NTP Server and Client
|Document revision:||1.1 (January 23, 2008, 14:31 GMT)|
NTP protocol allows synchronizing time among computers in network. It is good if there is an internet connection available and local NTP server is synchronized to correct time source. List of publec NTP servers is available at http://www.eecis.udel.edu/~mills/ntp/servers.html. Note that if NTP client is all you need, you may want to consider using SNTP client instead for it has lower system requirements and significantly smaller memory footprint. It is included in the system package and is activated once ntp package is disabled or uninstalled.
SpecificationsPackages required: ntp
License required: Level1
Submenu level: /system ntp
Standards and Technologies: NTP version 3 (RFC 1305)
Hardware usage: Not significant
Network Time Protocol (NTP) is used to synchronize time with some NTP servers in a network. MikroTik RouterOS provides both - NTP client and NTP server.
NTP server listens on UDP port 123
NTP client synchronizes local clock with some other time source (NTP server). There are 4 modes in which NTP client can operate at:
- unicast (Client/Server) mode - NTP client connects to the specified NTP server. IP address of NTP server must be set in ntp-server and/or second-ntp-server parameters. At first client synchronizes to NTP server. Afterwards client periodically (64..1024s) sends time requests to NTP server. Unicast mode is the only one which uses ntp-server and second-ntp-server parameters.
- broadcast mode - NTP client listens for broadcast messages sent by any NTP server. After receiving first broadcast message, client synchronizes local clock using unicast mode, and afterwards does not send any packets to that particular NTP server, but rather waits for the next broadcast messages.
- multicast mode - acts the same as broadcast mode, only instead of broadcast messages (IP address 255.255.255.255) multicast messages are received (IP address 184.108.40.206).
- manycast mode - actually is unicast mode only with unknown IP address of NTP server. To discover NTP server, client sends multicast message (IP 220.127.116.11). If NTP server is configured to listen for these multicast messages (manycast mode is enabled), it replies. After client receives reply, it enters unicast mode and synchronizes to that NTP server. But in parallel client continues to look for more NTP servers by sending multicast messages periodically.
ClientSubmenu level: /system ntp client
Property Descriptionenabled (yes | no; default: no) - whether the NTP client is enabled or notmode (unicast | broadcast | multicast | manycast; default: unicast) - NTP client modeprimary-ntp (IP address; default: 0.0.0.0) - specifies IP address of the primary NTP serversecondary-ntp (IP address; default: 0.0.0.0) - specifies IP address of the secondary NTP serverstatus (read-only: text) - status of the NTP client:
error - there was some internal error starting NTP service (please, try to restart (disable and enable) NTP service)
started - NTP client service is started, but NTP server is not found, yet
failed - NTP server sent invalid response to our NTP client (NTP server is not synchronized to some other time source)
reached - NTP server contacted. Comparing local clock to NTP server's clock (duration of this phase is approximately 30s)
timeset - local time changed to NTP server's time (duration of this phase is approximately 30s)
synchronized - local clock is synchronized to NTP server's clock. NTP server is activated
using-local-clock - using local clock as time source (server enabled while client disabled)
To enable the NTP client to synchronize with the 18.104.22.168 server:
[admin@MikroTik] system ntp client> set enabled=yes primary-ntp=22.214.171.124 [admin@MikroTik] system ntp client> print enabled: yes mode: unicast primary-ntp: 126.96.36.199 secondary-ntp: 0.0.0.0 status: synchronized [admin@MikroTik] system ntp client>
ServerSubmenu level: /system ntp server
Property Descriptionbroadcast (yes | no; default: no) - whether NTP broadcast message is sent to 255.255.255.255 every 64senabled (yes | no; default: no) - whether the NTP server is enabledmanycast (yes | no; default: yes) - whether NTP server listens for multicast messages sent to 188.8.131.52 and responds to themmulticast (yes | no; default: no) - whether NTP multicast message is sent to 184.108.40.206 every 64s
NTP server activities only when local NTP client is in synchronized or using-local-clock mode.
If NTP server is disabled, all NTP requests are ignored.
If NTP server is enabled, all individual time requests are answered.
CAUTION! Using broadcast, multicast and manycast modes is dangerous! Intruder (or simple user) can set up his own NTP server. If this new server will be chosen as time source for your server, it will be possible for this user to change time on your server at his will.
To enable NTP server to answer unicast requests only:
[admin@MikroTik] system ntp server> set manycast=no enabled=yes [admin@MikroTik] system ntp server> print enabled: yes broadcast: no multicast: no manycast: no [admin@MikroTik] system ntp server>