How to get your IP banned

Top   SNIP Knowledge Base

Ban Thresholds

The SNIP node on the RTK2gpo site employs the SNIP IP tracking logic to detect and block addresses that continually abuse the machine in an attempt to connects or to attack it.  The thresholds are set at a high level, and the period of the ban is very short, as this site often has novice users connecting to it.

A count is kept of the number of “bad” or failed connections seen for every IP address.  This value is reset on any successful connection or after a period of nonuse.  If the value grows too large (thousands of failed connections) the IP is banned for a period of time (~15 minutes).  These are all threshold values which the operator can set.  An aggressive NTRIP Client can get itself banned by attempting to connect once per second for a hour or two.  A more normal NTRIP Client might see this after 2 days of trying to connect without success.

In either event, the client will get either a 400 message or an html page back until the banned period has passed at which time its connection will again be processed.   In the site configuration, we send the html page in the hopes that the connection user will read it and understand what is occurring.

The most common cause of this event is benign; it is simply an NTRIP Client trying to connect to a stream that does not exist.   If this happens to your device, it indicates you have some fundamental issues with your connection you need to work out.

For SNIP Owner / Operators

SNIP operators are advised to set these levels much lower on their own machines.

Using the IP Ban control settings are discussed further here, and here,  on the knowledge base site.