Is there any way to stop the excessive ping requests that FR24 is doing on an almost constant basis to NTP pool servers?
My local DNS server has seen 1.5 million queries over the last 15 hours just from the FR24 Raspberry Pi alone. Looking into it further I can see that it's basically just launching a "ping -c 1 1.<continent>.pool.ntp.org" over and over again. This then gets multiplied because of the IPv4/IPv6 addresses of the client and server, meaning several DNS queries per ping, and then further because FR24 tries every major continent in the pool. It's currently doing 50-100 DNS queries per second just to ping NTP servers.
As someone who hosts an FR24 feed and also maintains two of the NTP servers in the UK pool I find both sides of this concerning. Locally my DNS is getting hammered and my bandwidth wasted and at the data centre side I have NTP servers that will be receiving large amounts of unsolicited ICMP traffic from FR24 feeds.
My local DNS server has seen 1.5 million queries over the last 15 hours just from the FR24 Raspberry Pi alone. Looking into it further I can see that it's basically just launching a "ping -c 1 1.<continent>.pool.ntp.org" over and over again. This then gets multiplied because of the IPv4/IPv6 addresses of the client and server, meaning several DNS queries per ping, and then further because FR24 tries every major continent in the pool. It's currently doing 50-100 DNS queries per second just to ping NTP servers.
As someone who hosts an FR24 feed and also maintains two of the NTP servers in the UK pool I find both sides of this concerning. Locally my DNS is getting hammered and my bandwidth wasted and at the data centre side I have NTP servers that will be receiving large amounts of unsolicited ICMP traffic from FR24 feeds.
Comment