On 22 Jun 2011 at 20:12, Condor wrote: > On Wed, 22 Jun 2011 14:27:33 -0000, David Lord wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > On 22 Jun 2011 at 10:19, Condor wrote: > > > >> Hello ppl, > >> do I can ask what traffic from pool is normal ? I some times have > >> problems ... I think I got too much query. This problem is from > >> long time and it's happened only for small amount of time. For 30 > >> min to 1 hour and usual when Im not logged in to see what's > >> happened. Here is error that i got from kernel: > >> > > > > Your pool config allows you to set a rate you might manage. > > About once a month I was hit by turk-telecom which was about > > 12-15k requests in about 10-30 minutes but dns rotation must > > allow for them so if same hits I no longer notice. There are > > other single ips that I assume from whois lookups are from > > multiple hosts using a single ip dddress and I stopped > > worrying about those after I'd been in the pool a few months. > > > > (I was worrying because the maximum rate of hits if > > sustained would have added to my monthly chatges). > > > > - From your logs I'd guess you have ntp misconfigured. > > I assume you've checked that with ntp disabled that > > you no longer get those messages. > > > > > > Here is my ntp.conf file: > > restrict 127.0.0.1 > restrict ::1 > server clock.via.net > server tic.nrc.ca > server bonehed.lcs.mit.edu > server rustime01.rus.uni-stuttgart.de > driftfile /etc/ntp/ntp.drift > logfile /var/log/ntp.log > > Is there anything wrong on it ?
>From here, three of those sites respond to pings and ntp whilst fourth seem failed to respond to pings but ntp was ok. ----clock.via.net PING Statistics---- 4 packets transmitted, 4 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 167.288/167.653/167.911/0.268 ms ----tic.nrc.ca PING Statistics---- 4 packets transmitted, 4 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 119.231/119.759/121.091/0.890 ms ----rustime01.rus.uni-stutgart.de PING Statistics---- 4 packets transmitted, 4 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 40.855/41.905/42.717/0.894 ms They are all more distant than ntp servers I have in my ntp.conf. > About my tcp/ip tunning the problem was before the tunning so > definitely tuning is not the problem. > About nat, I don't think the problem is nat because it's make > postroute to can my local laptop access web pages via server. I will > try both rules to pass connection tracking as Courtney Bane suggest. I hope my firewalls only let through what I've chosen not to be blocked, also ntp normally uses udp rather than tcp. I have firewall rules to allow remote access to my ntp servers otherwise they wouldn't be accessible from the internet. Can your laptop access your ntp server? What results does ntptrace give for the servers you've chosen? $ ntptrace bonehed.lcs.mit.edu bonehed.lcs.mit.edu stratum 1, offset -0.000029, sync distance 0.001556, refid 'CDMA' bash-4.1# ntptrace me6000 me6000: stratum 1, offset 0.000001, synch distance 0.000000, refid 'PPSb' David David-- David Lord <[email protected]> <ftp://ftp.lordynet.org/pub/pgpkeys/lordynet.org/david/pubk ey.asc> <http://www.lordynet.org/pub/pgpkeys/lordynet.org/david/pub key.asc> _______________________________________________ pool mailing list [email protected] http://lists.ntp.org/listinfo/pool
