Presentation is loading. Please wait.

Presentation is loading. Please wait.

NTPV3 – Time Synchronization Service

Published byBenedict Ramsey Modified over 6 years ago

Similar presentations

Presentation on theme: "NTPV3 – Time Synchronization Service"— Presentation transcript:

1 NTPV3 – Time Synchronization Service
Siddharth (Siddharth Jagtiani)

2 Highlights Why Time Synchronization ? How Time Synchronization ?
NTPv3 Utilities and LAB Authentication Options Backward Compatibility options Why and How © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

3 WHY Time Synchronization ?
11:01 11:00 11:00 11:01 UPDATE SYNC © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

4 How Time Synchronization ?
Time Request t3 Time Reply t4 t5 t6 Time Request t7 Time Reply t8 Time Consumer Time Provider © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

5 How Time Synchronization ? Time Exchange
© 2002 Novell Inc, Confidential & Proprietary November 17, 2018

6 How Time Synchronization ? Time Exchange - Eg
Offset = ((t2-t1) + (t3-t4)) /2 = 1 min Delay = (t4-t1) - (t3-t2) = 20 sec t3-t2 = Zero NetWare OS Non-preemptive scheduling. Time taken for Request = Time taken for Reply= 10 sec Time taken to process packet at Time Server = 5 sec © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

7 OS Clock - Interface Time Provider Time Consumer Timesync/ NTPv3
Time Exchange Time Consumer Timesync/ NTPv3 Applications Write Correction Registers Read Write Time CLOCK Status Timer Interrupt Write © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

8 OS Clock - How © 2002 Novell Inc, Confidential & Proprietary
November 17, 2018

9 Time Correction on OS ? Slam - Correct the clock (NOW !!)
Local Clock = Local Clock + Offset Slew - Slowly correct the clock (I am in no hurry !!) Slewed Offset = Offset/Duration of Slew For (Every second until Duration of Slew) Local Clock = Local Clock + 1 second + Slewed Offset © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

10 Timesync Slam Vs Slew NOT in Sync Get Time From Time Source
First Time ? Slew No Slam Yes © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

11 Filter/Selection Algorithm
NTPv3 Slam Vs Slew XNTPD NTPDate Get Time From Time Source Get Time From Time Source Slam Filter/Selection Algorithm Slew OS Clock Nearly In Sync OS Clock In Sync © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

12 Value of NTPv3 Open Source port. RFC 1305
Uniformity between other platforms NetWare 6.5 includes Time Synchronization Daemon : xntpd.nlm Utilities : ntpdate, ntpq, ntptrace and xntpdc Browser based configuration through NORM Backward compatibility to service NCP time requests © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

13 NTPv3 Tools in NetWare 6.5 - NTPDATE
Used to slam the time provider’s time on the server. Helps to achieve synchronization faster. Similar to timesync’s “Set Clock to first network time” Time Consumer Time Provider Request 123 NtpDate Server B XNTPD Reply OS Clock © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

14 NTPDATE - Options Usage : [-bBdqsv] [-a key#] [-e delay] [-k file] [-p samples] [-o version#] [-r rate] [-t timeo] server -b : Step the time without limits -u : Don’t use port 123 -d -q : only display the time offset -s : Log actions to file © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

15 NTPDATE - LAB Tasks Use NTPDATE to set the time of the server to NTP.NOVELL.COM Use NTPDATE to set the time to a Timesync Single Server Load XNTPD and then try to use NTPDATE to set time to NTP.NOVELL.COM Load Timesync and then try to use NTPDATE to set time to NTP.NOVELL.COM Use NTPDATE to find out how far you are from NTP.NOVELL.COM, but do NOT set the system time. Log NTPDATE screen info to file © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

16 NTPv3 Tools in NetWare 6.5 - XNTPD
Maintains synchronized time as long as the server is running Used to slew the clock with the time provider’s clock Sys:\etc\ntp.cfg is the default configuration file Ntp.cfg comes with a lot of examples for helping configuration -T options help migrate/provide backward compatibility for NCP clients Ntp configuration on NORM Health Monitor on NORM © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

17 Sample XNTPD Progress Screen
© 2002 Novell Inc, Confidential & Proprietary November 17, 2018

18 XNTPD Manual Configuration
This configuration is similar to “Timesync Configured Sources=ON” Server can be self synchronized Time Provider – LOCAL Clock Server can rely on another server for time. Time Provider – Another NTP server Advertise its service (broadcast mode) Listen to advertisements (broadcastlisten mode) © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

19 Manual Configuration – NTP.Cfg Commands
Local Clock Setup server [minpoll <4-16>] – Local Clock fudge stratum <0-15> - Stratum Time Provider – Another NTP Server server <ipa/dns name> [minpoll <4-16>] – Time Provider Poll Delay minpoll <4-16> - Poll Delay = 2minpoll 5 successful poll’s gets the server to synchronized state © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

20 Manual Configuration – Example
Self Synchronized IP Address for identifying the local clock – Used along with the fudge, minpoll and stratum command Eg : server minpoll 4 fudge stratum 2 Configure to Take time from another server IP Address/DNS name of the time provider Can be used along with minpoll command to increase speed of configuration server <ipa/dns name> minpoll 4 © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

21 NTPv3 Tools in NetWare 6.5 - NTPQ
Query tool to monitor the status and quality of time Delay Offset Error Progress of synchronization filt values Ability to query other NTPv3 servers from a central place host Ability to check the status of all your time providers peers © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

22 NTPQ – Monitoring Commands
associations (as) – List all the associations. peers (pe) – List the status of each peer rv <assocID> - List all the variables for the association <assocID> rvi <index> - List all the variables for the association number <index> host <ipa>|<dns name> - Change the query server. showipconf – Show the ipa and broadcast address of this server. (does not work in host mode). Authentication – Query requests should be encrypted authenticate [yes|no] – enable/disable authentication keyid – identity of the client keytype – type of authentication © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

23 XNTPD / NTPQ - LAB Tasks Use XNTPD to configure to use NTP.NOVELL.COM as the time source Check synchronization status at regular interval’s Experiences ???? Configure XNTPD to use the server next to you as the time source Check the synchronization status at regular interval’s Experiences ???? © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

24 Manual Configuration - LAB
Tasks Configure with multiple time provider using DNS/IP Address Experiences ????? Configure a time consumer to synchronize within a minute Experiences ????? Configure NTPDATE to run automatically before XNTPD Set the Time provider’s time ahead by a hour. Set the Time provider’s time behind by a hour Experiences ????? © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

25 Manual Configuration LAB – For Experts
Tasks Use XNTPD to configure to use a NetWare box with Timesync loaded as the time source Configure XNTPD to help ensure that only “authenticated” clients make time requests AUTHENTICATION Configure XNTPD to use Timesync SINGLE server in the tree as your time source. Configure Timesync to take time from XNTPD in NTP/NCP mode © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

26 NTPQ – LAB – For Experts NTPQ
Configure XNTPD to take time from multiple time providers. Check the status of all time providers in list at regular interval’s Experiences ???? Send authenticated requests to the server next to you and monitor the status Comment on the time providers of the server next to you © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

27 NTPQ Reference How to Configure Time Synchronization Service on Unix ?
8) Some of the important outputs of the “peers” command is detailed as below. A) First character - ‘+’ ,‘*’ or ‘o’ means - Selected for Synchronization. ‘-’, ‘SPACE’ or ‘#’ means - Discarded. B) IPA of the Time Source C) Type or Source - E.g GPS or some other type of Time Source. D) Stratum E) Type of peer - Unicast, Multicast, Broadcast or Local. F) Delay - Round trip delay G) Offset - Time difference. E.g for NTPQ-Peers Cmd: remote refid st t when poll reach delay offset disp =================================================================== GPS u © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

28 XNTPD Auto Configuration
This configuration is similar to “Timesync Auto Discovery” Configure the Time Provider to Broadcast its service on the network Configure the Time Consumers to listen to the broadcast service and synchronize. Time Provider broadcast <broadcast address> Time Consumers broadcastclient © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

29 Auto Configuration - LAB
Tasks Configure your server to broadcast its service to the other servers on the network. Configure your server to accept broadcast’s and listen Configure your server with authentication to broadcast its service Configure your server to accept broadcast’s only in authenticated mode © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

30 XNTPD - Authentication Process Request Process
Time Consumer Time Request Encrypt Time Request + Encrypted [Time Request] Send Time Provider Split Time Request Encrypted [Time Request] Discard Unauthentic Encrypt Process Reply Not Equal Equal Compare © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

31 XNTPD - Authentication Process Reply Process
Time Provider Time Reply Encrypt Time Reply + Encrypted [Time Reply] Send Time Consumer Split Time Reply Encrypted [Time Reply] Discard Unauthentic Encrypt Step/Slew Not Equal Equal Compare © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

32 XNTPD – Authentication Setup
Need Time Consumers need to know if they are contacting the Time Provider they intend to (XNTPD.NLM) Queries between hosts, need encryption (NTPQ.NLM) Remote Configuration commands need to come from authenticated clients (XNTPDC.NLM) NTP.CFG Key file Trusted Key - XNTPD.NLM Request Key – NTPQ.NLM Control Key – XNTPDC.NLM server, peer, broadcast – command use the key ID NTP.KEY Key ID – Key Identifier Key Value – Password Key Type – Encryption method MD5/DES © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

33 XNTPD – Authentication Setup
Time Provider Share common symmetric key’s between NTP server and NTP client Eg NTP.KEY # Key ID Key Type Key Value M netware_is_the_best Enable the 420 key as a trusted Eg : NTP.CFG keys sys:\etc\ntp.key trustedkey 420 © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

34 XNTPD – Authentication Setup
Time Consumer Share common symmetric key’s between the NTP server and client Eg NTP.KEY # Key ID Key Type Key Value M netware_is_the_best NTP client should enable the keys for synchronization Eg NTP.CFG Keys sys:\etc\ntp.key Trustedkey 420 NTP client needs to specify the key that needs to be used for every NTP server Eg NTP.CFG server <ntp_server_ip_address> key 420 © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

35 XNTPD - Authentication - LAB
Tasks Configure your server as a time consumer to the server on your right hand side only with authentication Configure your server as a time provider to the server on your left hand side and provide authentication options Experiences ??? © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

36 XNTPDC Authentication
Need XNTPDC client needs to have authentic access to modify configuration on the remote server. Remote server should be able to able to deny access How XNTPDC client need to provide the correct keyID, keyValue (password) Remote server should be able to authenticate a configuration request. © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

37 Authentication Options Remote Configuration Authentication
XNTPDC Enable authentication option for the server that needs to be Remotely configured. Insert a entry into ntp.key Mark the key as controlkey in ntp.cfg Restart xntpd.nlm Remote Configure a server - xntpdc Passwd – Authenticate to the remote server © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

38 NTPQ Authentication Options
Setup the host server Insert a entry into ntp.key Mark the key as requestkey in ntp.cfg Restart xntpd.nlm Configure Query Client Insert the key of the time provider in ntp.key Mark the key as trustedkey in ntp.cfg Add option “key <keyid>” in ntp.cfg “server” command line Eg : server <ipaddress> minpoll <vlaue> key <keyid> © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

39 Advanced Configuration
Minimize Traffic Select servers across geographic locations to be peers to each other – Similar to “Timesync Primary Servers” – This helps in minimizing traffic across WAN’s Fault Tolerance Have all these servers use a reference clock (external) as a master server – This helps in fault tolerance. COMMON - Time Consumer Setup Have all Time Consumers use one of the above peer servers as a Time provider for itself. © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

40 Advanced Configuration – Lab Minimize Traffic
Self Synchronized Stratum 10 External NTP Source Self Synchronized Stratum 10 Provo India Peer Synchronized © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

41 Advanced Configuration – Lab Fault Tolerance
External NTP Source External NTP Source Self Synchronized Stratum 10 Provo Self Synchronized Stratum 10 India Peer Synchronized © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

42 NTPTrace - LAB NTPTrace
Query all servers in the stratum thread to the root (startum 1) LAB Query your stratum thread Experiences ????? © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

43 Extra features for NetWare 6.5
Browser Based configuration (Embedded in xntpd.nlm) On NORM scroll down to NTP Configuration and click “Manual Configuration” Modify NTP Configuration file’s, Save, Restart and Apply (save and restart xntpd to reflect new changes) NTP Version independence Timesync Migration/Backward Compatibility options Xntpd –T noncp : Will disable the ncp engine on xntpd. XNTPD will not serve ncp time request’s from NetWare 4.x and Novell Clients Xntpd –T slp : Will look up SLP for a Timesync SINGLE server on the network, add the Timesync SINGLE server’s IP Address in the ntp.cfg as a time provider © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

44 NTP State Machine NOT Loaded/Not Synchronized Load XNTPD
Loaded/Nearly Synchronized Step Clock is Enabled No Yes Slew NTPDATE –u –b <server list from ntp.cfg> Loaded/Synchronized NTPDATE Success Yes No © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

45 Migration Timesync to NTPv3
Reference – Primary Primary - Secondary Reference – Secondary Secondary – Secondary Client – Server Manual Configuration Single – Secondary Broadcast/Multicast – Broadcastlisten Configuration Primary – Primary Peer Configuration © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

46 Backward Compatibility - Problem
NCP Request NCP Request BOOM BOOM NCP Reply NCP Reply © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

47 Backward Compatibility – Solution
With NTPv3 and NCP Server NCP Request NCP Request NCP Reply NCP Reply © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

48 Backward Compatibility – LAB NORM - Lab
Task Configure NetWare 4.x server to use NetWare 6.5 as a time source Tasks Configure your server using NORM, using any configuration mode Monitor its synchronization status using “Health Monitor” © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

49 Browser based administration - NORM
NTP Configuration Click on “NTP Configuration” link under “Manage Applications” Click on the set of servers that you want to configure Edit the configuration file Save – saves the contents of the ntp.cfg Restart – reload xnptd.nlm Apply – save and restart NTP Monitoring Click on “Health Monitor” Click on “NTP Monitoring Service” Click on the set of servers that you want to monitor peers : output same as ntpq associations : output same as as command on ntpq variables : output same as “rv <assId>” © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

50 Future for NTPv3 Simplifying NTP/Timesync configuration
More on integrating Timesync backward compatibility with NTPv3 configuration Cross platform solution – OS Independent Extending features for helping debugging of time synchronization problems © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

51 Q & A

52 How Time Synchronization ?
Time Consumer Time Provider Time Exchange NTPv3/Timesync Read Write OS Clock Read Time Critical Applications © 2002 Novell Inc, Confidential & Proprietary November 17, 2018

Download ppt "NTPV3 – Time Synchronization Service"

Similar presentations

DSL-2730B, DSL-2740B, DSL-2750B.

DSL-2730B, DSL-2740B, DSL-2750B.
1 Dynamic DNS. 2 Module - Dynamic DNS ♦ Overview The domain names and IP addresses of hosts and the devices may change for many reasons. This module focuses.

1 Dynamic DNS. 2 Module - Dynamic DNS ♦ Overview The domain names and IP addresses of hosts and the devices may change for many reasons. This module focuses.
Clarke, R. J (2001) t909-03: 1 Office Automation & Intranets BUSS 909 Tutorial 3 NetObjects Team Fusion Overview.

Clarke, R. J (2001) t909-03: 1 Office Automation & Intranets BUSS 909 Tutorial 3 NetObjects Team Fusion Overview.
Network+ Guide to Networks, Fourth Edition Chapter 10 Netware-Based Networking.

Network+ Guide to Networks, Fourth Edition Chapter 10 Netware-Based Networking.
1 Relates to Lab 4. This module covers link state routing and the Open Shortest Path First (OSPF) routing protocol. Dynamic Routing Protocols II OSPF.

1 Relates to Lab 4. This module covers link state routing and the Open Shortest Path First (OSPF) routing protocol. Dynamic Routing Protocols II OSPF.
Hands-On Microsoft Windows Server 2003 Networking Chapter 6 Domain Name System.

Hands-On Microsoft Windows Server 2003 Networking Chapter 6 Domain Name System.
Hands-On Microsoft Windows Server 2003 Networking Chapter 7 Windows Internet Naming Service.

Hands-On Microsoft Windows Server 2003 Networking Chapter 7 Windows Internet Naming Service.
Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.

Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.
5.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.

5.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.
SETUP AND CONFIGURATIONS WEBLOGIC SERVER. 1.Weblogic Installation 2.Creating domain through configuration wizard 3.Creating domain using existing template.

SETUP AND CONFIGURATIONS WEBLOGIC SERVER. 1.Weblogic Installation 2.Creating domain through configuration wizard 3.Creating domain using existing template.
Confidential property of Belkin International. Unlawful to copy or reproduce in any manner without the express written consent of Belkin International.

Confidential property of Belkin International. Unlawful to copy or reproduce in any manner without the express written consent of Belkin International.
1 Chapter Overview Introduction to Windows XP Professional Printing Setting Up Network Printers Connecting to Network Printers Configuring Network Printers.

1 Chapter Overview Introduction to Windows XP Professional Printing Setting Up Network Printers Connecting to Network Printers Configuring Network Printers.
1. A router is a device in computer networking that forwards data packets to their destinations, based on their addresses. The work a router does it called.

1. A router is a device in computer networking that forwards data packets to their destinations, based on their addresses. The work a router does it called.
1 Relates to Lab 4. This module covers link state routing and the Open Shortest Path First (OSPF) routing protocol. Dynamic Routing Protocols II OSPF.

1 Relates to Lab 4. This module covers link state routing and the Open Shortest Path First (OSPF) routing protocol. Dynamic Routing Protocols II OSPF.
VLAN Trunking Protocol (VTP) W.lilakiatsakun. VLAN Management Challenge (1) It is not difficult to add new VLAN for a small network.

VLAN Trunking Protocol (VTP) W.lilakiatsakun. VLAN Management Challenge (1) It is not difficult to add new VLAN for a small network.
1 Physical Clocks need for time in distributed systems physical clocks and their problems synchronizing physical clocks u coordinated universal time (UTC)

1 Physical Clocks need for time in distributed systems physical clocks and their problems synchronizing physical clocks u coordinated universal time (UTC)
Enhanced NTP IETF – TicToc BOF Greg Dowd – Jeremy Bennington –

Enhanced NTP IETF – TicToc BOF Greg Dowd – Jeremy Bennington –
A Security Analysis of the Network Time Protocol (NTP) Presentation by Tianen Liu.

A Security Analysis of the Network Time Protocol (NTP) Presentation by Tianen Liu.
176 Introduction to Network Time Protocol (NTP) Version A.01 H3065S Module 15 Slides.

176 Introduction to Network Time Protocol (NTP) Version A.01 H3065S Module 15 Slides.

Similar presentations

Ads by Google