How to get your IP banned


Top   SNIP Knowledge Base

Ban Thresholds

The SNIP node on the RTK2go site employs the SNIP IP tracking logic to detect and block addresses that continually abuse the machine in an attempt to connects or to attack it.  The thresholds are set at a high level, and the period of the ban is very short, as this site often has novice users connecting to it.

A count is kept of the number of “bad” or failed connections seen for every IP address.  This value is reset on any successful connection or after a period of non use.  If the value grows too large (thousands of failed connections) the IP is banned for a period of time (~15 minutes).  These are all threshold values which the operator can set.  An aggressive NTRIP Client can get itself banned by attempting to connect once per second for a hour or two.  A more normal NTRIP Client might see this after 2 days of trying to connect without success.

In either event, the client will get either a 40x reply message or an html page back until the banned period has passed at which time its connection will again be processed.   In the RTK2go.com site configuration, we send the Caster Table as an html page when non NTRIP Clients connect in the hopes that the connection user will read it and understand what is occurring.

The most common cause of this event is benign; it is simply an NTRIP Client trying to connect to a stream that does not exist.   If this happens to your device, it indicates you have some fundamental issues with your connection you need to work out.

 


For SNIP Owner / Operators

SNIP operators are advised to set these levels much lower on their own machines.

Using the IP Ban control settings are discussed further here, and here,  on the knowledge base site.


For those connecting to RTK2go with a SNIP device.

For SNIP-2-SNIP connections the RTK2go Caster will also send back additional details in a report regarding why the connection failed.  This is part of the proprietary interactive protocol implemented by SNIP on top of the NTRIP layer.  These reports are displayed on the receiving SNIP console so that the sender can take corrective measures.  While this feature is enabled on this SNIP node, the owners / operators of other nodes may elect to disable this.