Indeed. As well as what constitutes “too many” and “identical requests”, respectively.
Apart from the already mentioned issue with CGNATs, there are known misbehaving (malfunction, not necessarily malfeasance) types of clients. See, e.g., this thread, and the tool to detect some of those misbehaving clients referenced therein.
As also mentioned before, blocking NTP requests for alleged infractions related to non-NTP protocols, or worse, for alleged infractions by other clients sharing the same IP address for purely technical reasons (CGNAT), seems very much like throwing out the baby with the bathwater. And whitelisting the NTP pool monitors doesn’t really solve the underlying issues with such a heavy-handed, indiscriminate approach.
Case in point, the current monitors aren’t even on the supposed blacklist as of right now, pointing to potential further issues unrelated to the monitors that would warrant looking into, and understanding first.