[ntp:questions] Very rapid polling

David Mills mills at udel.edu
Wed Feb 11 04:44:07 UTC 2009


Recent versions of NTP have very serious rate controls that prevent 
clients from exceeding specified burst rate and average headway 
constraints, even if improperly configured.  Client packets that violate 
these constraints are discarded and, if so configured, the server will 
toss back a rate-controlled Kiss-o'-Death packet. A client receiving a 
KoD packet will reduce the sending constraints to near catatonic levels. 
These defenses are described in the online documentation.

So, unless somebody hacks the implmentation, I doubt NTP is the problem.


Danny Mayer wrote:

>jlevine wrote:
>>In the last few days I have seen an increasing number of systems that
>>are requesting the time in NTP format several times per second. This
>>poll interval is far in excess of the usual best practices. Since
>>there are a number of such systems, it is possible that this problem
>>is a result of a new version of NTP that has just been released.
>>Please let me know if you have any information about a new version of
>>NTP that can do this or if any of you are seeing the same problem.
>>Judah Levine
>>Time and Frequency Division
>>NIST Boulder
>Hi Judah,
>There is no new release yet (the 4.2.4p6 was just a patch release to fix
>a couple or minor issues mainly related to OpenSSL. It is most unlikely
>that ntp is doing this. Did you take a couple of the addresses and query
>them with ntpq? I don't think that ntpd can be configured to query that
>quickly. Harlan is preparing a new stable release from the development
>branch. Dave has added KOD code to deal with situations like this and
>such clients are likely to find their clock drifting off if the do not
>follow the protocols.
>questions mailing list
>questions at lists.ntp.org

More information about the questions mailing list