NTP Time Servers
Posted by Karl Zimmerman, Last modified by Bryan Parker on 18 February 2014 11:28 AM
This article is written to explain our current Network Time Protocol (NTP) offering. Having a consistent time setting across servers help when correlating logged event across servers and is used by security protocols such as SSL, TLS and Kerberos to avoid replay attacks. Since Kerberbos is a key component in Microsoft Active Directory, systems using AD will also benefit from having a good time synchronization source.
Resources on what NTP is and how it works may be found here:
It should also be noted that NTP can be used as part of a Precision Time Protocol (PTP) configuration:
NTP Stratum Levels
The Wikipedia article on NTP (listed above) does a good job on going over NTP stratum levels. The United States provides authoritative sources for specifying the exact time. These include radio and phone access to an atomic clock at the US Naval Observatory in Colorado and the Global Positioning System (GPS) satellites. These time sources are referred to as Stratum 0. Time servers that get time directly from one of these sources are called Stratum 1. Then, servers that get their time from Stratum 1 servers are called stratum 2 and so on. The lower the stratum level the higher the quality is considered to be since a lower stratum level should have a more accurate time.
Steadfast NTP Infrastructure
Steadfast has a stratum 1 time source which get its time via GPS. The antenna for the server is on the roof of our data center facility which lprovides a good view of the sky to hold a lock on several (at least 4) of the North American GPS satellites. The actual number and which satellites are locked changes through-out the day as the positions change (the current positions can be found at http://www.nstb.tc.faa.gov/RT_WaasSatelliteStatus.htm).
The stratum 1 time source is currently only available to Steadfast customers with the following guidelines:
The stratum 1 server is a highly accurate FSMLabs TimeKeeper Grandmaster Network Time Server which provides NTP version 4 service over IPv4. Not only does this regularly get accurate time updates from multiple GPS satellites, but in any case it loses GPS lock the unit also includes a Temperature Compensated Crystal Oscillator (TCXO) which helps minimize any clock drift (under 25µs/24hr holdover) until the GPS lock is once again established.
The host name for the stratum 1 server is: gps.time.steadfast.net
Steadfast has six stratum 2 servers which get their time from both the Steadfast stratum 1 along with other public stratum 1 and stratum 2 servers. These servers should provide an accurate enough time source for the majority of systems.
The individual host names for the servers are:
All six servers are included in in the time.steadfast.net DNS record. The first four servers are included in chi.time.steadfast.net and the last two servers are included in the nyc.time.steadfast.net record.
Unlike the stratum 1 server, the stratum 2 server is available publicly, even to non-customers. Each of the stratum 2 NTP servers are listed in the public stratum 2 server list at: http://support.ntp.org/bin/view/Servers/StratumTwoTimeServers
Configuring Operating System to use NTP servers
To use the stratum 2 servers on CentOS, modify the /etc/ntp.conf file and add the following line:
If you require stratum 1 as well, then also add the line:
Microsoft Windows has a built-in NTP client. You can configure it by doing the following:
This can also be done from a Command Prompt (cmd.exe) window by running the following:
w32tm /config /manualpeerlist:time.steadfast.net /reliable:yes /update
The status can be confirmed by running:
w32tm /query /status
If a non-cloud Windows system requires stratum 1 service, run the following:
w32tm /config /manualpeerlist:"time.steadfast.net gps.time.steadfast.net" /reliable:yes /update
The status can then be confirm using the same command above.