[time] ntp client service cut-off policy
Thu Dec 21 10:43:17 UTC 2006
After a bit more Googling I found a pdf which suggests the units for the
first two parameters are seconds:
"If a packet arrives less than two seconds after the previous packet it is
dropped and a KoD sent if configured.
2. If the exponentially averaged interval between packets is less than
five seconds, succeeding packets are dropped and a KoD sent if
(Near the bottom of page 9:
> No, this feature is next to useless.
> I have tried it for a while, but:
> - there is no other recovery from a blocked address than restart of ntpd
> or overflow of the table
> - the feature false-triggers when people use the burst or iburst
> facility. while one would want them not to use it, it happens. and
> there is no path of communication back to the client to tell them "stop
> using burst". so, after a while there are lots of clients blacklisted
> that do not send that much traffic.
> Should you want to try it, I used this:
> discard average 15 minimum 1 monitor 1
Maybe the 'minimum' parameter is a bit low? No idea what time period ntpd
does its exponential averaging over, but maybe they're getting caught by
Not resetting until ntpd is restarted sounds like a show stopper though.
> I tried contacting their local system admin (via address on the website)
> to try to explain they should setup a local server, but never a reply.
Had the same experience with a financial organisation, didn't ever manage
to get through to someone who understood and they seem to have gone away
> There should have been a messaging feature in NTP.
Sounds like a plan. Also sounds like fun for hackers ;)
More information about the pool