Björn Gabrielsson wrote: > This documents previous NTP-related abuse cases, > > http://en.wikipedia.org/wiki/NTP_vandalism > > I still question the position that they are abusers and should be stopped. I think they are just a large-scale customer. Apparently they put europe.pool.ntp.org as the time source in their ADSL routers. Those routers only ask for the time at startup and then they are silent. That is not the kind of near-DDOS abuse that some routers have done, e.g. by sending one request a second when there is no reply.
We only see a lot of traffic because there are a lot of Turks switching on their router only when they want to go on the Internet. The pattern is caused by our current DNS system (which rotates you in and out of the address set sent in a query reply for a one hour period), and the time-of-day that many users switch on their equipment. (remember Turkey is 3 hours ahead of UTC) Sure, it would be very friendly of them when they set up their own NTP server and pointed all their routers to there. That would save us a lot of traffic. But note that when our project would be a little more successful, and home users actually would put a pool server in the configuration of their PC, we would be in the same situation but worse. Because those PCs would poll the servers in a repeated pattern, so we would not see those peaks but a continuous flow of traffic all the time. I think all this complaining about their abuse is unwarranted. We offer a service, and we apparently are not suitably equipped to actually hold it up. A single group of maybe half a million users is causing us headaches. When a big site or TV programme would publish detailed NTP pool setup instructions for Windows users, and a few million PC owners would implement it, we would be in deep trouble without any recourse to calling them abusers! So instead of bickering at Türk Telecom about their "abuse", we better look at our own project and its capability to scale. Because this might only be an easy test case for much worse trouble to come. Rob _______________________________________________ timekeepers mailing list [email protected] https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers
