Introduced in 1985, the Network Time Protocol (NTP) is essential to maintain the correct time on almost all devices. It uses some algorithm to maintain time over a network while taking into account network latency. If you are curious about how this old protocol works, you might want to read RFC 5909. As with all official RFC documents, I strongly recommend you drink your favourite caffeinated drink before starting your reading. I wrote about this particular subject because “time” is an interesting concept, especially if you have ever used a computer.
Every day, we follow some rules based on “time”, wake up at 6:15, attend a meeting at 9, eat at noon and so on until we fall asleep. It’s not just you and me, animals also have some knowledge of time. Bees can perceive and measure time, they can even get jet lag. My dog can’t tell what time it is, but she can tell me when it’s time to wake up or feed her. Poop time is always at the same moment, every day*… *Pickup time may vary
On the other hand, computers are fundamentally dumb. They can barely follow our instructions/commands. And yet, those machines have an inner clock which is better at telling time than any creatures. When electrons are sent crashing (face first, I imagine) at a very small crystal, it starts to vibrate at a very important frequency that we call “a clock”. This “clock speed” defines the speed of your computer. If you own a 2 GHz chip, the clock speed translates to two billion cycles per second. Usually your computer’s clock should be quite precise unless there’s an issue with your bios, the crystal or the CMOS battery. Being “quite good” at something is not always enough. Being “quite good” at cooking would be an improvement in my case, but an employer being “quite good” at giving you your paycheck might be frustrating. And this is where this article really starts.
Nowadays, we use encryption and complex ways to ensure safe communications between two computers. For example, security certificates might be used to validate the identity of a computer, and all data exchange might be valid for a few moments only. If those two computers do not share the same “time” you might have important issues.
Lately, a client of mine had an issue with two-factor authentication. Let’s say the client has to remotely log on the server, he has to open an application, enter his username, some private pin and a sequence of numbers that changes every 30 seconds on his smartphone. In this case there was a small issue with the fact that the time on his computer, the remote server, the cellphone and the server that validates if the token was valid wasn’t synchronized. The impact was massive. Employees were unable to login. For most people, this could be annoying or a funny surprise. For our brave administrator who wanted to see what’s going on, it was a nightmare. Hopefully, another admin could give us access to the systems. We were able to identify that most of the devices on the network would use different NTP servers: 2.ca.pool.ntp.org, time.windows.com and even the old NTP server from Fortinet. It took a few moments, but we we’re able to synchonize must systems with a common source.
If you’ve read some fables as a child, you should know they always end with by conveying a moral. This story is no exception. Make sure all your equipments (network switches, domain controllers, RSA token, web servers and more) use the same NTP servers. And at least two of them.