What Is NTP Time Synchronization and How Does It Keep Clocks Accurate?

Navigate
Back to blog
Published
Apr 22, 2026
Read time
9 min read
Written by
Thomas Blackwell
NTP time synchronization diagram showing interconnected time servers and clocks across a global network

NTP time synchronization is the process by which computers, servers, and network devices automatically set and maintain accurate clocks by communicating with dedicated time servers over the internet or a local network. The Network Time Protocol (NTP) has been doing this job since 1985, making it one of the oldest internet protocols still in widespread use. Without it, every device on your network would slowly drift to its own version of "now," causing authentication failures, broken logs, and very confusing debugging sessions.

Content Table

What Is NTP and Why Does It Exist

NTP stands for Network Time Protocol . It was designed by Dr. David L. Mills at the University of Delaware and is defined in RFC 5905 . The current version is NTPv4. Its sole job is to synchronize the clocks of networked devices to within a few milliseconds of Coordinated Universal Time (UTC).

Before NTP, there was no standard way for a machine to ask "what time is it?" over a network. Each system kept time independently using its internal hardware clock, and those clocks drifted apart constantly. As networks grew, this became a real problem: distributed systems need all their participants to agree on time, or things like file ordering, database transactions, and security tokens break down.

Clock Drift: Why Computers Lie About the Time

Every computer has a hardware clock called the Real-Time Clock (RTC) , which is powered by a small battery on the motherboard. It ticks using a quartz crystal oscillator. The problem is that quartz oscillators are not perfectly accurate. They gain or lose a few milliseconds per day depending on temperature, age, and manufacturing variance.

That small drift compounds over time:

  • A clock drifting 10 ms/day is off by 300 ms after a month.
  • After a year, it could be off by 3.6 seconds or more.
  • In a cluster of 50 servers all drifting independently, you might have nodes disagreeing by several seconds at any given moment.

NTP solves this by periodically measuring the gap between the local clock and a reference time source, then slewing (gradually adjusting) the clock rate to close that gap without causing a sudden jump. A sudden jump backward in time can confuse running processes, so NTP almost always nudges the clock slowly rather than resetting it abruptly.

Slewing vs. stepping: NTP slews the clock (speeds it up or slows it down slightly) when the offset is under 128 ms. If the offset is larger, it "steps" the clock, meaning it sets the time directly. Most NTP daemons will refuse to step a clock that is more than 1000 seconds off without manual intervention, as a sanity check.

How NTP Actually Synchronizes a Clock

The protocol works through a request-response exchange over UDP port 123. Here is what happens in a single sync cycle:

  1. Your NTP client sends a request packet to a time server. The packet includes a timestamp of when it was sent (T1).
  2. The server receives the packet and records the arrival time (T2).
  3. The server sends a response that includes T1, T2, and the time it sent the response (T3).
  4. Your client records when the response arrived (T4).

With those four timestamps, NTP calculates two values:

  • Round-trip delay: (T4 - T1) - (T3 - T2)
  • Clock offset: ((T2 - T1) + (T3 - T4)) / 2

The offset tells the client how far its clock is from the server's clock. NTP then adjusts the local clock by that offset, accounting for network latency. Over multiple polling cycles (typically every 64 to 1024 seconds), NTP builds a statistical model of the network delay and clock drift, getting progressively more accurate.

Stratum Levels Explained

NTP organizes time sources into a hierarchy called stratum levels , numbered 0 through 15. The stratum number tells you how many hops away a device is from a primary reference clock.

Stratum What It Is Typical Accuracy
0 Primary reference device (GPS receiver, atomic clock, radio signal). Not directly on the network. Nanoseconds
1 Server directly connected to a Stratum 0 device. This is the top of the NTP network. Microseconds
2 Server synchronized to a Stratum 1 server. Most public NTP servers are here. 1-10 ms
3 Server synchronized to a Stratum 2 server. Common for corporate internal NTP servers. 10-50 ms
4-15 Further downstream clients and servers. Degrades with each hop
16 Unsynchronized. A device advertising Stratum 16 has no valid time source. Unknown / unreliable

A key rule: a server always advertises itself at one stratum higher than its upstream source. If your internal NTP server syncs to a Stratum 2 public server, it becomes a Stratum 3 server for your clients. This prevents circular references and keeps the hierarchy clean.

Time Servers: Where the Accurate Time Comes From

The most widely used public NTP infrastructure is the NTP Pool Project , a volunteer-operated pool of thousands of servers worldwide. When you configure a device to use pool.ntp.org , it is routed to a geographically nearby server automatically.

Other well-known public time servers:

  • time.cloudflare.com (Cloudflare, uses GPS + atomic clocks)
  • time.google.com (Google, uses GPS receivers at their data centers)
  • time.windows.com (Microsoft, used by Windows by default)
  • time.apple.com (Apple, used by macOS and iOS)
  • ntp.ubuntu.com (Ubuntu/Canonical)

For enterprise environments, the recommended setup is to have one or two internal NTP servers sync to public Stratum 1 or Stratum 2 sources, then have all internal devices sync to those internal servers. This reduces load on public pools and keeps all your machines on a consistent internal reference.

NTP vs SNTP vs PTP: What Is the Difference

You will occasionally see these three terms used interchangeably, but they are not the same thing:

  • NTP (Network Time Protocol): The full protocol. Uses a sophisticated algorithm with filtering, weighting, and multiple server polling. Achieves 1-10 ms accuracy over the internet.
  • SNTP (Simple NTP): A simplified, stateless subset of NTP. Uses the same packet format but skips the advanced clock discipline algorithms. Good enough for end-user devices that just need "close enough" time. Most IoT devices use SNTP.
  • PTP (Precision Time Protocol, IEEE 1588): Designed for local networks where sub-microsecond accuracy is needed, such as financial trading systems, industrial automation, and telecom networks. PTP uses hardware timestamping at the network interface level, which NTP cannot do.

For most developers and sysadmins, NTP is the right choice. PTP is only necessary when you need accuracy tighter than what NTP can provide over a LAN.

Practical Examples for Developers and Sysadmins

Checking NTP status on Linux

On systems using systemd-timesyncd (Ubuntu 16.04+, Debian 8+): 

timedatectl show-timesync --all

On systems running the full ntpd daemon: 

ntpq -p

The output shows each configured server, its stratum, the round-trip delay, and the current offset. An asterisk (*) next to a server means it is the currently selected source.

Configuring NTP servers on Linux (chrony)

chrony is the recommended NTP client on modern RHEL/CentOS/Fedora and is also available on Debian/Ubuntu. Edit /etc/chrony.conf : 

# Use the NTP Pool for your region
pool 2.pool.ntp.org iburst

# Or use a specific provider
server time.cloudflare.com iburst
server time.google.com iburst

# Allow clients on your local network to sync from this machine
allow 192.168.0.0/24

Checking time sync on Windows 

w32tm /query /status

Why this matters for developers specifically

If you work with authentication tokens, you have almost certainly run into time-related failures. JWT tokens use iat (issued at) and exp (expiration) claims that are Unix timestamps. If the clock on the server issuing the token and the server validating it are more than a few seconds apart, perfectly valid tokens get rejected. You can read more about how those timestamp claims work in our article on JWT expiration and issued-at claims .

Similarly, distributed databases like Cassandra, CockroachDB, and Spanner rely on clock accuracy for conflict resolution and transaction ordering. Google's Spanner, for example, uses GPS and atomic clocks in every data center specifically because NTP alone is not tight enough for its consistency guarantees.

Log correlation is another common pain point. If two servers are 5 seconds apart, tracing a request across both systems becomes a puzzle because the timestamps do not line up. NTP-synchronized clocks make distributed tracing and log aggregation dramatically easier.

Why Time Accuracy Matters More Than You Think

NTP time synchronization is not just a background housekeeping task. It is a foundational dependency for a surprising number of systems:

  • TLS/SSL certificates: Certificate validity is checked against the current time. A clock that is off by more than the certificate's validity window causes HTTPS connections to fail.
  • Kerberos authentication: By default, Kerberos rejects tickets if the clock skew between client and server exceeds 5 minutes. Active Directory environments are especially sensitive to this.
  • Database replication: Many replication systems use timestamps to determine which write is newer. Clock drift can cause data to be overwritten with older values.
  • Financial systems: Regulatory requirements (MiFID II in the EU, for example) mandate that trading systems maintain clock accuracy within 1 ms of UTC.
  • Unix timestamps: Every Unix timestamp your application generates is only as accurate as the system clock. If you want to understand the foundation those timestamps are built on, our guide to epoch time and Unix timestamps covers the basics in detail.
Virtual machines need extra attention. VMs do not have dedicated hardware clocks. When a VM is paused, migrated, or restored from a snapshot, its clock can jump wildly. Always configure NTP (or use VMware Tools / Hyper-V Integration Services) on every VM, and check that the hypervisor host itself is also NTP-synchronized.

For most applications, NTP over the public internet gives you 10-50 ms accuracy, which is more than enough. For tighter requirements, running your own Stratum 1 server with a GPS receiver (a Raspberry Pi with a GPS hat costs under $50) can get you to sub-millisecond accuracy on your local network. And for anything requiring microsecond precision, PTP with hardware timestamping is the path forward.

The bottom line: NTP is quiet infrastructure that you only notice when it breaks. A well-configured NTP setup means your logs make sense, your tokens work, your certificates validate, and your distributed systems agree on what "now" means.

Unix timestamp converter tool showing NTP-synchronized time conversion

Convert NTP-synchronized Unix timestamps instantly

When NTP time synchronization produces a Unix timestamp and you need to know what it means in human-readable form, our free converter handles it instantly. Paste any 10-digit or 13-digit timestamp and get the full date, time, ISO 8601 format, and relative time in one click.

Try the Free Timestamp Converter →

Over a typical broadband connection, NTP achieves 10 to 50 milliseconds of accuracy relative to UTC. On a well-tuned local network syncing to a nearby Stratum 1 or Stratum 2 server, you can get down to 1 to 5 ms. The main limiting factor is variable network latency, which NTP's algorithm accounts for statistically over multiple polling cycles.

Without NTP, the server's clock drifts freely based on its hardware oscillator. Depending on the hardware, this can mean losing or gaining several seconds per day. Over weeks or months, the drift can become large enough to break TLS certificate validation, cause Kerberos authentication failures, corrupt log timestamps, and trigger token expiration errors in applications that rely on Unix timestamps.

ntpd is the original NTP daemon from the NTP reference implementation. chronyd (from the chrony project) is a newer implementation that handles intermittent network connections better, syncs faster after a restart, and is more accurate in environments with variable latency. Most modern Linux distributions (RHEL 7+, Ubuntu 18.04+) default to chrony. Both implement the same NTPv4 protocol and are interoperable.

Yes, but it requires care. NTP servers announce upcoming leap seconds via a flag in the protocol packet. Clients can then handle the extra second by either inserting it directly (which can cause a one-second backward jump) or by using "leap smearing," where the extra second is spread across a 24-hour window. Google and Cloudflare both use leap smearing on their public NTP servers to avoid the jump entirely.

Configure at least four servers. NTP uses a voting algorithm called the "intersection algorithm" to detect and discard outliers. With only one or two servers, NTP cannot determine which one is wrong if they disagree. With four or more, it can identify and ignore a misbehaving server while still maintaining accuracy. The NTP Pool Project makes this easy by providing regional pool addresses like 0.pool.ntp.org through 3.pool.ntp.org .

NTP always synchronizes clocks to UTC. Time zones are a display concern handled by the operating system separately from NTP. A server in Tokyo and a server in New York both sync to UTC, and each applies its own local time zone offset for display purposes. This is exactly why Unix timestamps are stored in UTC and converted to local time only when shown to users. Our guide on Unix timestamps and UTC explains the relationship in more detail.