Who's On Port 123?
It sounds like the beginning of a bad joke but this is not an uncommon interview question. Most techies can tell you what is on port 21 (FTP) and port 22 (SSH) but a lot of us stumble when someone asks what service is on port 123. The answer is...NTP.
The Network Time Protocol (NTP) is a protocol used to synchronize computer clocks over a network. The protocol is designed to be highly accurate and reliable, ensuring that all devices on a network have the same time. This is important for many applications that require time synchronization, such as financial transactions and scientific experiments.
NTP uses the User Datagram Protocol (UDP) and operates on port 123. It is a client-server protocol, where a client requests time information from a server. The server responds with the current time in Coordinated Universal Time (UTC), which the client then uses to adjust its own clock.
To use NTP, a client sends a request to a NTP server with a specified version number and mode of operation. The server then sends a response packet containing the current time, as well as other information such as the server's stratum level (how far the server is from the reference clock), and the round-trip delay time. The client then calculates the time difference between its clock and the server's clock, and adjusts its clock accordingly.
One way to use NTP is by configuring a client to use a specific NTP server as its time source. This can be done by modifying the NTP configuration file on the client to include the IP address of the NTP server. For example, in Linux, the configuration file is typically located at /etc/ntp.conf, and can be modified using a text editor such as vi. In Windows, the configuration can be modified through the Control Panel.
Once the NTP client is configured to use a specific NTP server, it will periodically send time synchronization requests to the server to ensure that its clock remains synchronized with the server's clock. This can help ensure that all devices on a network have the same time, which can be critical for many applications.
Sample Configuration File
# /etc/ntp.conf
# Specify the NTP servers to be used
server ntp1.example.com
server ntp2.example.com
# Restrict access to the server to specified networks
restrict 192.168.0.0 mask 255.255.255.0 nomodify notrap
# Allow all clients to query the server
restrict default nomodify notrap nopeer noquery
# Specify the drift file location
driftfile /var/lib/ntp/drift
# Enable statistics tracking
statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable
In this example, two NTP servers are specified with the "server" directive. The "restrict" directive is used to limit access to the server to a specific network, in this case, the 192.168.0.0/24 network. The "default" keyword is used to allow all other clients to query the server.
The "driftfile" directive specifies the location of the file where NTP will store information about the clock drift rate of the system clock. The "statistics" directives enable the collection of statistics data, which can be used for monitoring and troubleshooting. The "filegen" directives specify the format and location of the statistics files that NTP will generate.
Overall, the configuration file allows administrators to specify the NTP servers to be used, restrict access to the server, enable statistics tracking, and specify other settings such as the drift file location. This level of customization can help ensure that NTP is configured to meet the specific needs of a particular network or application.
This is just a short introduction to NTP but I hope it at least helps you out the next time someone asks you "Who's on port 123?"
