What time is it (part 1)?
3 minutes read

A man with a watch knows what time it is. A man with two watches is never sure. — Segal’s law

A while back when I was busy with configuring and locking down my new Ubiquiti EdgeRouter home router I noticed that many of the devices on my network (and I’ve got quite a lot of those) happily pinged various NTP sources around the world. While this traffic in itself is harmless and its volume is not significant enough to impact any other network traffic, it made me wonder whether I could reduce that traffic to a bare minimum. This is a story about how that thought came to be a nice project of its own…

Focus please

The first step obviously would be to simply tell each device on my network to just use the time server on my home router. In my case, this is simply a matter of entering the following config rule (assuming you have a DHCP subnet named HOME on, change to your situation accordingly):

set service dhcp-server shared-network-name HOME subnet ntp-server

This will ensure that all new leases handed out to DHCP clients receive the option to set the NTP server. If your machine happens to be running Systemd, then the systemd-timesyncd service will automatically pick it up when the new DHCP lease is obtained. You can verify this by running timedatectl status:

$ sudo timedatectl status
       Local time: Wed 2017-09-27 17:51:57 UTC
   Universal time: Wed 2017-09-27 17:51:57 UTC
         RTC time: n/a
        Time zone: Etc/UTC (UTC, +0000)
  Network time on: yes   ①
 NTP synchronized: yes   ②
  RTC in local TZ: no

Note that lines 1 and 2 state that time on your machine is using NTP and is synchronised, indicating that the local time is updated according to the upstream NTP server.

In case your machine has not yet jumped the Systemd bandwagon, you probably still won’t have to do much as your distribution probably has configured its local time keeping in such way that it will use the NTP settings from DHCP.

This settles the client side of things. On to looking a closer look at the server side of things.

Who is telling you what time it is?

By default, the NTP configuration in EdgeOS uses a custom pool ({0,1,2,3}.ubnt.pool.ntp.org) in the pool.ntp.org project. While this might be fine as sane default, yet querying several unknown and untrusted sources across the internet does not sound directly appealing to me. I am aware that the NTP protocol defines algorithms and procedures to detect “false tickers” and avoid huge time steps from malicious/malfunctioning peers, but I like to have complete control of where my time is coming from. Somewhere, deep inside, I am just another “time nut” :)

In the next part, I am going to explain how I started building my own small time server, and what that eventually led to.

Back to posts