Sorry All! Previous answer was about "Performance tweaks" Hal Murray
question!
About performance: every 1kpps give 1-2% for me regardless mrulist
enabled/disabled . If you want solution for highloaded up to "all cores
100% CPU" servers you can two ways:
1. multithreaded daemon. I think it
cpu affinity? If you have network card with many tx/rx threads (modern
PCI-E card can use MSI-X and 'software irq'), you can bind different
card threads/irqs to cores and ntpd process to other core. On BSD we use
cpuset to spread and bing threads to cores.
On Linux see script set_irq_affinity.
ncrase-number-of-threads-to-use-in-ntpd-proccess/1159/20)
.
Maybe when there will be absolutely nothing to do you can write some
proxy-balancer that solves this task as official utility :)
Have a nice day!
--
Mike Yurlov
09.01.2020 13:52, Mike Yurlov via devel пишет:
Hi, Hal!
I build ntp
Hi, Hal!
I build ntpd from latest sources tonight. CPU load drops from 18-20%
average to 5-6% on my ~3-4k pps. Looks perfect!
If you get race with "init before config read", you can create build
option for the init size of the mrulist.
Here the stats from nigth to 13:00 (GMT+3):
recieded 173
there are not only DDoS amplifier. I see many dumb queries with 0.3-2
second interval. Looks like sources located behind NAT, does not NAT'ed
correctly and does not recieve my answers. Or just it have "broken" ntp
client. Or DDoS reflection attack. It still exists by simple queries
with spoofed
The synthetic load with only one client is far away from real production
load of thousands of requests per second from around the world. As the
owner of the production server from the ntppool, I am very interested in
performance.
I suggest using the following realistic test mode: big source ad
My best guess is that we are now using crypto
quality random numbers where we don't need them. That and nobody has reported
CPU problems yet. You are probably the first one to have enough traffic to
notice. Thanks for the data point.
Hmmm... When I increase mru size, cpu extremely increased
Hi All!
I recently started the public server for ntppool (Yo, Ask) on FreeBSD.
Yesterday I was migrate from Classic NTPd to NTPSec (oh, it was
painful!). I'm copy ntp.conf to ntpsec.conf and only convert "magic"
127.127.20 x to refclock. When I looking to "top" I see NTPsec eat
10-17% CPU. Bu
