[ntp:questions] Re: NTP Server abuse

Richard B. Gilbert rgilbert88 at comcast.net
Wed Dec 1 13:30:16 UTC 2004

Brad Knowles wrote:

> At 9:50 PM -0500 2004-11-30, Danny Mayer wrote:
>>  To accomplish that, you first to define what is an abuser.
>     In this case, it's actually pretty easy to do that.  Barring short 
> startup periods, an abuser is anyone who makes more than one query 
> roughly every 1024 seconds.  You might want to be generous and allow 
> them to make queries as frequently as every 512 or 256 seconds.
In order to use that defininition you must disallow the simultaneous 
usage of a hardware reference clock, such as the Motorola Oncore, and 
network servers.   The Oncore driver somehow forces MAXPOLL to six while 
the clock is reachable.

Dave posted a message a few days ago that leads me to believe that this 
behavior is intentional.  I think I need network servers as a backup and 
as a sanity check. 

Apparently the problem is that some, broken, clients will send a request 
every second and will ignore KOD.  If you have a few of those banging on 
your server, you have real problems.   If the University of Wisconsin 
had successfully sued Netgear, things might have been different!   As 
matters now stand, you can either withdraw your server from the pool or 
try to work through the abuser's ISP to shut him down!

More information about the questions mailing list