On Mon, 26 Feb 2007, Jeffrey Goldberg wrote: > Well, I'm absolutely flabbergasted by the abusive clients. I'd like > some understanding of what's behind it and what people do about it. > > It don't see anything to gain by being deliberately abuse. You don't > gain anything by sending out a request 5 times per second.
While that's an exceptionally stupid client, I myself have only seen that kind of abuse when I started to try blocking abuse. > And what do people do about them. I can manually block those clients > at my firewall. My discovery was that with some classes of clients that will ask once every second, if you stop replying then they'll pick up their query rate by a factor of 5 in some cases. Whether this hurts your bandwidth or your provider's depends on where the firewall is but I'd guess that most of us who don't work for an ISP can only block traffic after it comes down the wires rather than before. There was a different class of client that would normally try once every 15 or 30 or 60 seconds, but if I didn't respond they started querying every single second. Most people who install these stupid NTP clients genuinely don't know how poorly behaved the client is. Some (see list messages here from a few years back) defend their client behavior when it asks more often when it doesn't get good time back. Not a traffic-friendly attitude but a very self- centered attitude. So, in every parameter I tried, not replying or sending KOD's or sending "bad" time to stupid clients just made them query more often. I gave up and my NTP traffic went back to normal :-). Tim. _______________________________________________ timekeepers mailing list [email protected] https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers
