[ntp:questions] Re: NTP for dummies

Richard B. Gilbert rgilbert88 at comcast.net
Sun Oct 2 18:47:14 UTC 2005


David J Taylor wrote:

>Richard B. Gilbert wrote:
>  
>
>>David J Taylor wrote:
>>    
>>
>[]
>  
>
>>>As far as I can recall, the default W32time only sets the clock once
>>>a week, so whilst the initial setting may be within 50msec, the
>>>keeping will almost certainly not be within 50msec.  When I used to
>>>use an SNTP client, I believe the same was true, as the setting
>>>could be hours apart. David
>>>
>>>
>>>
>>>
>>>      
>>>
>>According to the Brandolini and Green White Paper  I cited, W32Time
>>tries every 45 minutes until it thinks the clocks are synchronized and
>>then every eight hours.
>>
>>If W32Time is not good enough, and it may not be, I did point out the
>>alternatives.  If it works, W32Time is by far the easiest way to do
>>the job; the software is installed with Windows 2000 or Windows XP,
>>and the configuration is easy.
>>
>>The reference implementation's version of SNTP would require that he
>>build from source, install, and configure. Pre-built versions of NTP
>>are available for Windows and could be downloaded, installed, and
>>configured..
>>    
>>
>
>Richard,
>
>Thanks for that.  According to:
>  http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/intmgmt/26_xpwts.mspx
>
>the default poll interval is 604800 seconds for PCs in a workgroup, that's 
>7 days.  This article:
>
>http://support.microsoft.com/kb/q216734/
>
>has more information, but I am unsure of its relevancy.  It seems that how 
>the PC is configured for function (workgroup or domain) may affect the 
>update interval.
>
>50ms in 8 hours would be a clock accuracy of 1.7 part per million - very 
>good for a PC clock.
>
>A pre-built NTP would be my normal choice and recommendation, but 
>certainly if W32time does the job well enough at least it's "standard OS" 
>software.
>
>Cheers,
>David 
>
>
>  
>
The Brandolin and Green paper I was quoting freely from was talking 
about systems in a domain.  I'm not sure the paper even mentions workgroups.

A large part of the motivation behind W32Time seems to have been 
Kerberos authentication.  If the systems using Kerberos are not in 
reasonably close synchronization (a minute or two) Kerberos doesn't 
work.  I believe the limit is adjustable but setting it too high allows 
"replay attacks" and other nastiness.

Given the problems that Windows seems to have with losing clock 
interrupts under load it would not surprise me if ntpd did not work very 
much better than W32Time.




More information about the questions mailing list