This form logs you into your management portal account. To access your help desk account, click here and use the form to the right of the news.
NTP Time Servers
Posted by Karl Zimmerman, Last modified by Bryan Parker on 18 February 2014 11:28 AM
|
|
This article is written to explain our current Network Time Protocol (NTP) offering. Having a consistent time setting across servers help when correlating logged event across servers and is used by security protocols such as SSL, TLS and Kerberos to avoid replay attacks. Since Kerberbos is a key component in Microsoft Active Directory, systems using AD will also benefit from having a good time synchronization source. NTP ResourcesResources on what NTP is and how it works may be found here:
It should also be noted that NTP can be used as part of a Precision Time Protocol (PTP) configuration: NTP Stratum LevelsThe Wikipedia article on NTP (listed above) does a good job on going over NTP stratum levels. The United States provides authoritative sources for specifying the exact time. These include radio and phone access to an atomic clock at the US Naval Observatory in Colorado and the Global Positioning System (GPS) satellites. These time sources are referred to as Stratum 0. Time servers that get time directly from one of these sources are called Stratum 1. Then, servers that get their time from Stratum 1 servers are called stratum 2 and so on. The lower the stratum level the higher the quality is considered to be since a lower stratum level should have a more accurate time. Steadfast NTP InfrastructureStratum 1Steadfast has a stratum 1 time source which get its time via GPS. The antenna for the server is on the roof of our data center facility which lprovides a good view of the sky to hold a lock on several (at least 4) of the North American GPS satellites. The actual number and which satellites are locked changes through-out the day as the positions change (the current positions can be found at http://www.nstb.tc.faa.gov/RT_WaasSatelliteStatus.htm). The stratum 1 time source is currently only available to Steadfast customers with the following guidelines:
The stratum 1 server is a highly accurate FSMLabs TimeKeeper Grandmaster Network Time Server which provides NTP version 4 service over IPv4. Not only does this regularly get accurate time updates from multiple GPS satellites, but in any case it loses GPS lock the unit also includes a Temperature Compensated Crystal Oscillator (TCXO) which helps minimize any clock drift (under 25µs/24hr holdover) until the GPS lock is once again established. The host name for the stratum 1 server is: gps.time.steadfast.net Stratum 2Steadfast has six stratum 2 servers which get their time from both the Steadfast stratum 1 along with other public stratum 1 and stratum 2 servers. These servers should provide an accurate enough time source for the majority of systems. The individual host names for the servers are:
All six servers are included in in the time.steadfast.net DNS record. The first four servers are included in chi.time.steadfast.net and the last two servers are included in the nyc.time.steadfast.net record. Unlike the stratum 1 server, the stratum 2 server is available publicly, even to non-customers. Each of the stratum 2 NTP servers are listed in the public stratum 2 server list at: http://support.ntp.org/bin/view/Servers/StratumTwoTimeServers Configuring Operating System to use NTP serversCentOSTo use the stratum 2 servers on CentOS, modify the /etc/ntp.conf file and add the following line: server time.steadfast.net If you require stratum 1 as well, then also add the line: server gps.time.steadfast.net WindowsMicrosoft Windows has a built-in NTP client. You can configure it by doing the following:
This can also be done from a Command Prompt (cmd.exe) window by running the following: w32tm /config /manualpeerlist:time.steadfast.net /reliable:yes /update The status can be confirmed by running: w32tm /query /status If a non-cloud Windows system requires stratum 1 service, run the following: w32tm /config /manualpeerlist:"time.steadfast.net gps.time.steadfast.net" /reliable:yes /update The status can then be confirm using the same command above.
| |
|