[ntp:questions] What traffic from pool is normal ?

Chuck Swiger cswiger at mac.com
Tue Jun 21 17:00:30 UTC 2011

Previous message: [ntp:questions] What traffic from pool is normal ?
Next message: [ntp:questions] What traffic from pool is normal ?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Jun 21, 2011, at 12:33 AM, Condor wrote:
> Here is error that i got from kernel:
> 
> net_ratelimit: 686 callbacks suppressed
> nf_conntrack: table full, dropping packet.
> nf_conntrack: table full, dropping packet.
> nf_conntrack: table full, dropping packet.

You're using a stateful firewall for NTP traffic, and it's connection state table has filled.  I recommend not using stateful rules for NTP traffic, as it adds latency and potential denial-of-service problems with the firewall.

The network tuning you'd mentioned mostly affects TCP and doesn't matter to UDP.

The high traffic rate you'd seen of 3000 packets/sec is unusual, but if your firewall was dropping packets, some NTP clients behave badly and query faster.

Regards,
-- 
-Chuck

Previous message: [ntp:questions] What traffic from pool is normal ?
Next message: [ntp:questions] What traffic from pool is normal ?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the questions mailing list