Skip to content
Cloudflare's implementation of the NTS protocol written in Rust
Rust Other
  1. Rust 98.9%
  2. Other 1.1%
Branch: master
Clone or download
Latest commit 4b7c96b Nov 4, 2019



cfnts is an implementation of the NTS protocol written in Rust.

Prereqs: Rust


We use cargo to build the software. docker-compose up will spawn several Docker containers that run tests.

Running Run the NTS client using ./target/release/cfnts client [--4 | --6] [-p <server-port>] [-c <trusted-cert>] [-n <other name>] <server-hostname>

Default port is 1234.

Using -4 forces the use of ipv4 for all connections to the server, and using --6 forces the use of ipv6. These two arguments are mutually exclusive. If neither of them is used, then the client will use whichever one is supported by the server (preference for ipv6 if supported).

To run a server you will need a memcached compatible server, together with a script based on that will write a new random key into /nts/nts-keys/ every hour and delete old ones. Then you can run the ntp server and the nts server.

This split and use of memcached exists to enable deployments where a small dedicated device serves NTP, while a bigger server carries out the key exchange.


  1. ./target/release/cfnts client
  2. ./target/release/cfnts client -p 123
You can’t perform that action at this time.