NTP Server and Client

Document revision: 1.1 (January 23, 2008, 14:31 GMT)
Applies to: V3.0

General Information

Summary

NTP protocol allows synchronizing time among computers in network. It is good if there is an internet connection available and local NTP server is synchronized to correct time source. List of publec NTP servers is available at http://www.eecis.udel.edu/~mills/ntp/servers.html. Note that if NTP client is all you need, you may want to consider using SNTP client instead for it has lower system requirements and significantly smaller memory footprint. It is included in the system package and is activated once ntp package is disabled or uninstalled.

Specifications

Packages required: ntp
License required: Level1
Submenu level: /system ntp
Standards and Technologies: NTP version 3 (RFC 1305)
Hardware usage: Not significant

Description

Network Time Protocol (NTP) is used to synchronize time with some NTP servers in a network. MikroTik RouterOS provides both - NTP client and NTP server.

NTP server listens on UDP port 123

NTP client synchronizes local clock with some other time source (NTP server). There are 4 modes in which NTP client can operate at:

unicast (Client/Server) mode - NTP client connects to the specified NTP server. IP address of NTP server must be set in ntp-server and/or second-ntp-server parameters. At first client synchronizes to NTP server. Afterwards client periodically (64..1024s) sends time requests to NTP server. Unicast mode is the only one which uses ntp-server and second-ntp-server parameters.
broadcast mode - NTP client listens for broadcast messages sent by any NTP server. After receiving first broadcast message, client synchronizes local clock using unicast mode, and afterwards does not send any packets to that particular NTP server, but rather waits for the next broadcast messages.
multicast mode - acts the same as broadcast mode, only instead of broadcast messages (IP address 255.255.255.255) multicast messages are received (IP address 224.0.1.1).
manycast mode - actually is unicast mode only with unknown IP address of NTP server. To discover NTP server, client sends multicast message (IP 239.192.1.1). If NTP server is configured to listen for these multicast messages (manycast mode is enabled), it replies. After client receives reply, it enters unicast mode and synchronizes to that NTP server. But in parallel client continues to look for more NTP servers by sending multicast messages periodically.

Client

Submenu level: /system ntp client

Property Description

enabled (yes | no; default: no) - whether the NTP client is enabled or not

mode (unicast | broadcast | multicast | manycast; default: unicast) - NTP client mode

primary-ntp (IP address; default: 0.0.0.0) - specifies IP address of the primary NTP server

secondary-ntp (IP address; default: 0.0.0.0) - specifies IP address of the secondary NTP server

status (read-only: text) - status of the NTP client:

stopped - NTP is not running (NTP is disabled)
error - there was some internal error starting NTP service (please, try to restart (disable and enable) NTP service)
started - NTP client service is started, but NTP server is not found, yet
failed - NTP server sent invalid response to our NTP client (NTP server is not synchronized to some other time source)
reached - NTP server contacted. Comparing local clock to NTP server's clock (duration of this phase is approximately 30s)
timeset - local time changed to NTP server's time (duration of this phase is approximately 30s)
synchronized - local clock is synchronized to NTP server's clock. NTP server is activated
using-local-clock - using local clock as time source (server enabled while client disabled)

Example

To enable the NTP client to synchronize with the 159.148.60.2 server:

[admin@MikroTik] system ntp client> set enabled=yes primary-ntp=159.148.60.2
[admin@MikroTik] system ntp client> print
          enabled: yes
             mode: unicast
      primary-ntp: 159.148.60.2
    secondary-ntp: 0.0.0.0
           status: synchronized
[admin@MikroTik] system ntp client>

Server

Submenu level: /system ntp server

Property Description

broadcast (yes | no; default: no) - whether NTP broadcast message is sent to 255.255.255.255 every 64s

enabled (yes | no; default: no) - whether the NTP server is enabled

manycast (yes | no; default: yes) - whether NTP server listens for multicast messages sent to 239.192.1.1 and responds to them

multicast (yes | no; default: no) - whether NTP multicast message is sent to 224.0.1.1 every 64s

Notes

NTP server activities only when local NTP client is in synchronized or using-local-clock mode.

If NTP server is disabled, all NTP requests are ignored.

If NTP server is enabled, all individual time requests are answered.

CAUTION! Using broadcast, multicast and manycast modes is dangerous! Intruder (or simple user) can set up his own NTP server. If this new server will be chosen as time source for your server, it will be possible for this user to change time on your server at his will.

Example

To enable NTP server to answer unicast requests only:

[admin@MikroTik] system ntp server> set manycast=no enabled=yes
[admin@MikroTik] system ntp server> print
      enabled: yes
    broadcast: no
    multicast: no
     manycast: no
[admin@MikroTik] system ntp server>

© Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA. Other trademarks and registered trademarks mentioned herein are properties of their respective owners.

Document revision:	1.1 (January 23, 2008, 14:31 GMT)
Applies to:	V3.0