NIST was 5 μs off UTC after last week's power cut

Posted by jtokoph 15 hours ago

NIST was 5 μs off UTC after last week's power cut(www.jeffgeerling.com)

242 points | 105 commentspage 2

ChrisArchitect 15 hours ago|

More discussion:

NTP at NIST Boulder Has Lost Power

https://news.ycombinator.com/item?id=46334299

qmr 15 hours ago|

Gah, just when you think you can trust time.nist.gov

Suggestions from the community for more reliable alternatives?

evanriley 14 hours ago||

> Gah, just when you think you can trust time.nist.gov

You still can...

If you're that considered about 5 microseconds: Build your own Stratum 1 time server https://github.com/geerlingguy/time-pi

or just use ntppool https://www.ntppool.org/en/

beala 11 hours ago|||

It sounds like GPS, and thus a GPS-based stratum 1 server, uses these time servers, but they were successfully failed over:

> Jeff finished off the email mentioning the US GPS system failed over successfully to the WWV-Ft. Collins campus. So again, for almost everyone, there was zero issue, and the redundancy designed into the system worked like it's supposed to.

So failures in these systems are potentially correlated.

The author mentions another solution. Apparently he runs his own atomic clock. I didn’t know this was a thing an individual could do.

> But even with multiple time sources, some places need more. I have two Rubidium atomic clocks in my studio, including the one inside a fancy GPS Disciplined Oscillator (GPSDO). That's good for holdover. Even if someone were jamming my signal, or my GPS antenna broke, I could keep my time accurate to nanoseconds for a while, and milliseconds for months. That'd be good enough for me.

geerlingguy 11 hours ago|||

The CSACs that I have in a couple devices are 'atomic', and use Rubidium, but they're a bit lower accuracy than Cesium clocks [1] or Hydrogen Masers [2].

There are a few folks on the time-nuts mailing list who own such exotic pieces of hardware, but those are pretty far out of reach for most!

[1] https://www.microchip.com/en-us/products/clock-and-timing/co...

[2] https://www.microchip.com/en-us/products/clock-and-timing/co...

rcxdude 8 hours ago|||

Atomic clocks cover a pretty big range of performance nowadays. You can pick up a used but serviceable rubidium frequency reference for a few hundred dollars but the difference between it and the top of the line clocks is almost as big as the difference between a it and a good pendulum clock.

eddyg 13 hours ago|||

Be aware that there are members of the NTP pool with less-than-honorable intentions and you don't get to pick-and-choose. Yes, they all should provide the time, but they also get your IP address.

For example: unlike the IPv4 space, the IPv6 space is too big too scan, so a number of "researchers" (if you want to call them that) put v6-capable NTP servers in the NTP pool to gather information about active v6 blocks to scan/target.

ticoombs 12 hours ago|||

Do you have any acticles or references about this? That would be great research (pun intended) to find out

edoceo 12 hours ago|||

Is this one of those extraordinary claims that requires evidence? Or is it generally true that there are homey-pots in many of these services (NTP, mirrors, etc)

ianburrell 13 hours ago|||

Most places that need accurate time get it from GPS. That is 10-100 ns.

Also, you can use multiple NIST servers. They have ones in Fort Collins, CO and Gaithersburg, MD. Most places shouldn't use NIST directly but Stratum 1 name servers.

Finally, NTP isn't accurate enough, 10-100 ms, for microsecond error to matter.

ssl-3 11 hours ago|||

Yes.

Use NTP with ≥4 diverse time sources, just as RFC 5905 suggests doing. And use GPS.

(If you're reliant upon only one source of a thing, and that thing is important to you in some valuable way, then you're doing it wrong. In other words: Backups, backups, backups.)

ajkjk 13 hours ago|||

their handling it responsibly seems like more evidence for trusting them, not less?

vel0city 12 hours ago|||

Use the other servers as well: https://tf.nist.gov/tf-cgi/servers.cgi

For instance, time-a-wwv.nist.gov.

One should configure a number of different NTP sources instead of just a single host.

monster_truck 14 hours ago||

I'm more concerned about what you think they did to earn your trust in the first place