Authentication for the Controller and NTP/SNTP Server
We highly recommend that controllers synchronize their time with an external NTP/SNTP server. We also recommend that you authenticate this connection to the NTP/SNTP server, as a best practice. By default, an MD5 checksum is used in this scenario.
Each NTP/SNTP server IP address is added to the controller database. The respective controller then attempts to poll an NTP/SNTP server from this database in the index order. The controller then obtains and synchronizes the current time at each user-defined polling interval, as well as following a reboot event. By default, the NTP polling interval is 600 seconds.
Guidelines and Restrictions on NTP
-
When the time difference between the NTP server and the controller exceeds 1000s, the ntpd process exits and adds a panic message to the system log. In this situation, set the time on the controller manually.
-
As a part of the federal certification requirements, controller supports NTPv4 protocol which is a standard Open Source Code.
-
Controllers support both the versions—NTPv3 and NTPv4 versions. However you can use either one of the two versions and not both at the same time.
-
NTPv4 supports both IPv4 and IPv6 servers, and supports SHA1 authentication for NTP messages.