[ntp:questions] Re: synch clock using SNTP on embedded system

Kenneth Porter ken.blacklist at sewingwitch.com
Wed Oct 15 23:42:48 UTC 2003

[cross-posted to ntp newsgroup after reconstructing original post]

Rick <rrquick at nospam-com> wrote in news:3f8d737a$1 at clarion.carno.net.au:

> Lewin A.R.W. Edwards wrote:
>>>Can someone guide me as to what SNTP servers are publicly available 
>>>and how I can do my timestamping bit efficiently? I was thinking.. 
>>>once the device starts, I can get the time of day using SNTP and then 
>>>use an internal clock to synchronize this time, i.e. I won't need to 
>>>query the SNTP again and again and simply use the internal clock 
>>>(Nut/OS provides the resolution of a second) and calculate the 
>>>current time of day. Does that seem like a good idea? Any suggestions
>>>are appreciated. Thanks 
>> Whoa, Silver! Hardcoding names and/or addresses of public servers
>> (that you don't maintain) into an embedded application is a Very Bad
>> Thing. To see just how much of a Bad Thing it can be, particularly
>> when combined with the additional evils of firmware bugs and a huge
>> userbase, refer to this recent story (this story made it into
>> mainstream press, too):
>> <http://www.cs.wisc.edu/~plonka/netgear-sntp/>.
> Thanks Lewin :) Those were some wonderful suggestions.. I'll definitely 
> fix my design. BTW, what do you think about the idea of not querying 
> SNTP again and again?

Only query it when you think your clock has drifted too much for your 
application. And don't pound a server for an answer if it's not 
responding. Use exponential back off.

BTW, I just recently learned of a new NTP service:


This is intended for systems that don't need "close" servers for ultra-
accurate time, and don't want to hard-code a server name.

I'd also favor the CNAME solution (ntp.mydomain.com), pointing initially 
at the pool server. This eliminates your product's vulnerability to a 
change in management or policy at ntp.org. As long as you keep your own 
domain registered, you'll control where your CNAME is pointing.

How are you finding your DNS server? DHCP? If so, check for an NTP server 
option set on the DHCP server and use that in preference to your hard-
wired name. I supply that option from my DHCP servers, pointing at the 
NTP server on my LAN.

Another idea: (I don't know what downsides there are to this. NTP gurus?) 
If the above ideas fail, as a last resort, traceroute to a well-known 
public server and look for NTP service on each router along the way, 
using that of the closest router. It's also not uncommon to run NTP on 
DNS servers, so you could look for it on your configured DNS server.

Kenneth Porter

More information about the questions mailing list