Tim Shoppa wrote:
Chuck Swiger <[EMAIL PROTECTED]> wrote:
David J Taylor wrote:
Simon Lyall wrote:
[ ... ]
"Note that sending an excessive number of queries to the pool (more
than 5 per minute or 10 per hour from a single IP) may result in
anti-abuse measures being triggered.
Doesn't iburst violate the "more than 5 per minute" rule?
Yes. But with the default NTP settings, it shouldn't violate the old 20
requests/hour guideline. iburst should be reserved for hosts providing NTP
services to other machines, and not used by end-client workstations.
Guys, can we please stop quibbling about the "borderline" abusers?
Previous history suggests the answer is "no"; apparently, people like to
quibble. However, this does not mean that I disagree with your comments.
:-)
I have no problem with those who use iburst and hit me every 64 seconds.
It's the bozos who query me every single second (sometimes more
than once a second!) for weeks on end that are far and away the
worst abusers for total traffic.
Agreed.
This thread was less about abusive clients or "what constitutes abusive clients"
than about making sure that hardware vendors do not ship products which are
abusive. To that end, your following point is useful:
And don't forget the clients that increase their poll rate when they
decide (usually for network latency reasons) that they don't trust
my time or when I KOD them or just stop replying to them.
The whole concept that KOD or sending the wrong time or just not
replying to screwed up clients is FLAWED. There are lots of clients
that just increase their poll rate when you do that to them.
Clients should NEVER increase their poll rate in the face of latency or network
lossage. They should always use an exponential fallback preferably plus a small
random increment to avoid startup synchronization congestion problems.
However, making good recommendations apparently isn't going to be enough by
itself, since the vendors actually have to fix their products and avoid creating
new products which violate the RFCs or local acceptable-use policies for a
particular NTP server.
D-Link hasn't bothered to respond to my email to them yet; has anyone else heard
back from them...?
--
-Chuck
_______________________________________________
timekeepers mailing list
[email protected]
https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers
