Meridian II Precision TimeBase

Meridian II and Meridian II 2U Precision TimeBase

Free Lifetime Technical Support

We support our products for as long as you own them with FREE technical support by phone or email and free software upgrades as they become available. No maintenance contract required.

Product Status

Introduction:
Status: Recommended for all installations.
Last Software Update:
Latest Network Security Bulletin:
Latest Field Service Bulletin: None
Leap Second Pending: None

Product Bulletins

180606
Aug 3, 2018

February 2018 NTP Security Vulnerability Announcement
The NTP Project announced a list of vulnerabilities.
EndRun Time Servers may be affected if you use peering, Stratum 2 or interleave mode.  This bulletin also has recommendations for securing your NTP clients.

180104
Jan 4, 2018

January 2018 Meltdown and Spectre Vulnerabilities
The Google Project Zero team announced three cpu vulnerabilities.
EndRun's Sonoma, Meridian II, Tycho II, RTM3205 and Distribution Chassis products are not affected. 

170328
Mar 28, 2017

March 2017 NTP Security Vulnerability Announcement
The NTP Project announced a list of vulnerabilities.
EndRun Time Servers may be affected if you use peering or Stratum 2. This bulletin also has recommendations for securing your NTP clients.

161205
Dec 5, 2016

November 2016 NTP Security Vulnerability Announcement
The NTP Project announced a list of vulnerabilities.
EndRun Time Servers may be affected if you changed the factory configuration to allow remote control, peering, traps, or rate limiting.

160606
Jun 6, 2016

June 2016 NTP Security Vulnerability Announcement
The NTP Project announced a list of vulnerabilities.
EndRun Time Servers may be affected if you use peering or Stratum 2. This bulletin also has recommendations for securing your NTP clients.

160321
Mar 21, 2016

GNU glibc Vulnerability to Crafted DNS Responses
CVE-2015-7547.
EndRun's Sonoma, Meridian II, Tycho II, and Distribution Chassis are unaffected.  Legacy products are vulnerable.

151026
Oct 26, 2015

October 2015 NTP Security Vulnerability Announcement
The NTP Project announced a list of vulnerabilities.
EndRun Time Servers may be affected if you use peering or Stratum 2. This bulletin also has recommendations for securing your NTP clients.

Field Service Bulletins

180427
Apr 27, 2018

GPS-Synchronized: Sonoma, Tempus LX, Unison, Meridian, Tycho, RTM3204, Tempus Gntp, Praecis Gntp, Praecis Gfr
GPS week rollover event on April 7, 2019.
Note: Meridian II, Tycho II, RTM3205 are unaffected by this event. Sonoma shipped after June 2017 is also unaffected.

151026
Oct 26, 2015

Sonoma, Tempus LX, Unison, Meridian,
Meridian II, Tycho II

NTP Vulnerabilities identified by the NTP Project.

Leap Second Bulletins

170101
Jan 1, 2017

Sonoma, Meridian II, Tycho II, Tempus LX, Unison, Meridian, Tycho, Praecis

160707
Jul 7, 2016

Sonoma, Meridian II, Tycho II, Tempus LX, Unison, Meridian, Tycho, Praecis

Frequently Asked Questions (FAQs)

I've had my unit for 1 year already, can I get an extended warranty?

As long as your unit is still under its current warranty then yes, you can purchase an extended warranty.  Contact EndRun Sales for information.

My product is 12 years old and out-of-warranty. Can I get it repaired?

Yes - we will try. The problem may be that we no longer have parts for the old models. But, if we can still get the needed parts then we will repair your unit and charge for time and materials.

What is the EOL on my EndRun product?

At EndRun, End-of-Life (EOL) means end of the production life cycle. We continue to provide free technical support (by phone or email) for as long as you own an EndRun product. As of 2019, we are still providing free support for products that we shipped in 2001.

 

How are upgrades handled and what do they cost?

Software upgrades for all our products are freely available for download from our website at: www.endruntechnologies.com/support/software-upgrades.

 

I haven't upgraded my firmware for a long time. Can I upgrade straight to the latest version without installing subsequent versions first?

Current products (Sonoma, Meridian II, Tycho II, RTM3205) can be upgraded to the latest version of firmware straight from any older version.  However, if you have modified either /etc/profile or /etc/rc.d/rc.M and your Linux Root File System (RFS) is prior to version 2.20 then please contact Support (support@endruntechnologies.com).

Legacy products (Tempus LX, Unison, Meridian, Tycho, RTM3204) can also be upgraded to the latest version of firmware straight from any older version.  However, if your RFS is prior to version 2.60 then please read this.

Do I set my calibration delay to positive or negative to compensate for the antenna cable?

The answer is positive because there is a delay between the antenna and the receiver.

Think about it like this: The antenna receives the time data x nanoseconds before the receiver.  Therefore, the receiver is behind the antenna by x nanoseconds.  By entering a positive delay, the clock will be advanced x nanoseconds to compensate.

 

How far can I install the antenna from the GPS receiver?

The standard antenna cable length is 50 feet.  If you need more we offer antenna lengths up to 250 feet without a GPS preamplifier.  If you need more than 250 feet of cable then a preamp is required.  You can run an additional 200 feet of cable for every preamp installed and you can have up to 3 or 4 preamps.  This will allow you to run a total of 850 to 1050 feet of cable.  For more information click here.

 

I don't have roof-top access for a GPS antenna. What do I do?

You have two choices:
   1. Mount your GPS antenna in a window.  Our GPS products have the ability to operate in a single-satellite mode which allows you to mount the antenna in a window of your building with only a partial view of the sky.  See this Window-Mount Installation Guide for details.
   2. Purchase a CDMA-synchronized product which works very well inside buildings (assuming your area has CDMA coverage).

 

Will GPS work inside?

Unlike CDMA, GPS will not work inside buildings.  To receive GPS signals the antenna must have a view of the sky.  The best location is on a roof-top with the antenna in view of a maximum amount of sky.  However, our GPS products have the ability to operate in a single-satellite mode.  This lets you avoid the trouble and expense of a rooftop installation by allowing you to mount the antenna in a window of your building with only a partial view of the sky.

 

Will my EndRun product be affected by the GPS week rollover event in April 2019?

All EndRun GPS-synchronized products with up-to-date firmware will not be affected by the April 7, 2019 rollover event.  For more information, please refer to Field Service Bulletin 180427.

 

How accurate is NTP?

Over WANs (Wide Area Networks), up to 100 milliseconds is typical.  It depends on how far away the public time server is, or more specifically, how many hops between you and the server.  Within a LAN (Local Area Network) using a dedicated NTP Time Server, 0.5 to 2 milliseconds is typical.  The internal accuracy of the CDMA Network Time Server is on the order of 10 microseconds.  It can easily keep all clients on a LAN synchronized to typically within 0.5 to 2 milliseconds.

 

How long will the NTP Server deliver Stratum 1 performance if the signal is lost?

Exclusive EndRun oscillator-control algorithms provide extended Stratum 1 holdover performance when the unit is not locked to the synchronization signal (GPS or CDMA).  Typical NTP Stratum 1 holdover periods are:
    24 hours - TCXO (standard)
    35 days - OCXO (upgrade)
    140 days - Rubidium (upgrade)

 

How many clients can a time server handle?

For a detailed answer to this question click here.

Is there a command to tell me the Stratum level of my NTP Server?

Yes.  For current models (Sonoma, Meridian II, Tycho II, RTM3205) use Linux command:

   ntpq -c sysinfo

For legacy models use Linux command:

   ntpdc -c sysinfo

 

What is NTP Stratum?

Stratum is a term that means different things depending on the context.  In the world of NTP, stratum is defined in RFC 1305.  NTP uses a hierarchical structure in which Stratum 0 is the reference clock, linked via a time signal, to a reliable source of UTC.  Stratum 1 is the time server with a direct link to the reference clock.  Stratum 2 is a client that receives time over a network connection from a Stratum 1 clock.  Stratum 3 is a client that receives time from a Stratum 2 clock.  And so on, up to Stratum 15.  For more details on strata in the NTP world, click here.

 

Where can I get NTP client software?

Client software is widely available as freeware and shareware.  Setting up an NTP or SNTP client is relatively simple once you have installed the software on your workstation and communicated with the time server over the network.  For a list of NTP client software click here.

 

Why do I need a time server?

When two or more computers are involved, accurate time keeping is difficult, especially if they are not in the same physical location.  A dedicated time server inside your network perimeter is the most accurate, reliable and secure way to ensure accurate timekeeping for all computers on your network.  Accurate timekeeping is necessary to support eBusiness and other applications such as Stock Trades, Logs, B2B Transactions, File Operations, Packet Time Stamps, Software Configuration Management, Database Accuracy, Telecommunication Call Billing, etc.  For a more detailed response to this question click here.

 

Why not use the time servers available over the Internet?

There are many public time servers available over the Internet.  Access to these public time servers is free of charge.  While public time servers are certainly less costly - accurate, reliable and secure time is best provided by a dedicated time server that resides under your control inside your network security perimeter.  Using public time servers available over the Internet is not recommended for the following reasons:

1.  Setting up your firewall to accept NTP packets (which is based on UDP/IP) introduces a security risk that many Network Administrators are not willing to take.

2.  Time accuracy degrades because of indeterminate network latency, up to 100 milliseconds is typical.

 

Can PTP be installed in the field?

Yes.  All Sonoma, Meridian, Tycho II, Tempus LX, and Unison Time Servers are capable of operating PTP.  PTP is a relatively low-cost option that can be installed by you at any time.  All that is needed from you is the Ethernet address (MAC) and we can supply a software key and instructions for turning on PTP.  For older products, you may need to upgrade your software first.

 

Can PTP operate over a wide area network (WAN)?

PTP Version 2 has been designed to span over a WAN.  However, performance is dependent on the network configuration.  For example, a network switch would need to be configured as a transparent clock or boundary clock in order to realize the superior synchronization capability.  Otherwise, synchronization of PTP becomes equivalent to NTP.

 

How many PTP Slaves can your Grandmaster support?

Over 2000.  But it depends on various settings and configurations that can increase or decrease the number of slaves that Sonoma can support.  Consider the following:

1.  If using a Boundary Clock, the Sonoma only interfaces with the network switch Boundary Clock.  In this case the capacity is limited by the Boundary Clock switch.

2.  When using a Transparent Clock, the capacity is limited by the frequency of the delay requests and the sync rate.  Sonoma will be able to provide all the slaves with the Sync Packets and Announce Packets.  But, there will be a limit for processing delay requests issued by the slaves.  Our implementation requires about 10 microseconds to handle a delay request / response.  The delay request is used to calculate the slave-to-master delay.  If your network is static the delay should not change and the Sonoma will announce to the slave to use 32-second delay request interval.

Even though the slaves randomize the delay request packets, the request can come in simultaneously.  What happens if delay requests show up simultaneously?  In this case, the Sonoma will not issue a delay response.  The slave will then randomize the delay request interval and issue the request again.  Some slaves will log a notification that a delay response was not received.

 

I want to put my Grandmaster on one subnet, with my servers and workstations on another subnet. How will that work?

The Grandmaster user interface allows you to modify the TTL Value (time-to-live value) in order to accomplish this.  You will also need to modify the TTL Value on your PTP Slave.

 

What is PTP?

Precision Time Protocol (PTP) is a relatively new protocol that was developed to improve the time synchronization accuracy that is obtainable over a Local Area Network (LAN).  Specifications for PTP are defined in the IEEE-1588 standard.  In PTP terminology, the Grandmaster is the distributor of accurate time and the Slave is the receiver of this time.  The Slave synchronizes itself to the Grandmaster.

The most common network timekeeping protocol is the Network Time Protocol (NTP).  In NTP terminology, the Server is the distributor of accurate time and the Client is the receiver of this time.  The Client synchronizes itself to the Server.

With NTP you can get client synchronization accuracies in the millisecond range.  With PTP you can get slave synchronization accuracies in the nanosecond or microsecond range.  Synchronization accuracy depends not just on the PTP Grandmaster, but also on the network topology such as switch and slave hardware.

 

What is the accuracy of EndRun's PTP?

Products listed below can be configured as a IEEE-1588/PTP Grandmaster Clock.  Here are the timestamp resolution and accuracy specifications:

Model Timestamp Resolution Timestamp Accuracy to UTC (RMS)
Sonoma (GPS)
Network Time Server
8 nanoseconds 30 nanoseconds
Sonoma (CDMA)
Network Time Server
8 nanoseconds 10 microseconds (typical)
Meridian II
Precision TimeBase
8 nanoseconds 10 nanoseconds
Tycho II
Precision TimeBase
8 nanoseconds 25 nanoseconds

 

What is the difference between PTP hardware and software timestamping?

The main difference is in the synchronization accuracy that can be achieved.  With software timestamping as typically implemented (software-only approach), you can see slave synchronization accuracies between 10 and 100 microseconds.  You can achieve this level of accuracy with commonly used network hardware such as standard switches, and computers with software PTP slaves.

With hardware timestamping as implemented on a Sonoma it is possible to achieve time synchronization accuracies of 30 nanoseconds with an 8 nanosecond resolution.  However, in order to get this level of accuracy, both the Grandmaster and the Slave must be capable of hardware timestamping.  This means you will need to purchase specialized hardware to install in each Slave.  In addition, network switches must configured as transparent clocks or boundary clocks. 

 

Where can I get PTP Slave software?

The Precision Time Protocol (PTP) is a relatively new protocol (compared with NTP).  As such, there are fewer options available for you to use for PTP Slave software.  The options that do exist range from software-only solutions to software with hardware timestamping solutions.  For further information click here.

 

Do I have root or command line access to the Linux file system?

Yes.

Do I need to be familiar with Linux in order to use your equipment?

No. To see a list of EndRun's product commands that you can easily use, type:

   help

To get help on a particular command type "help EndRun-command-name". For example:

   help gpsstat

This will show you details regarding the gpsstat command.

 

 

When I log into my unit from the CLI, a time string displays that does not match the current UTC. What is wrong?

This string:

   Sonoma_D12 GPS 6010-0065-000 v 2.40 - Tue Sep 19 02:19:38 UTC 2017

which is displayed immediately after login simply means that firmware 6010-0065-000 version 2.40 was released on Tuesday September 16, 2017 at 02:19:38  UTC.  It has nothing to do with current UTC.

 

Is there a way to set a timeout for ssh sessions?

Yes.  Follow these instructions:

1.  Open the sshd_config file for editing.

For current models (Sonoma, Meridian II, Tycho II, RTM3205) open this file:

   /etc/ssh/sshd_config

For legacy models open this file:

   /etc/sshd_config

2.  Uncomment and edit the lines in sshd_config with ClientAliveInterval and ClientAliveCountMax settings as follows:

   ClientAliveInterval <session timeout in seconds>
   ClientAliveCountMax 0

3.  Don't forget to make the modified file persistent, by copying it to FLASH:

For current models (Sonoma, Meridian II, Tycho II, RTM3205):

   cp -p /etc/ssh/sshd_config /boot/etc/ssh

For legacy models:

   cp -p /etc/sshd_config /boot/etc/

4.  Reboot the unit using this command:

   reboot

 

Our security guys did a scan on the EndRun unit and found a few vulnerabilities. Is there going to be a firmware update soon to address this?

Serious vulnerabilities that cannot be mitigated with a reasonable workaround will be addressed with a new firmware update as soon as possible.  For remaining vulnerabilities, we recommend you read this paper: Best Practices to Secure Your Time Server

Taking the steps outlined in this paper will eliminate most, if not all, vulnerabilities.  It was written for the Sonoma Time Servers but the same general steps apply to our other Linux-based products such as Meridian, Tycho, Tempus LX, Unison and others.