Network Time Protocol
aliases:
- NTP
Network clock synchronization protocol.
Designed to be used in packet-switched, variable-latency data networks. NTP syncs subscribed hosts to a few milliseconds within the Coordinated Universal Time (UTC). Under ideal conditions, NTP runs within better than a 1ms accuracy in local networks, and within 10s of milliseconds over the public Internet.
[i]NTP runs on
123/udp
Top level NTP servers obtain UTC time from direct connections to an accurate clock, like an atomic clock accessed over GPS. NTP servers that sync with a stratum 1 server are operating at stratum 2. Each stratum level means you are one hop away from a top level NTP server.
Usually, routers are configured to act as the NTP server for home networks. They are set to access three different higher stratum time servers, to enable correction for drifting or inaccurate time settings for hosts on the network.
Client hosts usually use Simple NTP (SNTP), and cannot be configured to act as a NTP server for other hosts.
Time Correction
Time drift happens when a host system's clock begins to deviate from the source clock. NTP can detect drifting using two methods, the slew method and the slam method.
The slew method adjusts the host system's time value by a few milliseconds at a time, slowly correcting time. This might take longer to correct, but it's worth the wait.
The slam method hard resets the host system's time value, and it's used only when the deviation is too great to use the slew method. Slamming the host system's time can cause some programs to crash.
[i]Host clients cannot access critical services if their time value is inaccurate. Authentication and other security mechanisms (e.g. TOTP MFA) will fail if the two hosts don't have the same time value. These errors will pop up as Generic Failure errors or Invalid Token Type errors. Ensure you always rule out time desynchronization early in the troubleshooting process.
Configuration
Microsoft-Windows: cmd w32tm Linux: sudo nano /etc/ntp.conf