Network Time Protocol (NTP)

Document revision 19-Nov-2002
This document applies to the MikroTik RouterOS V2.6

Overview

NTP protocol allows synchronizing time among computers in network. The best is if there is internet connection available and local NTP server is synchronized to correct time source. List of public NTP servers is available: http://www.eecis.udel.edu/~mills/ntp/servers.htm

Contents of the Manual

The following topics are covered in this manual:

NTP Installation on the MikroTik RouterOS
NTP Client
NTP Server
TIMEZONE

NTP Installation on the MikroTik RouterOS

The ntp-2.6.x.npk package ir required. The package can be downloaded from MikroTik’s web page www.mikrotik.com . To install the package, please upload it to the router via ftp and reboot. You may check to see if the packages are installed with the /system package print command.

NTP Client

The NTP Client setup is under /system ntp client

[admin@MikroTik] > system ntp client print
	  enabled: no
	     mode: unicast
      primary-ntp: 0.0.0.0
    secondary-ntp: 0.0.0.0
	   status: stopped
[admin@MikroTik] >

NTP client synchronizes local clock with some other time source (NTP server). There are 4 modes in which NTP client can operate:

In unicast (Client/Server) mode NTP client connects to specified NTP server. IP address of NTP server must be set in ntp-server and/or second-ntp-server parameters. At first client synchronizes to NTP server. Afterwards client periodically (64..1024s) sends time requests to NTP server. Unicast mode is the only one which uses ntp-server and second-ntp-server parameters.
In broadcast mode NTP client listens for broadcast messages sent by NTP server. After receiving first broadcast message, client synchronizes local clock using unicast mode, and afterwards does not send any packets to that NTP server. It uses received broadcast messages to adjust local clock.
Multicast mode acts the same as broadcast mode, only instead of broadcast messages (IP address 255.255.255.255) multicast messages are sent (IP address 224.0.1.1).
Manycast mode actually is unicast mode only with unknown IP address of NTP server. To discover NTP server, client sends multicast message (IP 239.192.1.1). If NTP server is configured to listen for these multicast messages (manycast mode is enabled), it replies. After client receives reply, it enters unicast mode and synchronizes to that NTP server. But in parallel client continues to look for more NTP servers by sending multicast messages periodically.

Status of NTP client can be monitored by looking at status parameter. There are several possible statuses:

stopped - NTP is not running (NTP is disabled)
error - there was some internal error starting NTP service. (please, try to restart (disable and enable) NTP service)
started - NTP client service is started, but NTP server is not found, yet
failed - NTP server sent invalid response to our NTP client. (NTP server is not synchronous to some other time source)
reached - NTP server contacted. Comparing local clock to NTP server's clock. (duration of this phase - approx 30 sec)
timeset - local time changed to NTP server's time. (duration of this phase - approx 30 sec)
synchronized - local clock is synchronized to NTP server's clock. NTP server is activated.
using-local-clock - using local clock as time source (server enabled while client disabled)

NTP Server

The NTP Server setup is under /system ntp server

[admin@MikroTik] > system ntp server print
      enabled: no
    broadcast: no
    multicast: no
     manycast: yes
[admin@MikroTik] >

NTP server activates only when local NTP client is in synchronized or using-local-clock mode.

If NTP server is disabled, all NTP requests are ignored.

If NTP server is enabled, all individual time requests are answered.

If broadcast is enabled, NTP broadcast message is sent to 255.255.255.255 every 64s.

If multicast is enabled, NTP multicast message is sent to 224.0.1.1 every 64s.

If manycast is enabled, NTP server listens for multicast messages sent to 239.192.1.1 and responds to them.

CAUTION! Using broadcast, multicast and manycast modes is dangerous! Intruder (or simple user) can set up his own NTP server. If this new server will be chosen as time source for Your server, it will be possible for this user to change time on Your server at his will.

TIMEZONE

NTP changes local clock to UTC (GMT) time by default. To specify different time zone, time-zone parameter under /system clock has to be changed.

[admin@MikroTik] > system clock print
	 time: aug/12/2002 18:31:20
    time-zone: +00:00
[admin@MikroTik] >

Time zone is specified as a difference between local time and GMT time. For example, if GMT time is 18:00:00, but correct local time is 19:00:00, then time-zone has to be set to +1 hour:

[admin@MikroTik] > system clock set time-zone=3
[admin@MikroTik] > system clock print
	 time: aug/12/2002 21:31:57
    time-zone: +03:00
[admin@MikroTik] >

If local time is before GMT time, time-zone value will be negative. For example, if GMT is 18:00:00, but correct local time is 15:00:00, time-zone has to be set to -3 hours:

[admin@MikroTik] > system clock set time-zone=-3
[admin@MikroTik] > system clock print
	 time: aug/12/2002 15:32:20
    time-zone: -03:00
[admin@MikroTik] >