[ntp:questions] NTPD concurrent clients limit
phil at xxxxxxxxx.xxx
Wed Jul 30 17:05:14 UTC 2008
Can the kiss-o'-death packet be disabled ?
Is this packet also implemented in a "canned" or hardware only ntp server?
>>> Hi all,
>>> I'm testing an embedded linux device, which implement an NTP server,
>>> based on the ntpd demon.
>>> It looks like ntpd accepts only a limited number of requests from a
>>> test clientIi've set up.
>>> Do you know if there's such limit or what's the logic behind it?
>>> Maybe ntpd rejects bursts of requests coming from the same IP?
>>> Thanks in advance,
>>> Gianandrea Gobbo.
>>If you poll the server continuously at intervals of less than 64
>>seconds, most modern NTP servers will send you a "Kiss of Death" packet.
>>Polling this frequently is considered abusive! It's also unnecessary,
>>NTP is designed to work with poll intervals between 64 seconds and 1024
>>seconds and will adjust its poll interval within that range as needed.
> His question can be rephrased, what does ntpd do after it has sent the
> Kiss of Death?
> does it drop all subsequent packets? -- That sounds like a huge cost on
> ntp server-- ie imagine a popular server with 10,000 machines it has sent
> the KoD to. It then has to scan that whole list for each packet to see if
> it is in there-- something which takes time and destroys the ability of
> to deliver its time base rapidly.
> Note that how ntpd handles this situation depends on which version of ntpd
> you are running.
>>There are two exceptions to the above. You may specify the "iburst"
>>keyword for a server and NTPD will send an INITIAL burst of eight
>>request packets at intervals of two seconds. This is designed for fast
>>startup. After the initial burst, polling continues at intervals
>>between 64 and 1024 seconds.
> So how does the server know whether this burst is an iburst or is a rogue
> client to which it should send a KoD?
>>If you are using a dialup telephone connection for short periods three
>>or four times a day, you may specify the "burst" keyword which sends
>>eight requests two seconds apart at EACH poll interval. "Burst" is to
>>be used ONLY for brief periods with LONG intervals between them!
>>It is customary to request permission from the owner of the server
>>before using "burst".
More information about the questions