On Apr 16, 2007, at 11:57 AM, Tim Shoppa wrote: > Chuck wrote: >> I generally don't worry too much about IPs with >> less than 1 million queries-- that's about >> equivalent to downloading a single big file.. >> but someone issuing 20 queries a second >> managed to accumulate 8 million or so >> queries in about a week before I filtered them. > > I think it's useful to see the scale of abuse > that other pool servers experience or at least > take note of.
I would agree with this-- one of the values of this list is to generate some level of consensus on reasonable and unreasonable usage of the NTP pool, and how to respond to abusive traffic in a reasonable fashion. I think the first is fairly doable-- the latter can be more of a problem, as some clients send you more requests when they are firewalled off than if you just let them through. > I don't worry much about a few bozos who query > once or twice a second, but others seem to > worry at a much lower query rate, and others > like you have seen far worse. True. Some people are concerned about traffic rates of 10-100 queries per second, which is somewhere around 1 to 10 kilobytes per second. For most people with dedicated connections (i.e., T1 or faster using a decent router, cable, some forms of DSL where the modem doesn't retain UDP "connection state" entries), this is probably not very noticeable. For others, especially asymmetric DSL where they've got some combination of modem & router doing PPPoE/PPPoA which chokes when you've got more than 1024 or whatever incoming requests over a small interval, the load of being in the pool can overwhelm that modem/ router and cause significant disruption to normal network traffic. -- -Chuck _______________________________________________ timekeepers mailing list [email protected] https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers
