Danny, The max packet size used by ntpd in response to a request is 468 data bytes plus headers. The problem is not the packet size, but the number of packets. Even with the default max lines, this can result in a burst up to 80 packets. While modern gatways and routers can usully handle such a burst, it might set off flood alarms in the firewalls.
Dave Danny Mayer wrote: > Martin Burnicki wrote: > >>Danny Mayer wrote: >> >>>Ronan Flood wrote: >>> >>>>[EMAIL PROTECTED] (Danny Mayer) wrote: >>>> >>>> >>>>>Eugen COCA wrote: >>>>> >>>>>>What is the maximum number of lines that >>>>>> >>>>>>ntpdc -c monlist >>>>>> >>>>>>command could display ? >>>>> >>>>>#define MAXMONMEM 600 /* we allocate up to 600 structures */ >>>> >>>>I have that set to 1920 in ntp-4.2.2, which I calculate is the maximum >>>>number of IPv4 addresses that can be returned to ntpdc without changing >>>>the protocol (max 128 UDP packets). Note that I need to use an earlier >>>>version of ntpdc, which is not IPv6 aware, to get the full list. I also >>>>had to increase ntpdc's receive socket buffer size to cope >>>>(rbufsize = INITDATASIZE * 9), but that might be an OS issue. >>>> >>> >>>Can you file a bug report on this? >> >>Shouldn't this be handled with bug #286: >>"ntpdc -nc monlist output failure when amount of clients is over 512" >>https://ntp.isc.org/bugs/show_bug.cgi?id=286 >> >>Martin > > > Yes, almost identical. So Ronan please add your comments to that bug > report. I think that the biggest problem is timeouts on the client side > probably due to the size of the packet with possible additional > limitations by firewalls not expecting such large packets. > > Danny > _______________________________________________ > questions mailing list > [email protected] > https://lists.ntp.isc.org/mailman/listinfo/questions > _______________________________________________ questions mailing list [email protected] https://lists.ntp.isc.org/mailman/listinfo/questions
