[ntp:questions] NTPD concurrent clients limit

David L. Mills mills at udel.edu
Thu Jul 31 13:35:39 UTC 2008


See the limit and kod restrict options in the Access Control Options 
page in the current web documentation.


Phil wrote:

> Can the kiss-o'-death packet be disabled ?
> Is this packet also implemented in a "canned" or hardware only ntp server?
> Thanks
> Phil Harwood
>>>j. wrote:
>>>>Hi all,
>>>>I'm testing an embedded linux device, which implement an NTP server,
>>>>based on the ntpd demon.
>>>>It looks like ntpd accepts only a limited number of requests from a
>>>>test clientIi've set up.
>>>>Do you know if there's such limit or what's the logic behind it?
>>>>Maybe ntpd rejects bursts of requests coming from the same IP?
>>>>Thanks in advance,
>>>>Gianandrea Gobbo.
>>>If you poll the server continuously at intervals of less than 64
>>>seconds, most modern NTP servers will send you a "Kiss of Death" packet.
>>>Polling this frequently is considered abusive!  It's also unnecessary,
>>>NTP is designed to work with poll intervals between 64 seconds and 1024
>>>seconds and will adjust its poll interval within that range as needed.
>>His question can be rephrased, what does ntpd do after it has sent the 
>>Kiss of Death?
>>does it drop all subsequent packets? -- That sounds like a huge cost on 
>>ntp server-- ie imagine a popular server with 10,000 machines it has sent
>>the KoD to. It then has to scan that whole list for each packet to see if
>>it is in there-- something which takes time and destroys the ability of 
>>to deliver its time base rapidly.
>>Note that how ntpd handles this situation depends on which version of ntpd
>>you are running.
>>>There are two exceptions to the above.  You may specify the "iburst"
>>>keyword for a server and NTPD will send an INITIAL burst of eight
>>>request packets at intervals of two seconds.  This is designed for fast
>>>startup.  After the initial burst, polling continues at intervals
>>>between 64 and 1024 seconds.
>>So how does the server know whether this burst is an iburst or is a rogue
>>client to which it should send a KoD?
>>>If you are using a dialup telephone connection for short periods three
>>>or four times a day, you may specify the "burst" keyword which sends
>>>eight requests two seconds apart at EACH poll interval.  "Burst" is to
>>>be used ONLY for brief periods with LONG intervals between them!
>>>It is customary to request permission from the owner of the server
>>>before using "burst". 

More information about the questions mailing list