[ntp:questions] NTPD concurrent clients limit
Richard B. Gilbert
rgilbert88 at comcast.net
Wed Jul 30 16:39:24 UTC 2008
Unruh wrote:
> "Richard B. Gilbert" <rgilbert88 at comcast.net> writes:
>
>> j. wrote:
>>> Hi all,
>>> I'm testing an embedded linux device, which implement an NTP server,
>>> based on the ntpd demon.
>>> It looks like ntpd accepts only a limited number of requests from a
>>> test clientIi've set up.
>>> Do you know if there's such limit or what's the logic behind it?
>>> Maybe ntpd rejects bursts of requests coming from the same IP?
>>>
>>> Thanks in advance,
>>> Gianandrea Gobbo.
>
>> If you poll the server continuously at intervals of less than 64
>> seconds, most modern NTP servers will send you a "Kiss of Death" packet.
>> Polling this frequently is considered abusive! It's also unnecessary,
>> NTP is designed to work with poll intervals between 64 seconds and 1024
>> seconds and will adjust its poll interval within that range as needed.
>
> His question can be rephrased, what does ntpd do after it has sent the Kiss of Death?
> does it drop all subsequent packets? -- That sounds like a huge cost on the
> ntp server-- ie imagine a popular server with 10,000 machines it has sent
> the KoD to. It then has to scan that whole list for each packet to see if
> it is in there-- something which takes time and destroys the ability of ntp
> to deliver its time base rapidly.
>
> Note that how ntpd handles this situation depends on which version of ntpd
> you are running.
>
>
>
>> There are two exceptions to the above. You may specify the "iburst"
>> keyword for a server and NTPD will send an INITIAL burst of eight
>> request packets at intervals of two seconds. This is designed for fast
>> startup. After the initial burst, polling continues at intervals
>> between 64 and 1024 seconds.
>
> So how does the server know whether this burst is an iburst or is a rogue
> client to which it should send a KoD?
Ntpd keeps a list of its clients. It should be able to tell if a
particular client is initializing or is abusing the server.
More information about the questions
mailing list