2.2 Message Syntax

  • Article

This document defines four NTP message formats. Two of these formats (sections 2.2.1 and 2.2.2) conform to [RFC2030] section 4 and implement the optional Authenticator field. The other two formats (sections 2.2.3 and 2.2.4) define an extension to the NTP Version 3 message format called the ExtendedAuthenticator field. For more information on NTP Version 3 message formats, see [RFC1305] Appendix A.

Note In accordance with [RFC1305], all fields are in big-endian (network byte order) format unless otherwise specified.

The Authenticator message format is specified as follows.


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

LI

VN

Mode

Stratum

Poll Interval

Precision

Root Delay

Root Dispersion

Reference Clock Identifier

Reference Timestamp (64 bits)

Original Timestamp (64 bits)

Receive Timestamp (64 bits)

Transmit Timestamp (64 bits)

Authenticator (optional) (160 bits)

The ExtendedAuthenticator message format is specified as follows.


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

LI

VN

Mode

Stratum

Poll Interval

Precision

Root Delay

Root Dispersion

Reference Clock Identifier

Reference Timestamp (64 bits)

Original Timestamp (64 bits)

Receive Timestamp (64 bits)

Transmit Timestamp (64 bits)

ExtendedAuthenticator (optional) (576 bits)

The MS-SNTP protocol supports modes according to [RFC1305] section 3.4.2 (Table 5 "Modes and Actions"), except that it does not support broadcast clients, NTP control messages, or symmetric passive mode. The NTP Authentication Extensions are defined only for the following NTP and SNTP association modes (as specified in [RFC1305] sections 3.2.1 and 3.3): client, server, and symmetric active, as defined in this document.

The minimum polling interval (NTP.MINPOLL) and maximum polling interval (NTP.MAXPOLL) are defined in [RFC1305] section 3.2.7, Table 4. These intervals are not configurable using the NTP Authentication Extensions.<2>

The following is an ASCII identifier for the Reference Clock Identifier field in addition to those defined in [RFC2030] section 4 "NTP Message Format".

Code

Informative Meaning

VMTP

Uncalibrated virtual local clock.

If IPv6 is used as the transport mechanism, an MD5 hash [RFC1321] of the IPv6 address is calculated and the least significant 32 bits of the hash are used to set the Reference Clock Identifier field. By using a hash of the IPv6 address, a time source can be relatively identified in its uniqueness.

The optional Authenticator field used in the NTP authentication extension was originally defined in [RFC1305] Appendix C as a 96-bit field.

The Authenticator field is a 160-bit field. The ExtendedAuthenticator field is a 576-bit field. When using one of these extensions, the total NTP message length is 68 bytes or 120 bytes, respectively. Clients and domain controllers rely on the NTP message length to detect the use of these extensions. For more information about the Authenticator field, see sections 2.2.1 and 2.2.2. For more information about the ExtendedAuthenticator field, see sections 2.2.3 and 2.2.4.

The key identifier in the Key Identifier subfield in both the Authenticator and ExtendedAuthenticator fields identifies the cryptographic key used to generate the crypto-checksum. The association of key identifier and cryptographic key is established as a prerequisite, as explained in section 1.3.2. The method to compute the crypto-checksum is specified in sections 3.1.5 and 3.2.5.