NTP’s Role Grows In Networking
The Network Timing Protocol (NTP) is a core application protocol in the Internet Protocol (IP) suite and the technology of choice to synchronize clocks in packet-based networks. Like many successful protocols, its use has extended well beyond its original implementations.
Residential and enterprise small cells, also known as femtocells, are among the fast-growing deployment trends in mobile networking. NTP plays a major role in synchronizing these small basestations, which connect with the mobile network through wireline broadband services.
Extending in all directions, NTP is also used widely in carrier networks for streaming services such as Internet Protocol television (IPTV) and Voice over Internet Protocol (VoIP) and enabling operational systems such as distributed business and operations support systems (BSS/OSS) and information management systems (IMS).
This greatly expanded and drastically more critical role for carrier network timing has created new requirements for accuracy, availability, and security. In this intensely time-sensitive environment, the synchronization of a network with reliable and accurate timestamps and the generation of consistent metrics over time can provide a competitive advantage by delivering improved quality of service (QoS), reducing churn in the customer base, reducing revenue leakage, and generating additional revenues through more enhanced service offerings.
Once the purview of data center and IT departments with enterprise-class practices, NTP synchronization now demands the attention of network engineers to ensure true carrier-grade equipment and deployment practices are in place.
Carrier-grade NTP solutions provide highly accurate time stamps in high-capacity networks. They also offer high availability through equipment design and deployment practices. And, they support high security through server capabilities and operational practices. The solutions must integrate easily into the infrastructure and fit easily into network models for the application.
How accurate time needs to be depends on the applications and operations performed. Most operations that impact service assurance (such as session setup, content play-out, and QoS measurement) require time measured in the tens to hundreds of microseconds. These applications make real-time handoffs (or monitor handoffs) between points at opposite ends of an IP connection. Less time sensitive are policy management and event logging applications, such as E911 service monitoring or digitally signing expiration timestamps on tickets to particular content, with requirements typically ranging in the milliseconds.
Network engineers, of course, must design networks to meet the timing needs of the most demanding applications in the service infrastructure. The issue is the best way to distribute time using NTP that consistently meets their accuracy requirements. An NTP service that is inherently accurate meets three key criteria:
- An NTP server with a precise clock—i.e., an accurate way to acquire and keep time
- Sufficient processing capacity in place to meet demand load
- A low-latency path between the NTP server and client
The design of the NTP server meets the first two criteria. Designs with hardware-based time stamping and packet processing are carrier-grade. They acquire GPS signals to set precise time traceable to the Coordinated Universal Time (UTC) and are deployed as stratum-1 clocks in the network. Hardware time stamping preserves the precision and enables high capacity.
Successful residential small-cell service rollouts can easily result in a mass of synchronization clients that will overwhelm enterprise class NTP servers. The result is delay in fulfilling time requests and possible degradation in customer quality of experience.
Carrier-grade NTP servers offer high capacity (thousands of transactions per second) on plug-in modules that can grow incrementally with additional cards or in very high-capacity product designs that can support tens of thousands or even 100,000 transactions per second.
The third criterion, a low-latency path, is achieved through best practice deployment plans: locating NTP servers near the edge of the network such as the central offices of the wireline network. Reducing the variables associated with distributing timestamps through the network improves accuracy.
QoS measurements are improved by enabling one-way delay measurements that are not possible when timestamps make their way through asymmetrical paths from a centralized server to the two endpoints being measured. Availability is enhanced because a total NTP server outage affects only one, or a portion of one, service area, not entire network areas as would occur if a centralized source was lost.
Capacity is located in the geographic area where it is needed. Deploying an NTP server at a central office is as easy and economical as adding a card to an existing synchronization system. So, this approach is easily integrated into existing operations and leverages the GPS and primary reference sources (PRS) already in place.
High availability means that NTP clients have access to a high-precision NTP service without interruption. Redundant equipment for critical network capabilities has always been fundamental in service provider best practices. A plug-in card equipment architecture supporting redundant NTP servers, not usually a feature of enterprise-class equipment, is a must.
Compared to wiring in a spare self-contained shelf and booting it into service, the low mean-time-to-repair (MTTR) for card replacement further enhances availability. High-availability NTP equipment designs also use dual processors, sub-second transparent service restoration, network interface redundancy, power supply redundancy, fan tray redundancy, and a carrier-grade operating system.
Network-level redundancy also can be used to improve availability. IP packets headed for failed NTP servers (or an out-of service location) are automatically routed to servers in other locations.
Security includes both protecting the NTP servers from network-based attacks and controlling access to the server itself. Denial of service (DOS) attacks are a continuous threat to service providers, and mobile networks have become targets. In this case, software agents send a blizzard of time request signals against a particular NTP server expecting it to fail under the heavy load.
NTP servers may operate in several networks simultaneously: the managed IP network, the public Internet, and the network over which the operator monitors and manages its time distribution network. All three networks should be isolated from each other so if one of the networks is compromised, the others are not (at least not by an NTP server).
Isolating an NTP server in different network segments can further mitigate risk. For example, NTP traffic between central offices can be isolated from traffic with operations centers as well as port-isolated from packet traffic in the access network.
Adding malicious content to timestamp packets is a well-known way to hack systems. For protection, measures exist in the NTP standard to trace time back to its intended primary source and ultimately to the UTC.
These measures employ digital signatures with the MD5 checksum authentication method. Servers also can employ MD5 to ensure only requests from valid clients are received and responded to. Authenticated traceability is also a prerequisite for proving timestamps were accurate when received and not subsequently altered should timestamps ever be called into question such as in a billing dispute.
Management access is another area where carrier-grade features and best practices for protection are used to provide security. Access to the server system’s Web interface should be configured to pass through a variety of security measures including access control lists, passwords, and Remote Authentication Dial In User Service (RADIUS) authentication.
Small Cells And NTP
Accuracy requirements for femtocells are typically in the range of 250 parts per billion (ppb). This can be achieved with a high-quality standard such as an oven-controlled crystal oscillator (OCXO). However, these devices are generally too expensive and large for consumer devices. Temperature-compensated crystal oscillators (TCXOs) are sized right and priced right for consumer devices but require frequency discipline. NTP provides that discipline.
The advantages of carrier-grade NTP in this application include low cost, low network load, elimination of the need for extra network elements, and the ability to work on a consumer-quality network. Carrier-grade NTP also provides high bandwidth and a location close to the femtocell in network terms that reduce convergence time and the limiting effects of network jitter. NTP servers for small cells belong in the aggregation and access network (see the figure).
Mobile Operations Centers
Operation centers in the core also need carrier-grade timing implementations. Efficient and precise back office functions are critical to creating a profitable service. The IP Multimedia Subsystem (IMS) architecture has a multitude of functions that are distributed across many servers in the centers hosting the home subscriber server (HSS), OSS, and BSS functions.
Billing and logging is, for example, decomposed into multiple functions that interface with many other servers. What was previously one integrated software system on a classical mobile switching center (MSC) model is now embodied in many servers with much richer and more complex processes and many potential interfaces. Time differences between logging and billing instances are widely distributed over a number of servers in a data center and also geographically distributed over multiple data centers.
The Call Detail Record/Internet Protocol Detail Record (CDR/IPDR) is the basis for the billing contract with subscribers, for inter-carrier reconciliation, for taxation, and for revenue statements that describe average revenue per user (ARPU). The IPDR is collected from many network instances depending on the specified service layer and application with well defined interfaces acting as collection points.
The proliferation of IPDR collection points and the increase in both the number and variety of fields collected means that there is much more scope for IPDR mismatch and reconciliation problems. Enterprise-class NTP is no longer good enough for such a rich and complex service and application environment.
Carrier-grade NTP, with hardware-based timestamping, can deliver inherently precise and accurate timestamps with extremely stable performance. Performance is independent of the load on the server CPU and of the inherent variation in processing time due to slight fluctuations in the operating-system stack.
The simple, cost-effective deployment of carrier-grade NTP blades into existing sync distribution system shelves already deployed in the network can help carriers take control of OSS/BSS management to improve revenue assurance, reduce revenue leakage, and improve ARPU and shareholder value.
The accuracy and precision of time services are critical to revenue generation and service assurance. Simply extending practices used for local networks and data centers is not sufficient. Carrier-grade NTP equipment requires redundant configurations, hardware-based time stamping for accuracy, and processing capacity for mass market services.
Server deployment is closer to the edge of the network to reduce delay variation and preserve accuracy at the end device, while server network provisioning practices can enhance security. Mobile network operators now realize that with a small but critical investment, they can upgrade their synchronization architectures to carrier-grade NTP for both consumer and network services.
Want to use this article? Click here for options!
© 2013 Penton Media Inc.
Acceptable Use Policy blog comments powered by Disqus
Most Popular Stories
CTIA Wireless IT & Entertainment 2010
Read the latest from the show...