[ntp:questions] Re: Question on abusive clients.

Steve Kostecke kostecke at ntp.isc.org
Thu Dec 22 22:14:30 UTC 2005


[Reordered so that the answer does not precede the question.]

On 2005-12-22, David J Taylor wrote:

> David L. Mills wrote:
>
>> Current ntpd will clamp the poll interval to not less than 4 in
>> server replies no matter what the client says. If KoD is enabled, it
>> will return KoD packets if the headway beteen packets is less than 1
>> s or the average headway is less than 4 s.
>
> .. and so if the client ignores the KoD, it may keep hammering on the
> server every second?

It would be useful to have ntpd spit out the offending IP address as an
async message (e.g. via a trap) for use by a firewall.

-- 
Steve Kostecke <kostecke at ntp.isc.org>
NTP Public Services Project - http://ntp.isc.org/




More information about the questions mailing list