1. Technical Field
The present invention relates generally to the field of network architecture and administration, and more particularly to the synchronization of internal times to a reference time source.
2. Description of Related Art
Large network enterprises spanning multiple time zones or enterprises requiring accurate date stamping on their records and transactions look to a single solution for their enterprise management. Alongside software distribution, distributed monitoring, user administration and security management, time synchronization is important glue for the far-flung organization. Keeping consistent time across the enterprise is not only a good idea but is also a necessity for many applications as illustrated by the following examples:
Example 1: An online trading office with day traders working out of their homes needs to ensure that transactions sent for processing are correctly time stamped. The stamps function as an audit for how long a transaction takes to enter, which may be another indication of data manipulation or hacking.
Example 2: A casino needs to monitor transactions received from machines to ensure data integrity.
Example 3: An IT organization needs to make sure that all machines are working from the same time source, regardless of geography. A breakdown on synchronization indicates either data degradations on lines not under their control, or power faults requiring remediation.
A file server in a network timestamps a write to a file with a current time obtained from the server""s clock. A problem is encountered when a server""s clock has a substantially different time than the client""s clock. The problem is that applications running on the client computer can produce errors when, for example, a file is read or accessed with a timestamp ten minutes into the future.
Another problem is that a comparison of log entries can be complicated when clients with clocks that differ by minutes are logging to the same host. Attempting to chain together a sequence of events while looking at these logs is often futile due to the inaccurate timestamps.
In an effort to solve this problem, the Network Time Protocol (NTP) has been developed. NTP provides mechanisms to synchronize time and coordinate time distribution in a large, diverse internet. The protocol uses a returnable-time design in which a distributed subnet of time servers operating in a self-organizing, heirarchical master/slave configuration synchronizes local clocks within a subnet to national time standards by wire or radio. NTP relies on access to an accurate timekeeping device. The protocol can provide amazingly accurate synchronization between clients and the timekeeper. Across a LAN, accuracies are usually within milliseconds. Within WANs, the accuracy may degrade to tens of milliseconds. However, this is as accurate as most applications need.
The basic philosophy of NTP is that there is a universal notion of time to which all machines should synchronize: Universal Coordinated Time (UTC). Rather than trying to synchronize one host with another, each NTP server attempts to synchronize with UTC independently through the best sources of information a particular server can access.
The NTP servers are structured in a hierarchy rather than in a flat space or in a cloud. Each server assigns itself a hierarchy level that corresponds with its distance from a UTC source. Servers at the highest hierarchy level (level 1) have direct access to a source for UTC time, such as a radio receiver. Servers at hierarchy level 2 receive time information from level 1 servers, while level 3 servers receive time information from level 2, and so on. The number of levels is limited to 15 in the RFC-1305 standard.
An NTP host can operate as both a client and a server. Typically, an NTP client will synchronize with one server. The choice of server depends on a number of factors, including hierarchy level, measured network delay, and claimed precision. However, if three or more servers are available, the client employs a voting algorithm to ensure its server of choice is not providing an obviously incorrect time value.
As a client, an NTP host synchronizes with other servers. As a server, it permits other NTP hosts to synchronize with itself. There are two types of association modes between NTP hosts. In a client-server association, the client only receives time information from the server. In the symmetric-active mode, each NTP host acts as a server to the other and the two hosts exchange time information. The typical arrangement for a pool of time servers is for each to use a symmetric-active association with the others in the pool and to use a client association with at least three lower-hierarchy servers. The most robust configuration would have each server use a client association with a different set of three lower-hierarchy servers.
User workstations typically will not be slated for the role of NTP server but will be configured to use a client association with each NTP server in the pool. Client-only hosts also can be configured to receive synchronization information via broadcast or multicast packets. In a network of 100 clients and three time servers, for example, there are more than 300 associations and packet exchanges. If the time servers simply broadcast time information, the amount of traffic required to maintain the 100 clients reduces dramatically. Although the broadcast method decreases accuracy, the decrease in accuracy is not significant for most applications.
Although a standard for time synchronization has previously been disclosed, there remains a need for a mechanism to implement the standard into various platforms. There is a particular need for software that is cross-platform compatible to ensure compatibility within an enterprise. The software should be capable of being integrated into current network management systems such that the tools of the management system are utilized and the cost of implementing the solution is minimized. Furthermore, the system should provide authentication/certification capabilities based on the time synchronization and should interface the authentication functions with applications in order to assure integrity of operations.
The present invention keeps all servers and clients in an enterprise updated to the correct time through a hierarchical network of time servers, with a single time source at the top of the pyramid, and time source clients at the base.
Single source time synchronization is assured by starting with an atomic clock receiver connected to a time source computer. This source is accessed by the primary time servers beneath it to obtain accurate time information. Clients access the highest time server to obtain time information. If all of the time servers are unavailable, then the time information is obtained from the next lowest level of servers.
Time servers operate as multiple hierarchical layers between the clients and the time source, limiting the load on any single server and providing redundant paths to a valid time source. Time servers unable to verify their time through the primary, alternate, or failover servers invalidate themselves, thereby preserving system integrity.