On Wednesday 24 August 2005 15:16, Rob Oats wrote: > I personally have seen significant increases in the requests when > brought into DNS rotation over the last few months. I am supplying the > service on a 512 broadband link and over the last few weeks when I > have been brought in via the DNS my access to the Internet is crippled > for up to 15 minutes.
I guess the pool's popularity is beginning to show. I've also had to deal with "degraded" internet service recently for short periods while my IP has been in the DNS. As I mentioned elsewhere it turned out to be the fault of my ADSL router (a Netgear DG834G). It runs a flavour of Linux with iptables, and the high rate of incoming UDP packets while in the DNS was hitting its firewall's limit for connection tracking, resulting in much packet loss. Now, I'd much rather not use the DG834G's internal firewall/NAT facility (I use a dedicated NetBSD router for that job, and I have a couple of routed IP blocks) but there's no way to disable it from within the configuration gui. However, I managed to figure out enough about iptables/netfilter to completely disable the firewall for forwarded packets, and also turn the connection state timeout Way Down for UDP packets, using the router's undocument root shell feature. So far it has survived two decent ntp load spikes today without a hitch. Perhaps we need to make a list of ADSL routers which can deal with the kind of packet loads pool servers are starting to see... Cheers, Steve _______________________________________________ timekeepers mailing list [email protected] https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers
