Wireshark-users: Re: [Wireshark-users] Time synchronization for capturing packets
From: Graham Bloice <graham.bloice@xxxxxxxxxxxxx>
Date: Thu, 25 Aug 2011 11:40:24 +0100
On 25/08/2011 11:15, Bartosz Kiziukiewicz wrote:
> Hi Graham,
>
> the problem with w32time service is that:
> - it is only a client, so I still need to synchronize to some external server
> - "We do not guarantee and we do not support the accuracy of the W32Time
> service between nodes on a network."
>
> The better solution would be to use apps such as OpenNTPD but it still
> requires additional setup.
>
> To be frank, the best solution would be to have Precision Time Protocol
> server/client built into a Wireshark and a magic button "Synchronize between
> <list-of-machines>".
> But I doubt it is available ;-)
>
Any Windows machine can act as a time server, although this requires a
registry edit to the key
HKLM:\SYSTEM\CurrentControlSet\services\W32Time\TimeProviders\NtpServer
setting Enabled to 1.  In addition w32tm can sync to any NTP server.

It's up to you how far you want to go to synchronise clocks, I was just
pointing out that the in-built facilities may be "good enough".  I've used
Windows ports of NTP before but didn't find them any more accurate than w32tm,
mainly down to drift of the local clock oscillator between syncs, even after
setting the NTP drift.

We're working on the "Magic Button" for Wireshark, currently the "fix my
network issue" mode is causing some difficulties. :-)

-- 
Regards,

Graham Bloice