server. After that, the client enters the multicast client mode, continues to listen to the arrival of the group broadcast text, and synchronizes the system clock according to the incoming group broadcast text.