David L. Mills
mills at udel.edu
Thu Jun 26 15:21:32 UTC 2008
Good point. In the PTTI paper a few years back, mention was of a
university that repackaged source addresses for some 2000 campus hosts,
with result a humungus load on the server. The evolved reference
implementation would effectively deny service to almost all of them,
while maintaining fairness to other users. In other words, if the
minimum average headway was set at 64 s, one packet in 64 s would be
serviced and the KoD rate would be limited to one packet in 64 s,
regardless of load.
Martin Burnicki wrote:
> Bob wrote:
>>How exactly do you configure NTP to send a KOD? I'm running Meinberg's
>>port under Win XP. I'm a sever in the pool. I've got two remote clients
>>that are querying at a rate of several times a minute. Sometimes their
>>queries are spaced wider, but sometimes they hit me spaced at only a few
> I don't know exactly how often or how long this happens. However, please
> take into account that clients may send requests at 2 second intervals at
> startup, if the iburst keyword has been used.
> Also, there may be several clients behind a NAT router, in which case all
> the requests from those clients seem to be coming from a single host with a
> given IP where in fact there are several hosts which are using individual
> private IPs behind the router.
> Depending on how many clients are currently up and running behind the router
> you may see a more or less high number of requests which seem to come from
> a single host.
> Did you also check the source port number of the request packets? The
> numbers should vary if the requests have been sent from several clients
> behind a router. They may or may not vary if they come from a single
> client. I think the conclusion that there is only one "bad boy" can only be
> made if the source port of the request is the same.
More information about the questions