[ntp:questions] NTPD concurrent clients limit

Richard B. Gilbert rgilbert88 at comcast.net
Wed Jul 30 16:39:24 UTC 2008


Unruh wrote:
> "Richard B. Gilbert" <rgilbert88 at comcast.net> writes:
> 
>> j. wrote:
>>> Hi all,
>>> I'm testing an embedded linux device, which implement an NTP server,
>>> based on the ntpd demon.
>>> It looks like ntpd accepts only a limited number of requests from a
>>> test clientIi've set up.
>>> Do you know if there's such limit or what's the logic behind it?
>>> Maybe ntpd rejects bursts of requests coming from the same IP?
>>>
>>> Thanks in advance,
>>> Gianandrea Gobbo.
> 
>> If you poll the server continuously at intervals of less than 64 
>> seconds, most modern NTP servers will send you a "Kiss of Death" packet.
>> Polling this frequently is considered abusive!  It's also unnecessary, 
>> NTP is designed to work with poll intervals between 64 seconds and 1024 
>> seconds and will adjust its poll interval within that range as needed.
> 
> His question can be rephrased, what does ntpd do after it has sent the Kiss of Death?
> does it drop all subsequent packets? -- That sounds like a huge cost on the
> ntp server-- ie imagine a popular server with 10,000 machines it has sent
> the KoD to. It then has to scan that whole list for each packet to see if
> it is in there-- something which takes time and destroys the ability of ntp
> to deliver its time base rapidly.
> 
> Note that how ntpd handles this situation depends on which version of ntpd
> you are running. 
> 
> 
> 
>> There are two exceptions to the above.  You may specify the "iburst" 
>> keyword for a server and NTPD will send an INITIAL burst of eight 
>> request packets at intervals of two seconds.  This is designed for fast 
>> startup.  After the initial burst, polling continues at intervals 
>> between 64 and 1024 seconds.
> 
> So how does the server know whether this burst is an iburst or is a rogue
> client to which it should send a KoD?

Ntpd keeps a list of its clients.  It should be able to tell if a 
particular client is initializing or is abusing the server.




More information about the questions mailing list