[ntp:questions] Re: Question on abusive clients.

Steve Kostecke kostecke at ntp.isc.org
Thu Dec 22 22:14:30 UTC 2005

[Reordered so that the answer does not precede the question.]

On 2005-12-22, David J Taylor wrote:

> David L. Mills wrote:
>> Current ntpd will clamp the poll interval to not less than 4 in
>> server replies no matter what the client says. If KoD is enabled, it
>> will return KoD packets if the headway beteen packets is less than 1
>> s or the average headway is less than 4 s.
> .. and so if the client ignores the KoD, it may keep hammering on the
> server every second?

It would be useful to have ntpd spit out the offending IP address as an
async message (e.g. via a trap) for use by a firewall.

Steve Kostecke <kostecke at ntp.isc.org>
NTP Public Services Project - http://ntp.isc.org/

More information about the questions mailing list