Hi, I'm running a server in the U.S. pool which has a DDoS protected network uplink. With exactly this server I experience a lot of trouble in many faces: Sometimes I have very high offsets which can't be explained by ntpq or network latency. With "ntpdate -d" from an external system I can see a maximum offset of +/- 0.1ms with ~90ms latency, so the time served by ntpd is fine. And in the last few days there were multiple major score losses (-30 points!) in a few hours which seem to be caused by unanswered NTP packets to the pool monitor.
The high offsets measured by the pool monitor may be unrelated to the DDoS filter, but the low scores based on unanswered packets can be explained by: I never got those request packets. Sometimes, the DDoS filter seem to eat a lot of NTP questions (!) directed to my server. Whenever this happens, I can see an additional hop in the traceroute right in front of my server and from this second the incoming packet rate on port 123/UDP is decreasing to somewhat around 10-15%. The only resolution that's working for me seem to be reducing the provided bandwith to a value lower than 100 Mbps. Long story short: I'm observing that legitimate internet services are getting filtered by more or less too snappish DDoS filters provided more and more as a standard feature by big hosting companies and carriers. Are there any statistics/measurements that show that servers behind a DDoS filter are serving more unstable time? Or am I having this problem just for myself? Greetings Max
signature.asc
Description: OpenPGP digital signature
_______________________________________________ pool mailing list [email protected] http://lists.ntp.org/listinfo/pool
