[ntp:hackers] Use MSG_CONFIRM flag to keep OS ARP table up to date?

Heiko Gerstung heiko.gerstung at meinberg.de
Wed May 2 10:10:25 UTC 2012


Hi!

We are currently running stress tests with more than 100k simulated NTP clients against one single NTP server and found out
that Linux is sending ARP queries for every single NTP client every 30s, putting significant load onto the NTP server
(running NTP 4.2.6p3) we use as the NTP reference for the simulated clients.

This seems to be caused by Linux not automatically updating the ARP cache when NTP sends its NTP responses to the clients,
resulting in all ARP table entries to become stale after a period of 30s (this can be changed but would require users to
mess with their kernel / network configuration). This triggers a new ARP request for each stale table entry

It is possible to use a flag called MSG_CONFIRM when calling send(), sendmsg() or sendto() that basically tells the kernel
that the ARP table entry for the given MAC / IP Address pair is still valid, avoiding that the corresponding ARP table entry
becomes stale.

My question: Did anyone use the MSG_CONFIRM flag with a UDP based socket communication in other projects? Is there any
obvious technical/security disadvantage using this flag within NTP? I patched my ntpd and applied this and it immediately
improved overall performance of the NTP server (and obviously reduced ARP related traffic dramatically).

I am not sure if Linux is the only affected OS as it is the only one I was able to test/look at.

Another big problem with this large-scale simulation: NTP only uses one of the CPU cores, which also dramatically limits the
performance on multi-processor machines. Do you know of anyone who looked at this and probably tried to add multi CPU
support to ntpd?

Thanks in advance for any help, comments or feedback!

Regards,
  Heiko


-- 

Heiko Gerstung

*MEINBERG® Funkuhren* GmbH & Co. KG
Lange Wand 9
D-31812 Bad Pyrmont, Germany
Phone: +49 (0)5281 9309-25
Fax: +49 (0)5281 9309-30
Amtsgericht Hannover 17HRA 100322
Geschäftsführer/Managing Directors: Günter Meinberg, Werner Meinberg, Andre Hartmann, Heiko Gerstung
Email: heiko.gerstung at meinberg.de <mailto:heiko.gerstung at meinberg.de>
Web: www.meinberg.de <http://www.meinberg.de>

----------------------------------------------------------------------------------------------------------------------------
*MEINBERG - Accurate Time Worldwide*



More information about the hackers mailing list