[ntp:questions] Re: Can you test my server please.
brad at stop.mail-abuse.org
Wed Nov 24 10:29:05 UTC 2004
At 11:21 AM +0100 2004-11-24, Folkert van Heusden wrote:
> What about adding some throtteling(?) code to the ntp-daemon which makes
> it stop answering requests when more then x requests per y come in?
> Shouldn't be too difficult to code I guess.
I can't say for certain, but I suspect that's not going to work
too well. These clients are abusive enough when they are getting
answers -- when they stop getting answers, or get only KOD, etc...,
that's when they crank up to truly abusive things like sending us one
query per second, etc....
Do that across enough sending machines, and the load to simply
refuse the packets gets high enough that many of the pool operators
will drop out. That is, if they have any bandwidth left and are
capable of sending out an e-mail asking that they be dropped.
We need to find a way to send back to these abusive clients
something that they recognize as an "answer", but which is so far out
of whack for them that they hopefully decide to go away instead of
continuing to bother us.
Brad Knowles, <brad at stop.mail-abuse.org>
"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755
SAGE member since 1995. See <http://www.sage.org/> for more info.
More information about the questions