[ntp:questions] NTPD concurrent clients limit
David L. Mills
mills at udel.edu
Thu Jul 31 13:35:39 UTC 2008
See the limit and kod restrict options in the Access Control Options
page in the current web documentation.
> Can the kiss-o'-death packet be disabled ?
> Is this packet also implemented in a "canned" or hardware only ntp server?
> Phil Harwood
>>>>I'm testing an embedded linux device, which implement an NTP server,
>>>>based on the ntpd demon.
>>>>It looks like ntpd accepts only a limited number of requests from a
>>>>test clientIi've set up.
>>>>Do you know if there's such limit or what's the logic behind it?
>>>>Maybe ntpd rejects bursts of requests coming from the same IP?
>>>>Thanks in advance,
>>>If you poll the server continuously at intervals of less than 64
>>>seconds, most modern NTP servers will send you a "Kiss of Death" packet.
>>>Polling this frequently is considered abusive! It's also unnecessary,
>>>NTP is designed to work with poll intervals between 64 seconds and 1024
>>>seconds and will adjust its poll interval within that range as needed.
>>His question can be rephrased, what does ntpd do after it has sent the
>>Kiss of Death?
>>does it drop all subsequent packets? -- That sounds like a huge cost on
>>ntp server-- ie imagine a popular server with 10,000 machines it has sent
>>the KoD to. It then has to scan that whole list for each packet to see if
>>it is in there-- something which takes time and destroys the ability of
>>to deliver its time base rapidly.
>>Note that how ntpd handles this situation depends on which version of ntpd
>>you are running.
>>>There are two exceptions to the above. You may specify the "iburst"
>>>keyword for a server and NTPD will send an INITIAL burst of eight
>>>request packets at intervals of two seconds. This is designed for fast
>>>startup. After the initial burst, polling continues at intervals
>>>between 64 and 1024 seconds.
>>So how does the server know whether this burst is an iburst or is a rogue
>>client to which it should send a KoD?
>>>If you are using a dialup telephone connection for short periods three
>>>or four times a day, you may specify the "burst" keyword which sends
>>>eight requests two seconds apart at EACH poll interval. "Burst" is to
>>>be used ONLY for brief periods with LONG intervals between them!
>>>It is customary to request permission from the owner of the server
>>>before using "burst".
More information about the questions