On October 9, 2000, InternetWeek published a review I’d written of TrueTime Inc.’s TimeVault network time appliance. I wanted to link it as a reference to my posting “My BlackBerry is caught by the Daylight Savings Time fiasco.” While slightly dated, it’s still a good overview of network time. Sadly, the InternetWeek archives are long gone. So here the review is again, for your reading pleasure.
Time is the fire in which we burn.” So said Dr. Soran, the protagonist in the movie “Star Trek: Generations.” Of course, what he meant to say is: “Time is the absolute reference we use to keep all of our servers, applications and transaction logs in sync.” On the U.S.S. Enterprise, it’s easy to keep systems synchronized, typically by detecting the quantum state of the universe by emitting anti-tachyon beams from the main deflector array. But, back in the 21st century, we have to use more prosaic methods: Time servers.
Why? For one thing, internal consistency: When tracking down a communications problem between two systems, knowing that the clocks are keeping the same time means event logs, ping reports and other time-stamped data can be analyzed with some degree of confidence. It’s also important for alignment with the outside world. When recording e-commerce transactions, it’s important to note the time of the request — and in some cases, such as when dealing with securities or other financial transactions, recording the accurate time may be mandated by law.
So why not just set the system clocks? Well, it’s hard to set them accurately enough using manual methods. But more importantly, PC clocks drift, sometimes by minutes each day. They can also be reset, either accidentally by an errant program or confused user, or even maliciously by someone who wishes to alter the time stamps.
The solution is to configure each server to periodically request the current time from a common trusted source, and adjust its own real-time clocks accordingly.
NTP (IETF RFC 1035) is the old Unix protocol used by computers to receive and respond to requests for the current time. When properly equipped with a client which can send NTP signals, workstations and servers can request the time from any trusted source. One source that many individuals use is the U.S. government’s publicly accessible time servers, such as the U.S. Naval Observatory in Washington, D.C., or the National Institute of Standards and Technology in Boulder, Colo.
Although time clients aren’t bundled with most operating systems, they’re not hard to find. The one we use for Win32 clients and servers is a free Automachron app from One Guy Coding, which can be configured to work with any NTP server. We’ve configured Automachron to sync the time of each server at startup, as well as once every hour, from the nearest NTP server, which at this review was www.time.nist.gov.
In some cases, however, an Internet-based time server isn’t good enough, because of the jitter and uncertainty of packet delivery. It also may be inconvenient to get the time from a distant location or other place where an Internet connection contains considerable delay. When synchronizing multiple sites — across the country or around the world — it may also be important to have a common time standard. That’s where TrueTime Inc.’s TimeVault comes in: It’s a self-contained NTP server appliance that can acquire extremely accurate time through a variety of sources, including satellites.
It’s About Time
TimeVault is a 1U rack-mountable server appliance that acquires accurate time from one of three sources: First, it uses its built-in Global Positioning System to read time being continuously transmitted from a constellation of 29 low-earth-orbit satellites using an external antenna, which ships with the server. When receiving time via GPS, the company claims that the server’s clock is accurate to within one microsecond. In that mode, it’s known in the industry as a “Stratum 1” time source, the most accurate type of time source on our planet other than labs using atomic clocks.
If a GPS signal isn’t available (perhaps the antenna blew down), TimeVault periodically dials NIST’s Automated Computer Time Service (ACTS) using its built-in modem and a dedicated phone line. In that case, the system claims to have 2 to 5 microsecond accuracy. If there’s no GPS or ACTS signal (maybe the phone line was cut when the antenna fell down), TimeVault attempts to get the time over the Internet from a publicly accessible NTP server. In the meantime, its internal clock keeps time, and provides the time to clients requesting the time via the NTP protocol.
The server itself is extremely simple to install. We plugged in the server, attached the GPS antenna’s 25-foot cable to the BNC connector, and leaned the antenna against a window. We also plugged the time server’s 10/100 Ethernet port into our LAN. (For best results, the antenna should be situated where it has a complete view of the sky, so that it can “see” at least three GPS satellites; our westward-facing window did the trick, but in a large facility the antenna should go onto the roof.)
After the server booted up, it acquired an IP address from our DHCP server, and the display panel showed its IP address. Since we wanted TimeVault to have a static IP address, we used an array of six push buttons on the server’s front to change it. The server then rebooted, and showed the correct address. After about 10 minutes, the server’s two-line LED panel lit up with the correct time and date, calibrated against Universal Coordinated Time (UTC), which is the technical name for Greenwich Mean Time.
Clock Me In
At that point, you’ve got a very expensive two-line clock. In order to use it as a time server, it’s necessary to configure devices on the network to interrogate it. Unlike other protocols such as DHCP, time servers do not advertise their services. Clients therefore need to be set up with an NTP client that points to the time server by its IP address or fully qualified name. A DHCP server can also be set up to add the address of the NTP server to its configuration data; in that case, the NTP client must be able to use that information.
Although TimeVault’s documentation explains the NTP protocol in excruciating detail, unfortunately it says nothing about how to actually use it. The company’s Web site isn’t any help, either. Nor does the company provide any NTP client utilities for various operating systems. Fortunately, because we already had been using Automachron on our Windows-based systems, it was easy enough to redirect them from using www.time.nist.gov to www.192.168.0.50, TimeVault’s private address on our network. Still, documentation should have been clearly provided, along with links to NTP client software.
Out of the box, TimeVault can only sync time with the GPS system. To configure it to use ACTS or for it to perform a last-resort time sync over the Internet requires access to its management system. The server is very flexible, offering serial-port console, telnet and Web-based administration.
Via Telnet or serial port access, the server requires a cryptic set of “F” commands, such as F03, which returns the current time, or F60, which displays a status report on the GPS satellites. There’s no Telnet help function. If you don’t have handy either chapter four of the manual or the easily lost quick-reference card, you won’t be able to do anything.
Access to the Telnet and serial functions are protected by username and password.
The Web-based interface is much better. Browsing to Time Vault’s IP address results in a pleasant-looking time display, which shows the current time (UTC) and the server’s operational status — that is, which time source it’s using. This is a straight HTML page, so the time display is static; manually refreshing the page updates the time. From there, the server’s various settings can be administered, including setting parameters for calling into NIST’s ACT server and configuring it to pull the time over the Internet (or the LAN) from another NTP server. In those cases, a Java applet lets the administrator edit text-based configuration files stored on the appliance — a cryptic process, and again, not one that should be attempted without the manual.
TimeVault is also designed to respond to SNMP polling, and the manual contains details about its custom MIBs, which can report back on satellite status as well as overall functioning of the server. A copy of the MIB is available electronically, and the company says it will work with HP OpenView and Sun’s X-SNMP package.
TimeVault’s developers clearly know their time sources, but have a lot to learn about user-friendly appliance design.
Fortunately, it’s probably not a device that needs to be administered frequently.
Does Anyone Really Know What Time It Is?
TimeVault is a very specialized piece of equipment. Although all network servers should be aligned to a common and trusted time source to keep their clocks and logs in sync, few networks will require the Stratum 1 precision that TimeVault offers. If being accurate within a few seconds is good enough, then aligning with www.tycho.usno.navy.mil, www.time.nist.gov or any other publicly accessible time server might be good enough. For large organizations, it might be advisable to set up a single time-server internally, which is synched against one of those services.
But in cases where there’s a need for extreme precision and reliability on behalf of the servers — such as when monitoring financial or e-commerce transactions; monitoring service level agreements; or supplying time service to sites with poor Internet access — the Stratum 1-level TimeVault will supply a degree of accuracy unavailable otherwise.
This might also serve businesses in good stead if they need to document the source of their time stamps, to meet regulatory or ISO-9000 requirements. In those cases, TimeVault is a simple solution that can do the job with precision.
Though, frankly, wouldn’t you rather squirt some antitachyons from the main deflector array?