>> I am currently working on a project where 60 devices, all behind a >> router with one WAN IP, update their time from >> north-america.pool.ntp.org <http://north-america.pool.ntp.org> on >> boot.
The included URL makes it look as though you're saying they get their time over HTTP somehow. I can't see why or how you'd do that, but I also can't see why else you'd include an HTTP URL there. Also, I feel reasonably sure the "router" is doing NAT as well, in which case calling it a "router" is at least somewhat misleading. (My guess is based on your mentioning a single "WAN IP" and your saying you've run into rate limits, each of which points towards the "router" doing NAT as well as routing.) If you really are using HTTP, I'll have to leave this to whoever runs that (Ask, maybe?). But if you're actually using NTP and the HTTP URL is an error or a distractant or some such, then rate limiting is going to be up to the server hosts in question and hence there is no single "the actual rate limit"; it will depend on which pool hosts you get. (If you get mine, for example, there is no single "this many pps is too much"; there's an exponentially decaying average which trips when it goes too high.) >> I am going to add a small random delay to the initial NTP update to >> spread out the requests a bit. What is the actual rate limit? If you get my host, this won't change things much; the decaying average's half-life is half an hour, so sending a burst of requests very fast or sending them spread out over a minute or two are pretty close to operationally identical. I don't know how other hosts' rate limiting works. > For NTP, can you not run an NTP server locally on the router or such > like? I too would advise something like this. The pool depends on people not abusing it excessively - cf the Turkish issues - and, while 60 is not a huge number of clients, it is enough that I think it's reasonable to ask that your setup redistribute time internally rather than having all 60 hosts using the pool directly - especially since they start up in sync and thus usually will get the same, or a very small set, of pool hosts. Spread out over the whole pool, 60 clients aren't enough to notice; concentrated on the same servers it's...probably not enough to cause issues if spread out well temporally, but, bunched together, yeah, it strikes me as reasonable for rate-limit protections to trip. /~\ The ASCII Mouse \ / Ribbon Campaign X Against HTML [email protected] / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B _______________________________________________ pool mailing list [email protected] http://lists.ntp.org/listinfo/pool
