The clock ticks toward accurate network timing

NIST's Boulder, Colo., campus maintains a network of 14 time servers that answer 320 million time requests per day.

It pays to know the time to keep a network running efficiently and securely.

The National Institute of Standards and Technology receives about 320 million timing requests a day on its network of 14 time servers. The requests come from individuals who check the time anywhere from once to 50 times a day, said Judah Levine, a physicist at NIST's Time and Frequency Division in Boulder, Colo.

'It's been growing by 10 percent a month for some time,' Levine said.

Although overall demand for NIST's service is increasing, government offices are relying more on internal timing systems to keep synchronous networks in sync and servers, clients and applications in step.

'Security is the big driver,' said Paul Skoog, product manager for IP network timing at TrueTime Inc. of Santa Rosa, Calif.

An internal time server or Global Positioning System timing receiver on a network lets the administrator close the server port needed to receive NIST signals. That narrows the window through which a hacker could capture and replay a packet to break in.

They have the time

The most security-conscious government users, however, have highly accurate internal clocks rather than GPS receivers, said Dan Lynch, northeast regional sales manager for Datum Inc. of Irvine, Calif.

'There is a big concern about security, especially since Sept. 11,' Lynch said. 'It has been going in this direction for two or three years, but in the last several months it has really taken off.'

GPS receivers require an outside satellite antenna, which can radiate data as well as receive it. That security concern has made the Defense Information Systems Agency the largest user of Datum's cesium clocks, Lynch said.

Timing gets critical as networks grow more complex. For synchronous communications, the sending and receiving devices must be synchronized to avoid dropped bits, and they must have a reliable frequency source with a constant clock pulse.

The reliability problem is increasing as networks accelerate to gigabit and terabit data rates.
Getting network devices to agree on the time is quite a problem on large networks. The Microsoft Windows 2000 operating system, for example, requires server and client clocks to be within five minutes of each other. On a network with more than 1,000 devices, the fastest and slowest clocks typically drift more than five minutes apart in a month, Skoog said.

Time-stamp accuracy is essential for server log files, which are the basis of network and security management, and log files often cannot be reconciled if servers are on different clocks.

Unfortunately, computer clocks are notorious for their inaccuracy.

'Simple clocks like your wristwatch usually keep better time than a computer clock,' Michael Lombardi of NIST's Time and Frequency Division wrote in a NIST white paper on synchronization.

A computer's software clock, which runs only when the system is powered up, commonly loses or gains a minute or more per day. The software clock gets its time from the computer's hardware clock, an inexpensive quartz crystal device that varies by about 10 seconds a day.

Free time

Computer clocks can be reset over dial-up connections to NIST's automated Computer Time Service, which began operating in 1988 and requires a toll call to Boulder. But most users connect to NIST's time servers over the Internet with free client software. The demand for the service reflects the rising complexity of networks and the number of computers with always-on Internet connections, NIST's Levine said.

Linux, Windows NT and Win XP OSes come with the time service client already installed, Levine said.

Some government networks rely instead on signals from the cesium clocks inside the Defense Department's Global Positioning System satellites.

These clocks maintain the most accurate time available, but because GPS reception is vulnerable to natural disruptions and jamming, some time-conscious administrators opt to put a cesium clock inside their networks instead.

A cesium clock with the required accuracy formerly cost about $50,000. The price of the newest generation has dropped to $25,000, comparable to the cost of running a GPS receiver.

'Some people can justify the cesium purchase now,' said James Olson, Datum's director of advanced technologies.

About the Author

William Jackson is freelance writer and the author of the CyberEye blog.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above