NTP.DWS.RIP

Secure Network Time Protocol with NTS

Free, authenticated time synchronization for everyone

Connection Endpoints

ntp.dws.rip Global (4 servers)
ntp-us.dws.rip US Only
ntp-eu.dws.rip EU Only
Ports: UDP/123 (NTP) · TCP/4460 (NTS-KE)

Quick Start

Linux (chrony) - Recommended 
# /etc/chrony/chrony.conf
server ntp.dws.rip iburst nts
makestep 1.0 3
rtcsync

# Restart chrony
sudo systemctl restart chronyd
Linux (systemd-timesyncd) 
# /etc/systemd/timesyncd.conf
[Time]
NTP=ntp.dws.rip ntp-us.dws.rip
FallbackNTP=ntp-eu.dws.rip

# Restart timesyncd
sudo systemctl restart systemd-timesyncd
macOS 
# Set NTP server
sudo systemsetup -setnetworktimeserver ntp.dws.rip
sudo systemsetup -setusingnetworktime on

# Verify
systemsetup -getnetworktimeserver
Windows 
# PowerShell (Run as Administrator)
w32tm /config /manualpeerlist:"ntp.dws.rip" /syncfromflags:manual /reliable:yes /update
net stop w32time && net start w32time
w32tm /resync
FreeBSD 
# /etc/ntp.conf
server ntp.dws.rip iburst
driftfile /var/db/ntp.drift

# Enable and start
sudo sysrc ntpd_enable="YES"
sudo service ntpd start
Router / Firewall 
# Most routers/firewalls support NTP client
# Navigate to: System → Time Settings
# Set NTP Server: ntp.dws.rip
# Enable: NTP Client

# Example (pfSense/OPNsense):
# System → Settings → General
# Timeservers: ntp.dws.rip

What is NTS?

Network Time Security (RFC 8915) provides cryptographic authentication for NTP, preventing man-in-the-middle attacks and ensuring the time you receive is genuine.

  • Authenticated: TLS 1.3 key exchange prevents tampering
  • Private: Encrypted NTP packets protect your queries
  • Secure: Prevents time-based attacks on your systems

⚠️ NTS requires chrony 4.0+ or ntpsec. Standard ntpd does not support NTS.

Your Time

--:--:--.---
Loading...

Server Time

--:--:--.---
Offset: --

Server Status

Loading server status...

NTS Connectivity Test

Test if your network can reach our NTS-KE port (TCP/4460):

About DWS NTP

Free, public NTP service operated by DWS with servers in the UK, Sweden, and the United States. We sync with NTS-authenticated upstreams including Cloudflare Time and Netnod.

  • Stratum 2 servers with sub-millisecond accuracy
  • Rate Limited to prevent abuse (16 req/sec)
  • No Logging of client queries or IPs
  • IPv4 & IPv6 supported on all servers

Part of the DWS Public Services initiative. Also check out DNS.DWS.RIP for secure DNS.