Skip to main content
HashnodeMilan Dangol's blog

Command Palette

Search for a command to run...

NTP: Deep level

How NTP really works?

Updated
โ€ข5 min read
NTP: Deep level
M
Milan Dangol

I help companies scale across ๐—ฐ๐—น๐—ผ๐˜‚๐—ฑ ๐—ฎ๐—ป๐—ฑ ๐—ผ๐—ป-๐—ฝ๐—ฟ๐—ฒ๐—บ environments without ๐—ผ๐˜ƒ๐—ฒ๐—ฟ๐—ฒ๐—ป๐—ด๐—ถ๐—ป๐—ฒ๐—ฒ๐—ฟ๐—ถ๐—ป๐—ด. My focus is on building ๐—ฝ๐—ฟ๐—ฎ๐—ด๐—บ๐—ฎ๐˜๐—ถ๐—ฐ, ๐—ฟ๐—ถ๐—ด๐—ต๐˜-๐˜€๐—ถ๐˜‡๐—ฒ๐—ฑ ๐˜๐—ฒ๐—ฐ๐—ต๐—ป๐—ผ๐—น๐—ผ๐—ด๐˜† ๐˜€๐˜†๐˜€๐˜๐—ฒ๐—บ๐˜€ that support real business needs systems that are reliable, cost-efficient, and easy to operate as the organization grows. I believe technology should enable momentum, not create unnecessary complexity or long-term maintenance burden. I work closely with ๐—น๐—ฒ๐—ฎ๐—ฑ๐—ฒ๐—ฟ๐˜€๐—ต๐—ถ๐—ฝ and ๐—ฒ๐—ป๐—ด๐—ถ๐—ป๐—ฒ๐—ฒ๐—ฟ๐—ถ๐—ป๐—ด teams to make intentional technology decisions, balancing speed, stability, security, and cost. My approach is grounded in simplicity, clarity, and long-term sustainability rather than chasing tools or trends. My experience includes: โ€ข Designing and scaling platforms across cloud and on-prem โ€ข Improving system reliability and operational maturity โ€ข Optimizing infrastructure costs through thoughtful architecture โ€ข Automating delivery and operations to reduce friction and risk Iโ€™m hands-on when execution is needed and strategic when direction matters most. Whether a company is preparing to scale or untangling complexity that has built up over time, I focus on solutions that work today and remain sensible tomorrow. If you value ๐—ฐ๐—น๐—ฒ๐—ฎ๐—ฟ ๐˜๐—ต๐—ถ๐—ป๐—ธ๐—ถ๐—ป๐—ด, ๐—ฝ๐—ฟ๐—ฎ๐—ฐ๐˜๐—ถ๐—ฐ๐—ฎ๐—น ๐—ฒ๐˜…๐—ฒ๐—ฐ๐˜‚๐˜๐—ถ๐—ผ๐—ป, ๐—ฎ๐—ป๐—ฑ ๐˜๐—ฒ๐—ฐ๐—ต๐—ป๐—ผ๐—น๐—ผ๐—ด๐˜† ๐˜๐—ต๐—ฎ๐˜ ๐˜€๐—ฒ๐—ฟ๐˜ƒ๐—ฒ๐˜€ ๐˜๐—ต๐—ฒ ๐—ฏ๐˜‚๐˜€๐—ถ๐—ป๐—ฒ๐˜€๐˜€, weโ€™ll work well togetherGiving up is not in the blood, sir. It's not in the blood.

What is an NTP server?

In a network of computers, the Network Time Protocol (NTP) is a protocol that is used to synchronize computer clock timings. Computer clock timings are synchronized to a millisecond, and occasionally to a fraction of a millisecond, via NTP using Coordinated Universal Time (UTC). Radio and satellite technologies are only two of the many ways to get UTC. For high-level services like the Global Positioning System (GPS) and the governments of some countries, specialized receivers are available. However, it would not be practicable or economical to install one of these receivers on every computer.

The receivers are instead installed on computers designated as primary time servers, which employ protocols like NTP to synchronize the clock timings of networked computers. Strata are specified as distances from the UTC source. A computer that is directly connected to the radio clock is in stratum 0, a computer that receives its time via a computer in stratum 1 is in stratum 2, and so on. A radio clock (which obtains true time from a dedicated transmitter or satellite navigation system) is in stratum 0.

Purpose: Synchronize the clocks of a sever constellation to UTC

Utility: Time stamps are used everywhere. Starting from log files to banking apps

Packet: UDP protocol - port 123

Binary : It uses its own binary format( RFC 1305, RFC 2030)

How packets are exchanged in NTP?

โ€ข Packet sent: ------> client sends the request with its timestamp. <----- Server returns the packet with 3 timestamps:

  1. Echo of client timestamps.
  2. When did the server receive the request?
  3. When did sever send the response?
    • Client estimates the offset between him and the server.
    • The client can have many servers.
    • Client chooses only one NTP server to sync time.
    • Minimize the offset and skew with a feedback loop.

Network Uses of NTP:

  1. Pair of very small packets at every 64-1024 seconds are being exchanged for each server.
  2. As per the latest estimate only 0.01 % of world traffic on the internet is of NTP (less than 5GB per day).

How NTP works?

NTP is based on "Marzullo's" algorithm. But is used only by high stratum servers to get accurate time using serval sources.

So what is stratum?

  • Stratum levels define the distance from a high-precision Reference Clock. A Stratum-0 device is assumed to be the most accurate and it has no delay. Each server participating in the hierarchy is allocated a stratum, with Stratum-1 being the master servers (which are connected to High Precision time source), and Stratum-2 being the secondary servers, down to the lower end of Stratum-15.
  • Stratum-0 consists of high-precision time sources. Stratum-0 Time Devices are very accurate reference clocks (For example: Atomic Clocks). Stratum-0 time devices cannot be used on the network directly as an NTP Server. Stratum-0 time devices are connected to Stratum-1 Time Servers. That is, Stratum-1 Time Servers get their time synchronized from a Stratum-0 time source. Stratum-1 Servers are also referred to as primary NTP time servers.
  • An NTP server that is directly connected to a Stratum-0 device is called a Stratum-1 Time Server. An NTP Server, which is getting its time synchronized from a Stratum-1 time server is called a Stratum-2 NTP time server. Stratum-2 Time Servers get their time synchronized from a Stratum-1 time source. A Server, which is getting its time synchronized from a Stratum-2 time server is called a Stratum-3 time server, and so on. Stratum-3 Time Servers get their time synchronized from a Stratum-2 time source. In the NTP hierarchy, the Stratum-0 level device has the most precise time, Since Stratum-1 NTP Server is synchronizing its time from the Stratum-0 time device, Stratum-1 is less precise than Stratum-0 and so on.
  • But normally, a normal client, on a normal day will use only one server
  • NTP time is not being stored or sent in an actual YY/MM/DD format. NTP timestamps are stored in seconds, and the seconds are calculated since 1 Jan 1990
  • Timestamp is actually a 64-bit in size. 32-bit is for a number of seconds and 32-bit is for fraction of a second.
    • For instance, let's say a client initiates communication with the server, and it sends requests with the time stamps. Now, this timestamp is calculated in a number of seconds since 1 Jan 1990 and is a 64-bit in size of 32-bit number second and 32-bit of a fraction of a second.

Why are we using NTP?

  • Client time is "wrong time"
  • NTP server time is "true time"

Steps involved:

  1. Client sends the request at the "wrong time" 100.
    • A=100 ( note that 100 is a second )
  2. Because of Internet connectivity and the presence of delay. The server gets the request at "true time" (server time) at 150.
    • X=150
  3. Server might be busy, so it doesnโ€™t send out the response until " true time " at 160.
    • Y=160
  4. Because again of internet connectivity, client will get the request at the " wrong time " 120.
    • B=120.
  5. Client determines the time spent on the network is:
    • B-A- (Y-X)
    • 120-100-(160-150) 10 sec
  6. Client assumes that time it took for the response to get from severe to client
    • 10/2=5 sec
  7. Client will add that time to the "true time" when the server sends the response to estimate that it received the response at "true".
    • 160 + 5 = 165
  8. Client now knows that he needs to add 45 seconds to the clock.
    • Subtract the time at which the client received the request from the server and the estimated time i.e 165
    • 165-120 = 45

DRIFT FILE

  • Drift happens when your hardware clock is either fast or slow compared to the reference clock ( NTP Server)
  • NTP V4 -- can accurately keep a clock within 233 picoseconds.
  • If itโ€™s a +ve number in the drift file --- your clock is faster than the reference clock
  • If itโ€™s a -ve number in the drift file ---- your clock is slow as compared to the reference clock.
  • Number in the Drift file is measured in PPM(Parts per million)
#ntp#logical-clock#centos#servers

Comments

Join the discussion

No comments yet. Be the first to comment.

More from this blog

Milan Dangol's blog

9 posts