[Pool] welcome/ntp questions

Fabian Wenk fabian at wenks.ch
Wed Jun 13 14:44:37 UTC 2012


Hello Timothy

On 12.06.2012 04:29, Timothy Oefelein wrote:
> 2) Do any of you use the limit and/or kod options in your config?  I've
> noted some really obnoxious clients (bursts of 20+ queries at a time,
> every minute or so) hitting my servers in the past and wondered if any
> of the other pool admins take proactive steps against such clients.

I also have set limited and kod in the restrict default lines. It 
already helped once with a flood of requests and massively reduce 
the number of answers from my server. Currently it is still 
visible in the Monthly (Week 20) and Yearly (May) graph on [1]. 
When I checked with tcpdump during the lower level, in 2 minutes 
I counted 303 requests, but only 13 answers.

   [1] http://www.home4u.ch/ntp/ntp2.home4u.ch.html

As this requests are UDP, the sending IP address could also be 
faked. Answering all this requests could hurt an innocent third 
party from your server, so limiting is a very good idea.


bye
Fabian


More information about the pool mailing list