Rate limiting, ntpq/mrulist

Hal Murray hmurray at megapathdsl.net
Fri Mar 13 19:06:03 UTC 2020 

I just pushed a rate limiting cleanup.  The old rate limiting was carefully 
tuned to match what a single well behaved client would send.  That doesn't 
leave room for several clients behind a NAT box.

The code now allows 1 packet per second average with a burst of 20.  (There is 
no way to change those yet.)

ntpq/mrulist has 2 new columns.  "drop" is the number of dropped packets.  
"score" is what feeds the rate limiting test.  I think I've got everything 
scaled such that score is packets per second.

mrulist now allows sorting by score and drop.  There are also new filtering 
options: mindrop, minscore, and minlstint.  There was an undocumented 
maxlstint.  minlstint gets the other end of the list.

If you have a server that gets a lot of traffic, please test and poke around 
with the new mrulist options.

The attached will look better in a fixed width font.

I can't tell if the crap is DDoS or really crappy code.

----------

The CI stuff failed.  debian-unstable can't find CMAC_CTX_new.  That comes 
from OpenSSL.


-------------- next part --------------
ntpq> mru sort=score minscore=100
Ctrl-C will stop MRU retrieval and display partial results.
 lstint avgint rstr r m v  count    score   drop rport remote address
=====================================================================
   7916  0.012   f0 L 3 3   6424  298.365   6403   123 75.127.208.210
  15285  0.009   f0 L 3 3   8509  385.730   8489   123 75.127.185.186
   2423   2.22   f0 L 3 3  12912  542.655  12885   123 142.112.43.208
  21471  0.004   f0 L 3 3  13548  572.857  13527   123 66.193.26.54
  11220  0.909   f0 L 3 4  16975  666.321  16943   123 68.184.190.238
   4739  0.003   f0 L 3 4  18464  724.143  18439   123 209.49.58.146
   3619  0.001   f0 L 3 4  21770  788.461  21750   634 4.14.252.174
  31624  0.007   f0 L 3 4  20246  794.558  20212   123 190.218.26.192
   3619  0.001   f0 L 3 4  22767  826.003  22747   634 4.79.238.58
  10863  0.003   f0 L 3 3  52110 1379.856  52086   123 73.98.90.152
  32543  0.001   f0 L 3 4 116145 4569.502 116120   123 189.172.189.75
   5820  0.065   f0 L 3 3 290249 6028.799 290207   634 63.98.240.2
  10964  0.001   f0 L 3 3 158018 6210.676 157996   634 68.15.45.113
  32216  0.001   f0 L 3 3 199275 7821.732 199255   123 208.105.116.74
# Collected 14 slots in 0.185 seconds

ntpq> mru sort=drop mindrop=100000
Ctrl-C will stop MRU retrieval and display partial results.
 lstint avgint rstr r m v  count    score   drop rport remote address
=====================================================================
  32793  0.001   f0 L 3 4 116145 4569.502 116120   123 189.172.189.75
   7672  0.099   d0 . 3 3 116533    0.206 116503   123 50.233.222.130
  11213  0.001   f0 L 3 3 158018 6210.676 157996   634 68.15.45.113
   5099  0.161   d0 . 3 4 163711    0.236 163659   123 12.183.201.66
  32465  0.001   f0 L 3 3 199275 7821.732 199255   123 208.105.116.74
   6069  0.065   f0 L 3 3 290249 6028.799 290207   634 63.98.240.2
# Collected 6 slots in 0.196 seconds
-------------- next part --------------
-- 
These are my opinions.  I hate spam.

More information about the devel mailing list