SNTP - Simple Network Time Protocol ======================================= .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **What is SNTP?** * SNTP stands for Simple Network Time Protocol. It is a simplified version of NTP used to synchronize the clocks of computers and devices over a network, but with less complexity and precision. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Why is SNTP useful?** * SNTP is ideal for devices that: * Don’t need high-precision timekeeping. * Have limited processing power or memory. * Require basic time synchronization without the full overhead of NTP. * It ensures that devices still maintain reasonably accurate time, which is important for: * Basic logging. * Scheduled operations. * Network coordination. * Enterprise networks – Servers and workstations synchronize time for logging, backups, and security. * Data centers – Precise time is critical for coordinating distributed systems. * Financial systems – Accurate timestamps are essential for transactions and compliance. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **How it works?** * Time request – A device sends a time request to an SNTP server. * Server response – The SNTP server replies with the current time. * Clock adjustment – The device adjusts its clock based on the received time. * Occasional updates – Devices may periodically re-sync, but not as frequently or robustly as with NTP. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Where is SNTP used?** * IoT devices – Smart sensors, thermostats, and other embedded systems. * Consumer electronics – TVs, DVRs, and home appliances. * Small networks – Where full NTP infrastructure is unnecessary. * Lightweight clients – Devices that only need approximate time accuracy. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Which OSI Layer does SNTP belong to?** * Provides a service – Like NTP, SNTP offers time synchronization directly to applications and users. * Uses UDP (port 123) – Just like NTP, it communicates over UDP. * Simplified communication – It involves basic client-server interaction, fitting the characteristics of Layer 7 protocols. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow Topics in this section, * :ref:`Learnings in this section ` * :ref:`Terminology ` * :ref:`Version Info ` * :ref:`SNTP Version&RFC Details ` * :ref:`SNTP Basic Setup on Ubuntu using IPv4 ` * :ref:`SNTP Basic Setup on Ubuntu using IPv6 ` * :ref:`SNTP Protocol Packet Details ` * :ref:`SNTP Usecases ` * :ref:`SNTP Basic Features ` * :ref:`SNTP Feature : Simplicity ` * :ref:`SNTP Feature : Time Synchronization ` * :ref:`SNTP Feature : UDP-Based Communication ` * :ref:`SNTP Feature : Low Overhead ` * :ref:`SNTP Feature : Compatibility with NTP servers ` * :ref:`SNTP Feature : Support for IPv4 and IPv6 ` * :ref:`SNTP Feature : One-Way Communication ` * :ref:`SNTP Feature : Periodic Updates ` * :ref:`Reference links ` .. _SNTP_step1: .. tab-set:: .. tab-item:: Learnings in this section * In this section, you are going to learn .. _SNTP_step2: .. tab-set:: .. tab-item:: Terminology * Terminology .. _SNTP_step3: .. tab-set:: .. tab-item:: Version Info * Version Info .. _SNTP_step5: .. tab-set:: .. tab-item:: SNTP Version&RFC Details .. csv-table:: :file: ./SNTP/sntp_rfc_details.csv :widths: 10,10,10,30 :header-rows: 1 .. _SNTP_step18: .. tab-set:: .. tab-item:: SNTP Basic Setup on Ubuntu using IPv4 **SNTP C Code (Client-Server Model over UDP)** * This C program demonstrates how to build a simple SNTP (Simple Network Time Protocol) server and client using UDP sockets. * The **SNTP server** (mode 4) listens on a UDP port and responds with a basic NTP packet containing the transmit timestamp. * The **SNTP client** (mode 3) sends a request to the server and reads the transmit timestamp to print the server time. * This setup is useful for testing SNTP communication, simulating time servers, or learning basic NTP packet structure. * Replace the server IP address (`127.0.0.1`) in the client code with your actual SNTP server address before running. * Step-1: Download C source code for SNTP server and client. :download:`Download SNTP Server Code ` :download:`Download SNTP Client Code ` * Step-2: Convert C code to executable files. .. code-block:: shell test:~$gcc sntp_server.c -o sntp_server test:~$gcc sntp_client.c -o sntp_client * Step-3: Run SNTP server and client. .. code-block:: shell # Start SNTP server (may require sudo if using port 123) test:~$sudo ./sntp_server SNTP server listening on port 123... # Run SNTP client test:~$ ./sntp_client Server time: Wed Jul 31 13:44:28 2025 * Step-4: Wireshark Capture :download:`Download Wireshark capture ` **SNTP Client Code with Error Handling (Invalid Server IP Demonstration)** * This C program demonstrates how an SNTP client handles network errors when provided with an invalid or unreachable NTP server IP address. * The client constructs a basic NTP request packet (mode 3), sends it to the specified IP, and waits for a response. * If the IP address is invalid, or no response is received within 3 seconds, the program prints a relevant error message. * This is useful for testing SNTP client robustness, network failure scenarios, or for educational purposes. * Step-1: Download C source code for SNTP invalid server IP test. :download:`Download SNTP Client (Invalid IP Test) ` * Step-2: Convert C code to executable file. .. code-block:: shell test:~$ gcc sntp_invalid_ip_client.c -o sntp_invalid_ip_client * Step-3: Run SNTP client with an invalid or unreachable IP. .. code-block:: shell test:~$ ./sntp_invalid_ip_client 192.0.2.1 Packet sent to 192.0.2.1. Waiting for response... Receive failed: Resource temporarily unavailable .. note:: - `192.0.2.1` is a reserved non-routable IP (TEST-NET-1) and is commonly used for documentation. - The client sets a 3-second receive timeout to avoid indefinite blocking. * Step-4: Wireshark Capture :download:`Download Wireshark capture ` **SNTP Wrong Mode Packet Injection (Mode 7 - Reserved/Private Use)** * This C program demonstrates how to manually construct and send an SNTP/NTP packet with an invalid mode field: * Mode 7 (Reserved / Private) is not used in standard client-server communication and is typically rejected or ignored by NTP servers. * The client sets LI = 0, VN = 4, Mode = 7 and sends it to a specified NTP server over UDP. * This test is useful for: * Evaluating how NTP servers handle non-standard or malformed mode values. * Auditing firewalls and NTP-aware intrusion detection systems. * Learning how NTP mode bits work at the packet level. * Step-1: Download the C source code for wrong mode packet generation. :download:`Download SNTP Wrong Mode Code ` * Step-2: Convert the C code to an executable file. .. code-block:: shell test:~$ gcc sntp_wrong_mode.c -o sntp_wrong_mode * Step-3: Run the wrong-mode SNTP client with the target NTP server IP. .. code-block:: shell test:~$ ./sntp_wrong_mode 216.239.35.0 Wrong-mode NTP packet (mode 7) sent to 216.239.35.0 .. note:: - Replace `216.239.35.0` with your actual test NTP server IP. - Most compliant servers will ignore or drop mode 7 packets without replying. * Step-4: Wireshark Capture :download:`Download Wireshark capture (mode 7 test) ` **SNTP Delayed Response Simulation (Send and Receive Timestamped NTP Packets)** * This C program demonstrates how to send a fully formed SNTP (Simple Network Time Protocol) request to a server and then receive and interpret the response, including transmit timestamps. * The client sends a well-formed NTPv4 packet using Mode 3 (Client) and a valid transmit timestamp. * The program sets a 2-second socket timeout to simulate how SNTP clients handle slow or unresponsive servers. * The received NTP packet is decoded and the transmit timestamp is converted to a human-readable date/time. * This is useful for: * Understanding client-side time parsing in SNTP. * Testing server responsiveness and round-trip behavior. * Simulating timeout or delay handling in a lightweight SNTP implementation. * Step-1: Download the C source code for SNTP delayed response client. :download:`Download SNTP Delayed Response Code ` * Step-2: Compile the C code into an executable. .. code-block:: shell test:~$ gcc sntp_delayed_response.c -o sntp_delayed_response * Step-3: Run the SNTP client and observe server response or timeout. .. code-block:: shell test:~$ ./sntp_delayed_response 129.6.15.28 NTP request sent to 129.6.15.28. Waiting for response... Response received in 365.73 ms Server time: 2025-07-31 12:34:46 .. note:: - Replace `129.6.15.28` with the IP of a valid public or local NTP server. - If no response is received within 2 seconds, a timeout error will be shown. * Step-4: Wireshark Capture :download:`Download Wireshark capture (delayed SNTP test) ` **SNTP C Client Querying Multiple NTP Servers** * This C program implements a basic SNTP client that sends an NTP request (Mode 3) to a given NTP server. * It constructs a 48-byte SNTP packet, sends it via UDP, waits for the response, extracts the transmit timestamp, and converts it to human-readable local time. * This can be used to verify synchronization accuracy across multiple public NTP servers. * Step-1: Download C source code for SNTP client. :download:`Download SNTP client code ` * Step-2: Compile the source code into an executable. .. code-block:: shell test:~$ gcc sntp_client_1.c -o sntp_client_1 * Step-3: Run the SNTP client with different public NTP server IPs. .. code-block:: shell test:~$ ./sntp_client_1 129.6.15.28 #time.google.com Server Time: Thu Jul 31 12:45:28 2025 test:~$ ./sntp_client_1 216.239.35.12 #pool.ntp.org Server Time: Thu Jul 31 12:45:30 2025 test:~$ ./sntp_client_1 40.119.6.228 #time.windows.com Server Time: Thu Jul 31 12:45:32 2025 * Step-4: Analyze server time differences or round-trip delays using Wireshark. :download:`Download Wireshark capture ` **SNTP Version Mismatch Test (Version 1 Packet to NTPv4 Server)** * This C program sends an SNTP packet using **NTP Version 1**, which is outdated and not typically supported by modern NTP servers (which use v3 or v4). * It is useful for testing how NTP servers handle requests with unsupported or mismatched protocol versions. * This helps in evaluating server behavior and backward compatibility with legacy clients. * Step-1: Download C source code for SNTP version mismatch test. :download:`Download C source code ` * Step-2: Compile the source code into an executable. .. code-block:: shell test:~$ gcc sntp_version_mismatch.c -o sntp_version_mismatch * Step-3: Send version 1 SNTP request to an NTPv4 server. .. code-block:: shell test:~$ ./sntp_version_mismatch 216.239.35.0 NTP packet with version 1 sent to 216.239.35.0 * Step-4: Observe behavior: * No response or timeout indicates the server rejects outdated versions. * Use Wireshark or tcpdump to analyze network-level handling. * Step-5: Capture the packet exchange using Wireshark. :download:`Download Wireshark capture ` **SNTP Malformed Packet Test** * This C program sends a **malformed NTP packet** (only 20 bytes, whereas a valid NTP/SNTP packet must be 48 bytes) to an NTP server. * The purpose of this test is to observe how the NTP server handles improperly sized or corrupted packets. * This can be used for robustness testing, fuzzing, or input validation verification. * Step-1: Download the C source code for malformed packet generation. :download:`Download malformed packet code ` * Step-2: Compile the source code. .. code-block:: shell test:~$ gcc sntp_malformed.c -o sntp_malformed * Step-3: Run the executable against an NTP server. .. code-block:: shell test:~$ ./sntp_malformed 216.239.35.0 Malformed packet (20 bytes) sent to 216.239.35.0 * Step-4: Observe behavior: * The server may silently drop the packet. * Use Wireshark or tcpdump to confirm packet dispatch and any server response. * Step-5: Capture and analyze using Wireshark. :download:`Download Wireshark capture ` **SNTP Rapid-Fire Request Test** * This C program sends **10 consecutive SNTP requests** in rapid succession (100ms apart) to a specified NTP server. * It is used to simulate a burst of time requests to observe: * Server rate-limiting behavior. * Whether the server drops packets under load. * How responses are handled when queried at high frequency. * This is helpful for testing firewall rules, DoS handling, or client behavior in time-critical environments. * Step-1: Download the C source code for rapid-fire SNTP requests. :download:`Download C source code ` * Step-2: Compile the source code. .. code-block:: shell test:~$ gcc sntp_rapid_fire.c -o sntp_rapid_fire * Step-3: Run the test against a reachable NTP server. .. code-block:: shell test:~$ ./sntp_rapid_fire 216.239.35.0 Request 1 sent Request 2 sent Request 3 sent Request 4 sent Request 5 sent Request 6 sent Request 7 sent Request 8 sent Request 9 sent Request 10 sent * Step-4: Observe server behavior: * Use Wireshark or tcpdump to verify if all packets were sent and whether responses were returned. * Useful for assessing tolerance to polling frequency. * Step-5: Capture the test using Wireshark. :download:`Download Wireshark capture ` .. _SNTP_step19: .. tab-set:: .. tab-item:: SNTP Basic Setup on Ubuntu using IPv6 * Setup .. _SNTP_step6: .. tab-set:: .. tab-item:: SNTP Protocol Packet Details **Symmetric Active Packet** .. csv-table:: :file: ./SNTP/sntp_packet1_details.csv :widths: 10,20,30,10 :header-rows: 1 **Symmetric Passive Packet** .. csv-table:: :file: ./SNTP/sntp_packet2_details.csv :widths: 10,20,30,10 :header-rows: 1 **Client Packet** .. csv-table:: :file: ./SNTP/sntp_packet3_details.csv :widths: 10,20,30,10 :header-rows: 1 **Server Packet** .. csv-table:: :file: ./SNTP/sntp_packet4_details.csv :widths: 10,20,30,10 :header-rows: 1 **Broadcast Packet** .. csv-table:: :file: ./SNTP/sntp_packet5_details.csv :widths: 10,20,30,10 :header-rows: 1 **SNTP Control Message Packet** .. csv-table:: :file: ./SNTP/sntp_packet6_details.csv :widths: 10,20,30,10 :header-rows: 1 .. _SNTP_step7: .. tab-set:: .. tab-item:: SNTP Usecases .. csv-table:: :file: ./SNTP/sntp_usecases.csv :widths: 10,20,30 :header-rows: 1 .. _SNTP_step8: .. tab-set:: .. tab-item:: SNTP Basic Features .. csv-table:: :file: ./SNTP/sntp_features.csv :widths: 10,10,30 :header-rows: 1 .. _SNTP_step9: .. tab-set:: .. tab-item:: SNTP Feature : Simplicity **Simplicity - Testcases** .. csv-table:: :file: ./SNTP/sntp_feature1_test_cases.csv :widths: 10,10,30,20 :header-rows: 1 .. _SNTP_step10: .. tab-set:: .. tab-item:: SNTP Feature : Time Synchronization **Time Synchronization - Testcases** .. csv-table:: :file: ./SNTP/sntp_feature2_test_cases.csv :widths: 10,10,30,20 :header-rows: 1 .. _SNTP_step11: .. tab-set:: .. tab-item:: SNTP Feature : UDP-Based Communication **UDP-Based Communication - Testcases** .. csv-table:: :file: ./SNTP/sntp_feature3_test_cases.csv :widths: 10,10,30,20 :header-rows: 1 .. _SNTP_step12: .. tab-set:: .. tab-item:: SNTP Feature : Low Overhead **Low Overhead - Testcases** .. csv-table:: :file: ./SNTP/sntp_feature4_test_cases.csv :widths: 10,10,30,20 :header-rows: 1 .. _SNTP_step13: .. tab-set:: .. tab-item:: SNTP Feature : Compatibility with NTP servers **Compatibility with NTP servers - Testcases** .. csv-table:: :file: ./SNTP/sntp_feature5_test_cases.csv :widths: 10,10,30,20 :header-rows: 1 .. _SNTP_step14: .. tab-set:: .. tab-item:: SNTP Feature : Support for IPv4 and IPv6 **Support for IPv4 and IPv6 - Testcases** .. csv-table:: :file: ./SNTP/sntp_feature6_test_cases.csv :widths: 10,10,30,20 :header-rows: 1 .. _SNTP_step15: .. tab-set:: .. tab-item:: SNTP Feature : One-Way Communication **One-Way Communication - Testcases** .. csv-table:: :file: ./SNTP/sntp_feature7_test_cases.csv :widths: 10,10,30,20 :header-rows: 1 .. _SNTP_step16: .. tab-set:: .. tab-item:: SNTP Feature : Periodic Updates **Periodic Updates - Testcases** .. csv-table:: :file: ./SNTP/sntp_feature8_test_cases.csv :widths: 10,10,30,20 :header-rows: 1 .. _SNTP_step17: .. tab-set:: .. tab-item:: Reference links * Reference links