Skip to content
  • Network Time Protocol (NTP) and Synchronized Clock FAQs

What is NTP?

Network Time Protocol (NTP) is a protocol that provides a reliable way of transmitting and receiving the time over TCP/IP networks. It has become the de facto standard for synchronizing Internet computers and other networked devices to Universal Coordinated Time (UTC), which is accomplished by having these devices reference a common time source – i.e., an atomic clock or a network time server (a.k.a. an “NTP server”). (NTP is defined in IETF RFC 1305.)

NTP uses port 123, which must be opened on a firewall or router to ensure proper communication with the NTP server.

What is SNTP?

Simple Network Time Protocol (SNTP) is a simplified version of NTP, which is used in cases where a full implementation of NTP is not required. Because SNTP uses the same packet format as NTP, SNTP clients can utilize NTP servers. (SNTP is defined in RFCs 1361,2030 & 4330.)

SNTP is implemented on the PoE clock. By default, SNTP time synchronization is performed once per hour, which keeps the displayed time within 200 ms of actual time. (For more information on how to configure your clock for an SNTP server see How do I configure my PoE clock for an SNTP Time Server? below)

What is International Atomic Time?

International Atomic Time is an international time standard derived from 200 atomic clocks in 50 national laboratories from around the world. The readings from these clocks are used to form the standard for Coordinated Universal Time (UTC), which governs global time-keeping.

Atomic clocks represent the top-level stratum of the NTP hierarchy.

What are Stratum?

The world of NTP is a hierarchy of reference clocks and time servers. At the top of the hierarchy are reference clocks known as stratum 0 time sources, which are typically atomic clocks or Global Positioning System (GPS) satellites.

A server that is linked to a stratum 0 device is called a stratum 1 server. The link itself is provided by a direct connection to the stratum 0 device (not via a network link), such as via WWV (high-frequency radio waves from NIST), GPS, or dial-up modem connection. Stratum 1 servers are the top level NTP servers available over the Internet.

Building on the NTP hierarchy, a stratum 2 server gets its time over the network from a stratum 1 server, a stratum 3 server from a stratum 2 server, and so on (up to stratum 15).

In essence then, the stratum defines the number of steps that a server is from a primary time source.

It’s also worth noting that NTP servers operating in the same stratum may be associated with one another in a peer-to-peer fashion. This is done so that a higher quality of time can be achieved and so that the servers can synchronize to the most accurate time setting amongst peers.

What’s an Appropriate NTP Architecture?

As a general rule, it’s wise to have an internal time server on your network to support the synchronized clocks on the network. This is particularly true if you are deploying a number of clocks. Here are some reasons why this is important:

  1. If you have a large number of clocks independently referencing the same external time server, you may possibly run afoul of the external time server’s network access policy (by accessing the time server more frequently than its open access policy allows).
  2. An internal time server reduces Internet traffic, and helps secure timekeeping on the network.

Secure timekeeping on the network is important because opening your network to NTP (port 123) traffic allows for the possibility of these types of hacker intrusions:

  • Sending too much data in the NTP packet, thus causing the NTP service to become overloaded and resulting in a denial of time services attack.
  • Sending specially constructed packets that essentially “take over” machines within your network (by using the same privileges as the NTP service running on those machines) and, in so doing, allowing the intruder to mask the break-in by resetting the time on those machines, making it impossible to effectively reconstruct the exact sequence of events that lead to the break-in.

By deploying your own internal time server, which alone references an external time source or time server (i.e., typically a stratum 2 server), you can construct the most robust form of NTP architecture for your synchronized clocks on your network. You can also minimize the amount of network management required to accomplish the goal of secure and accurate timekeeping.

Join our Newsletter

Categories

Related Posts

Cubro Webinar Replay: Network Packet Broker Technologies Uncovered

Cubro Webinar Replay: Network Packet Broker Technologies Uncovered

In this webinar, Cubro takes a technology-first look at how modern network packet brokers are designed to support increasingly complex,…
What Is a Master Clock and Why Does It Matter?

What Is a Master Clock and Why Does It Matter?

Modern organizations rely on precise time synchronization to keep operations running smoothly and consistently. Critical systems across industries such as…
Understanding Keysight Threat Simulator & Adding Value in the First 24 Hours

Understanding Keysight Threat Simulator & Adding Value in the First 24 Hours

In 2026, assuming your network is secure because you bought the “best” tools is no longer a viable strategy. The…
Everything Network Engineers Need to Know about PTP

Everything Network Engineers Need to Know about PTP

Everything Network Engineers Need to Know about PTP Precision Time Protocol (PTP), standardized as IEEE 1588 in 2002, is a…
Beyond the "Perfect" Lab: Simulating Real-World Network Chaos Before Deployment

Beyond the "Perfect" Lab: Simulating Real-World Network Chaos Before Deployment

It is the classic IT paradox: your application performed flawlessly in the staging lab, but the moment it was deployed…