[ntp:questions] Very rapid polling
mayer at ntp.isc.org
Wed Feb 11 03:32:53 UTC 2009
Richard B. Gilbert wrote:
> Unruh wrote:
>> "Richard B. Gilbert" <rgilbert88 at comcast.net> writes:
>>> jlevine wrote:
>>>> In the last few days I have seen an increasing number of systems that
>>>> are requesting the time in NTP format several times per second. This
>>>> poll interval is far in excess of the usual best practices. Since
>>>> there are a number of such systems, it is possible that this problem
>>>> is a result of a new version of NTP that has just been released.
>>>> Please let me know if you have any information about a new version of
>>>> NTP that can do this or if any of you are seeing the same problem.
>>>> Judah Levine
>>>> Time and Frequency Division
>>>> NIST Boulder
>>> Have you captured the IP addresses of the systems involved? If so, have
>>> you identified the ISP responsible for those addresses? Complained to
>>> the ISP? Etc, etc?
>>> The half witted will always be with us. . . .
>> There is no way you can set up ntpd so that it will poll many times a
>> second, unless there is a severe bug in ntp. He is asking if perhaps such a
>> bug exists in the latest version of ntpd ( since the latest version just
>> came out a month ago, and latest devel version a week ago, this would be a
>> sensible worry).
>> Alternatively one of those modem manufacturers may have screwed up again,
>> or some ntp like program has come out that has such a default.
>> I agree that asking the IP addressee what it is that they are running might
>> work, but probably not.
> It may take a while to get results but if the only alternative is to do
> nothing and suffer. . . . The ISPs have the power to cut these idiots
> off at the knees! Whether they are willing to do so is something you
> have to ask them. They also have the ability to reduce a network
> address to a street address. Again, you have to ask. If you ask on
> NIST letterhead, your chances of being taken seriously are much improved.
> As I recall my contract with Comcast, they can simply cut me off in
> response to just about any sort of abuse. If nobody complains, I can
> get away with practically anything!
If you have the most recent versions of ntp-dev installed, ntpd will
issue KOD packets and then stop responding for a while.
More information about the questions