Chrony.conf noclientlog vs clientloglimit

Hello,

The default clientloglimit in chrony.conf is 524288bytes, which according to the docs is good for about 4000 clients.

Has anybody run in to that limit with clients when running pool servers? If so at what sorts of bandwidths does it happen?

Is anybody adjusting this value or do you just turn it off with noclientlog?

I find that chronyc clients command is not very helpful when you have a large number of clients.

It would be more interesting to have a chronyc clients --summary or some such command that outputs the total number of clients being served, perhaps also with a switch for IPv6 and IPv4.

Your thoughts appreciated.

Alex

Make sure to use the -n option to avoid the DNS lookup.

Iā€™m using
clientloglimit 100000000
and regularly see 500K clients.

1 Like

Hi Alex,

Iā€™m running with a limit of "clientloglimit 262144ā€™. chrony serverstats shows ā€˜client logs droppedā€™. The longer chronyd will run, the more is droppedā€¦

Define ā€œthe number of clientsā€? If once 2h ago one NTP packet was served to a client, is that still a client? 24h? So Iā€™m fine with dropping lots of client statisticsā€¦ when chronyd runs long enough, clients logs will be dropped anyway. Just keeping a small log, to see that everything still works.

Regards, Eddy

Disabling the clientlog can decrease the CPU load and improve the maximum packet rate slightly (maybe 1%).

Increasing the limit can be useful to better support the interleaved mode. If the limit is too small, a client polling at 1024s interval might not be getting interleaved responses as the previous transmit timestamp was already dropped to make room for a different address. From what I have seen, very few clients have the interleaved mode enabled. Starting with chrony-4.2, the interleaved-specific data is separate from the addresses and it can work on a busy server even if the limit is small.

On my servers I have the limit set to 100000000. There is a script which looks for abusive clients every 30 minutes. If one address sends over 500k packets in that interval, a 10s tcpdump capture is made so I can investigate it and it doesnā€™t consume much of the disk space.

1 Like

I use the following

clientloglimit 62914560

# chronyc -c -n clients | wc -l
524288

So around 520K client entries. Number of active clients of course would be much lesser.
Depending on the nature of traffic your server gets, you can use the -p option to filter client records greater than a certain number.

chronyc -c -n clients -p 1800 -r

The -r option resets the statistics - so you can find ā€œbadā€ clients easily.