[afnog] How do you maintain your ntp server ?

[Nishal Goburdhan]

On 2 Jun 2018, at 17:52, Willy MANGA wrote:

> Hello,
> for those here who have ntp server in africa.pool.ntp.org [1] , how do
> you manage the traffic on your server ?

iirc, you’re allowed to set a “bandwidth” limit on the server, 
that then tries to send you a percentage of queries.  something along 
the lines of a 10mb/s link, work attract less than 100mb/s etc.

(by way of comparison, iirc, our hosts are set to gigE, and, we see on 
average 5mb/s of constant traffic to each, with “abuse” peaks to 
about 30mb/s.  abuse peaks don’t appear to be spread across all hosts 
though;  we’d frequently see peaks to a single host;  whilst the other 
two are untroubled)


> Do you restrict access to network within africa ?

no.  it’s a public service.  i don’t think we’ve ever tried to map 
where requests come from, as that’s not our area of interest.
/shrug.


> How do you deal with those who abusively poll your server(from my 
> little experience, almost
> the same usual suspects ... :) )

there are some tips on ntp.org for securing the server in general.  we 
don’t block any addresses, but do rate-limit the overall host.
i’m curious;  what abuse are you seeing?

—n.