ARIN Grant Report: NTP TCP Services Daemon

December 18, 2024 by Harlan Stenn


Network Time Foundation received an ARIN Community Grant in 2023 to support its work to design, implement, and test a framework for a Transmission Control Protocol (TCP) Services Daemon to interact with the Network Time Protocol (NTP) Project’s NTP Daemon (ntpd). The project also aimed to implement a basic management client to demonstrate functionality.

Based on the User Datagram Protocol (UDP), NTP is a system to distribute and synchronize time on network devices. While UDP is the best-known choice for time synchronization on general networks, it is a suboptimal choice for access, authentication, key exchange, management, monitoring, or several other functions. TCP-based communications are a better choice for these. For years the NTP Project team contemplated how to best use TCP to implement those functions while waiting for the resources to fund development and deployment. The ARIN Community Grant allowed NTF to undertake that work with the goal of implementing and deploying the NTP TCP Services Daemon (ntptsd) to interact with the NTP Project’s ntpd for key exchange, management, and monitoring.



Outcome and Impact of the Project

We have successfully implemented the basic framework of ntptsd, upon which we can build all the features we want to include. We chose to implement it using libevent for its network connection and dispatch processing, saving us time and effort as we work to complete ntptsd and release it as part of NTP 4.4. We are able to test this framework with telnet, or openssl s_client, so we did not need to implement a basic management client as part of the initial framework step.

There is still lots of work to do to expand the functionalities and capabilities of this work, but we knew this; the goal was to get the framework started and working, and we have accomplished that goal. Network Time Foundation and the NTP Project gratefully appreciate ARIN’s support and trust in us by awarding us this grant!

What’s Next?

ntptsd will be used to provide a variety of TCP services for NTP, including support for RFC 8915 and Network Time Security (NTS), as well as a variety of other services, including monitoring, statistics, and Secure Network Time (our alternative to NTS). Over the coming months, this code will be published (via tarballs, BitKeeper, and git, culminating in the NTP 4.4 release. At that point, this work will reach many millions of people; a significant number of people and organizations in the ARIN region await the support for RFC 8915. Additionally, we expect ntptsd and some other planned improvements to ntpd to allow us to implement significantly reduced abuse vectors involving NTP.

Share on: