I run a server currently in the Netherlands zone and see a roughly twice-daily 30 minute spike of traffic from a single IPv4 address within ziggo.nl, with a constant source port that is not 123. The packets are unusually formatted, with almost all fields zeroed exept the transmit timestamp, accordin…

I just posted in the “China zone” something which could be similar to your problem: [image] Adding servers to the China zone Server operators There is an enormous amount of totally “wild” clients arround. Generally I have seen a huge amount of traffic like that (I just co…

I have a server in the NL zone. I have noticed very large spikes in CPU usage og NTPD a couple of times a day. I have not investigated why, but it sounds like the same.

We’re running in the NL-zone as well and we too see an occasional peak at 3.5K pps but it’s rare and i suspected a misconfigured client… Is this still an issue somewhere in the network? (if only there was some global monitoring :wink: across the pool )

I’m still seeing this most days, including two 30 min intervals today at 46 Kpps (10 GB so far today from this one client)

I’m guessing you’re not willing to share the specific IP of the client ? (even if only in a private / direct message?)

Originally I wasn’t going to, but I shall now as it’s a continuing issue (> 20 GB in the last 24 hours! Possibly 30 GB) and this might help people block it. Or if there are any ziggo employees watching, they can tell the customer to knock it off. If I was paying for bandwidth per GB, I’d be quite ir…

Have you ruled out the possibility that the source IP address was forged, and 94.209.158.162 is just an innocent victim that is getting bombarded by NTP servers? If I were you, I’d contact Ziggo’s abuse department with any relevant evidence you have about the issue. The email address might be abuse…

Hi there, just registered to add this (hopefully) useful contact info (I speak Dutch, so I can navigate Ziggo’s website, though some other people in this thread seem to have Dutch-sounding usernames on their Profile ): Their customer service is on Twitter: @ziggowebcare Phone number, Help desk c…

@avij : There’s no way to tell from the end of the pipe if it’s being spoofed, so that is certainly a possibility and one I hadn’t considered. Either way, Ziggo would be able to tell what’s what, so I’ll be sending them an email with a link to this thread, thanks for the address and also the extra in…

Netherlands Zone Ziggo.nl Daily Traffic Spike

Server operators

Sparks April 18, 2017, 2:19am 9

I just happened upon this post… I’m having the exact same problem and brought it up today in my post about getting hit hard. Same domain but different IP.

Topic		Replies	Views
Steady traffic increase BE since around midnight CET yesterday Server operators	52	668	December 24, 2025
Traffic in Singapore zone Server operators	9	1165	December 30, 2022
Discussion of client traffic in BE (Belgium) zone Server operators	14	310	February 2, 2026
A (preliminary) list of client IPs requesting time milions of times constantly Server operators	6	2612	May 2, 2017
Disable monitoring emails for a single server Server operators	38	1288	January 24, 2025

Netherlands Zone Ziggo.nl Daily Traffic Spike

Related topics