Cloudflare Time

[Grisu]

I'm sure it bugs everyone when their eyes see someone's lips move, but that picture doesn't jive with the sound their ears hear. servers/routers/client devices are no different

If I watch videos they have still synchronized video and speech even with time on router years behind.
I have no telecom network at home with many sites which has to be in sync for jitter.
So still dont understand what you are talking about and which needs you see or have for that time accuracy.

 

[sfx2000]

i just added google as servers to test it out

NIST and Cloudflare are not reachable - see the reach column

(that's also why they're stratum 16)

(edit - my bad, too early in the morning to recognize the pool entries, which are what they are - see my followup)

 

[ColinTaylor]

While my experience with atomic clocks and Internet transmission is quite rudimentary compared to some around here, I'm pretty confident saying clocking/sync can make or break systems that rely on datastreams moving efficiently between/among themselves.

The subject of this thread is "time". Specifically, how to set the router's real-time clock (RTC) and keep it accurate. This has nothing to do with the "clock generators" found in most digital electronic devices. Those create the "clock signal" that is used internally by integrated circuits, or to synchronise data transfer between different components (e.g. transferring data from RAM to the CPU).

 

[Swistheater]

NIST and Cloudflare are not reachable - see the reach column

(that's also why they're stratum 16)

i have them listed as pool option that is what happens when you choose pool directive vs server directive.
that gets listed at the top and then it polls several servers within that pool and drops whatever isn't usable and uses what ever is. that listing at the top is just that a listing, a notation for *POOL* directive

this is a notation for an artificial pool
time.cloudflare .POOL. 16 p - 64 0 0.000 0.000 0.002
time.nist.gov .POOL. 16 p - 64 0 0.000 0.000 0.002
what happens it polls several servers linked to that address and will drop whatever it can't use and keep whatever it can.
instead of me having to list servers individually myself. all of those listed servers below for nist and cloudflare are pulled from the pool listed above and used. they will get dropped if they become unreliable it saves me from having to individually list them as servers and will allow me to use more than just one of their servers without having to put in seperate addresses and listing them as servers.

-time-e-wwv.nist .NIST. 1 u 2 64 377 60.585 2.034 2.406
-time-d-wwv.nist .NIST. 1 u 66 64 377 55.729 -0.160 1.066
-2606:4700:f1::1 10.155.8.4 3 u 3 64 377 9.833 0.085 1.873
-2606:4700:f1::1 10.155.8.4 3 u 1 64 377 10.235 0.622 1.085
-162.159.200.123 10.155.8.4 3 u 1 64 377 9.742 0.211 2.103
-162.159.200.1 10.155.8.4 3 u 66 64 377 10.292 0.721 1.649

 

[Swistheater]

The pool scheme is configured using one or more pool commands with DNS names indicating the pool from which to draw. The pool command can be used more than once; duplicate servers are detected and discarded. In principle, it is possible to use a configuration file containing a single line pool pool.ntp.org. The NTP Pool Project offers instructions on using the pool with the server command, which is suboptimal but works with older versions of ntpd predating the pool command. With recent ntpd, consider replacing the multiple server commands in their example with a single pool command


# Specify one or more NTP servers.
pool 0.pool.ntp.org iburst
pool 1.pool.ntp.org iburst
pool 2.pool.ntp.org iburst
pool 3.pool.ntp.org iburst

$ ntpq -4np

     remote           refid      st t when poll reach   delay   offset  jitter
=================================================================
 0.pool.ntp.org  .POOL.          16 p    -   64    0    0.000    0.000   0.000
 1.pool.ntp.org  .POOL.          16 p    -   64    0    0.000    0.000   0.000
 2.pool.ntp.org  .POOL.          16 p    -   64    0    0.000    0.000   0.000
 3.pool.ntp.org  .POOL.          16 p    -   64    0    0.000    0.000   0.000
 127.127.1.0     .LOCL.          10 l    -   64    0    0.000    0.000   0.000
-85.255.214.66   193.190.230.66   2 u    5   64  177    6.937    1.588   1.645
-5.39.184.5      91.148.192.49    3 u   64   64   77    8.907    1.197   1.635
-91.198.87.229   193.79.237.14    2 u    5   64  177    8.447   -0.042   0.894
+37.34.57.151    193.79.237.14    2 u    1   64  177    7.463    0.168   0.297
*91.198.87.118   192.87.110.2     2 u    2   64  177    8.593    0.070   0.384
+88.159.1.197    80.94.65.10      2 u    2   64  177   10.497    0.454   0.213
+213.154.236.182 213.136.0.252    2 u   67   64   77    8.793    0.455   2.391
#178.21.23.127   91.121.157.10    3 u   66   64   77    9.129   -0.911   1.541
#213.109.127.195 193.79.237.14    2 u   66   64   77   11.766   -7.330   1.501
+213.154.229.24  80.50.231.226    2 u    4   64  177    8.496    0.121   0.538
-217.77.132.1    213.136.0.252    2 u    2   64  177    7.026   -0.782   1.253
#87.253.148.92   195.13.1.153     3 u    4   64  177    7.338   -3.859   0.964
-94.228.220.14   193.67.79.202    2 u    -   64  177    8.347    2.797   1.019

whenever you specify "pool" directive instead of server directive, it list the top as a pool and that is just that nothing but a notation formed by using the pool option, it is not actually using a stratum 16 server.

notice it says 16 p not 16 u

 

[Kingp1n]

Thank you. What a well written, well explained article (except for “perspicuously“); you don’t need to be an expert to get a fair understanding of it.


I’ve set time.cloudflare.com as my primary and pool.ntp.org as the secondary ntp server. I look forwards to your follow up with data, which I assume will be a lot more scientific than my did-it-break-my router.

@martinr, did you made these updates under Administration --> Under System tab under Primary/Secondary NTP server?

 

[sfx2000]

i have them listed as pool option that is what happens when you choose pool directive vs server directive.
that gets listed at the top and then it polls several servers within that pool and drops whatever isn't usable and uses what ever is. that listing at the top is just that a listing, a notation for *POOL* directive

Yeah, that's my miss, early in the morning before my cuppa joe -

Anyways - distracted on this thread as I have new boards coming in for a project, so my attention is there... lego'ing two boards together...

Once I have some free time - and I've already sketched this out - I'm looking at something that is kinda between Stratum 0 and 1 for NTP, but 50ppb accuracy, and PTP support - e.g. it exceeds stratum 1, and close enough for stratum 0 as a reference... for all intents it'll be solid for 10 years plus.

Getting back to Cloudflare Time - I'm looking at it, and doing some metrics compared to local source (which is a reference) and google time.

google time is actually good enough, and dependent on location, might be a better solution than the public pools on the WAN side - e.g. if I need to reach out to a stratum 1 server at any given/random time - google is good enough there.

 

[martinr]

@martinr, did you made these updates under Administration --> Under System tab under Primary/Secondary NTP server?

Yes, but after a couple of days of reading just what a complicated topic this is, I reverted back to the comfort of Merlin’s default.

 

[Swistheater]

Yes, but after a couple of days of reading just what a complicated topic this is, I reverted back to the comfort of Merlin’s default.

 

[martinr]

I know when I’m out of my depth.

 

[Swistheater]

I know when I’m out of my depth.

nothing wrong with learning . for the average home user you should be able to simply just pick two servers and leave it alone. I like merlins simple built in server for that purpose, because you just place it and leave it and it works. I love ntpmerlin's graphs and what not because educational reasons and gaining insight.

 

[martinr]

nothing wrong with learning . for the average home user you should be able to simply just pick two servers and leave it alone. I like merlins simple built in server for that purpose, because you just place it and leave it and it works. I love ntpmerlin's graphs and what not because educational reasons and gaining insight.

You’re so right!

I’ve now installed ntpmerlin and time.cloudflare.com is my secondary. And when I’m comfortable with what ntpmerlin is telling me, I can swap the primary and secondary servers and watch what happens.

Thanks for the much-needed kick up the butt.

 

[Marin]

Here is a test for youView attachment 18353

What program are you using to get this?

Thank you!


Sent from my iPhone using Tapatalk

 

[Swistheater]

What program are you using to get this?

Thank you!


Sent from my iPhone using Tapatalk

https://servertest.online/ntp

 

[sfx2000]

Here is a test for you

This is not a good test actually as it is a single shot query - with NTP it really has to be done over time...

 

[sfx2000]

Consider Google public time... they're all stratum 1

time1.google.com
time2.google.com
time3.google.com
time4.google.com

Thanks for the tip on cloudflare...

Couple of times - confirmed that Cloudflare does not implement Time Smearing, so it's good with other pool.ntp.org servers...

Google and AWS do smear time, and their Site Reliability Engineers have valid reasons to do this, both for internal and hosted services, so depending on needs...

Don't mix and match - e.g. time.google.com as one server, and time.cloudflare.com (either as a server or pool here) - as there are times where things can get odd...

Google Time will always present itself as a Stratum 1 reference, so NTPd will gravitate towards that first.

CloudFlare servers tend to be stratum 3, so depending on config, they can be good source along with other pools, or use them by themselves, but I caution that the pool right now, from what I see is only two reference ID's - this is likely load balanced like google - but with only two references, that's a bit of a challenge for time geeks - one would want more than two.

Welcome to the cloud - google shows 4 servers - but it's actually many behind a load balancer....

What I would suggest perhaps - if using Google DNS, use Google Time - if one is using CloudFlare DNS, feel free to use CloudFlare Time.

Both approaches are good - but be careful with the time servers - pick one or the other because of the smearing affect during leap seconds, and if you are dependent on hosted servers, check with your provider.

If one wants to host their own stratum 1 server - e.g. a GPS unit with PPS - better not to use Google or AWS as a time reference without understanding the impact there.

 

[L&LD]

Couple of times - confirmed that Cloudflare does not implement Time Smearing, so it's good with other pool.ntp.org servers...

Google and AWS do smear time, and their Site Reliability Engineers have valid reasons to do this, both for internal and hosted services, so depending on needs...

Don't mix and match - e.g. time.google.com as one server, and time.cloudflare.com (either as a server or pool here) - as there are times where things can get odd...

Google Time will always present itself as a Stratum 1 reference, so NTPd will gravitate towards that first.

CloudFlare servers tend to be stratum 3, so depending on config, they can be good source along with other pools, or use them by themselves, but I caution that the pool right now, from what I see is only two reference ID's - this is likely load balanced like google - but with only two references, that's a bit of a challenge for time geeks - one would want more than two.

Welcome to the cloud - google shows 4 servers - but it's actually many behind a load balancer....

What I would suggest perhaps - if using Google DNS, use Google Time - if one is using CloudFlare DNS, feel free to use CloudFlare Time.

Both approaches are good - but be careful with the time servers - pick one or the other because of the smearing affect during leap seconds, and if you are dependent on hosted servers, check with your provider.

If one wants to host their own stratum 1 server - e.g. a GPS unit with PPS - better not to use Google or AWS as a time reference without understanding the impact there.

Was just reading up on this. Thank you for your response.

If I'm using Quad9 DNS, will use of CloudFlare Time be an issue in your opinion?

 

[sfx2000]

Going to BusyBox's ntp - it's "good enough" for most purposes, it doesn't provide a lot of stats by itself, but it's a decent implementation of an NTP client and server - and many Router/AP builds use this.

One can get into a real rat-hole here... take it from me, been there and done that - and diving deeper as I do have a project specific need to get very precise from a SW perspective.

 

[sfx2000]

If I'm using Quad9 DNS, will use of CloudFlare Time be an issue in your opinion?

I don't think so - it should be fine as mentioned above - obviously is one is using Cloudflare DNS, one would leverage their load balancing, but if you setup CloudFlare Time as a pool, should be fine - just miss out of the CDN that Cloudflare does.

Keep in mind that CloudFlare Time offers regular NTP services out of the box - for developers, their NTP security options for client development are interesting...

https://developers.cloudflare.com/time-services/nts/

But that is a different discussion as that requires a client that does NTS - and that gets into a deeper discussion about NTPSEC - and kinda like the DNS client* discussion, there's a lot of differences of opinion, so consensus is not present right now...

* DNS Security - DNSSEC, DNSCrypt, DNS over TLS, DNS over HTTPS - you get the picture I hope - same actually applies in the NTP community, and there are smart people and big egos in play, but hey, under the hood, this is what makes the internet work...

Good ideas, good implementations, rough consensus...

 

[Swistheater]

This is not a good test actually as it is a single shot query - with NTP it really has to be done over time...

I never suggested this to an end all be all means of determining the health of a ntp server, just merely suggested confirmation details can be obtained using this, such as the initial spec details. I completely agree with the statement that any good server shows its potential over "time". He was asking for the link to where i obtain kernel knowledge of the servers "specifications" at.