Coping with Overload on the Network TIme Protocol Public Servers1

The public time servers operated by USNO and NIST provide time synchronization, directly or indirectly, to millions of Internet computers today. The load in the form of processor cycles and network traffic has dou- bled in the last two years and could eventually overwhelm the servers and the network infrastructure unless something is done about it. While both USNO and NIST operate multiple servers across the US, the aggre- gate load is highly unbalanced and the flagship servers at headquarters are nearing capacity. This paper dis- cusses the current conditions at USNO and NIST and suggests technical defenses designed to protect their resources. Surprisingly, a significant fraction of the total load is due to the occasional defective client design that spews an alarming number of packets without good reason. In one incident at the University of Wisconsin a defec- tive router product resulted in massive network and server meltdown. At NIST and USNO most of the pop- ulation are well behaved mice, but a significant proportion of the total traffic is due to a relatively few number of abusive elephants. The paper proposes that the best advice may be to find the elephants and shoot them.