[ntp:questions] Re: Clogging defense

David L. Mills mills at udel.edu
Tue Nov 11 14:24:08 UTC 2003


You can answer this for yourself, as I said on a couple of previous
occasions. Use the Unix ps command to find out the CPU usage of ntpd,
then use ntpdc to find out how many packets were received and the time
ntpd was running. Do the sums.


Simon Lyall wrote:
> David L. Mills <mills at udel.edu> wrote:
> >USNO has installed the call-gap clogging defense feature in the latest
> >NTPv4 on all their public servers and reports it works well. Busy server
> >tick.usno.navy.mil has been victim of 2000-PPS attack by dirty rotten
> >scoundrels, which was why the feature was turned up.
> A slightly related question I have is, is there some documentation of the
> amount of load (queries/second) that a standard ntpd box can handle?
> Just wondering for things like pool.ntp.org how many (well behaved )
> clients should be able to be handled by one fairly modern PC. I would
> assume 10s of thousands at least but I can't see anything with actual
> numbers after a quick search.
> --
> Simon J. Lyall | Very Busy | Web: http://www.darkmere.gen.nz/
> "Inside me Im Screaming, Nobody pays any attention."  |  eMT.
> "We came to wreck everything and ruin your life, God sent us"

More information about the questions mailing list