Chuck Swiger <[EMAIL PROTECTED]> wrote: > David J Taylor wrote: > > Simon Lyall wrote: > [ ... ] > >> "Note that sending an excessive number of queries to the pool (more > >> than 5 per minute or 10 per hour from a single IP) may result in > >> anti-abuse measures being triggered. > > > > Doesn't iburst violate the "more than 5 per minute" rule? > > Yes. But with the default NTP settings, it shouldn't violate the old 20 > requests/hour guideline. iburst should be reserved for hosts providing NTP > services to other machines, and not used by end-client workstations.
Guys, can we please stop quibbling about the "borderline" abusers? I have no problem with those who use iburst and hit me every 64 seconds. It's the bozos who query me every single second (sometimes more than once a second!) for weeks on end that are far and away the worst abusers for total traffic. And don't forget the clients that increase their poll rate when they decide (usually for network latency reasons) that they don't trust my time or when I KOD them or just stop replying to them. The whole concept that KOD or sending the wrong time or just not replying to screwed up clients is FLAWED. There are lots of clients that just increase their poll rate when you do that to them. If you block them at your firewall you won't see them in ntpdc -c monlist, but they're still eating up your bandwidth to get to your firewall. (And that bandwidth is arguably infinitely more valuable than the bandwidth between the firewall and your NTP server.) Tim. _______________________________________________ timekeepers mailing list [email protected] https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers
