ntpd taking 99% CPU

My Debian is showing ntpd using 99% CPU for the whole hour. It happens several times per day.

Any reason why and how do I prevent this?

4 Replies

My original response contained a link that directed you to another Community site post, which gave tips on how to diagnose high CPU usage. However, since you've determined that NTPD is what's causing the spike in CPU usage, I wanted change this up in order to address that directly.

When I've come across this issue previously, where NTPD is using such a high amount of CPU resources, one way to mitigate it is to kill the process and reconfigure it.

NTPD stands for Network Time Protocol Daemon and it runs to keep track of time. To best explain it, here is an article that I found that discussed NTPDl:

What is NTPD in Linux?

It can be a difficult process to kill, but you can use the following commands to do so:

sudo systemctl stop ntp

sudo systemctl disable ntp

That should stop the process and disable it. I've also been able to locate a Stack Exchange page that explains it, and also gives you a little more detail on the process:

How do I disable NTPD?

If you wish to reconfigure NTPD, you can do so. The following Stack Exchange article gives you some good information about working with NTPD on Debian:

NTPD on Debian

Is it safe to disable ntpd? Is time synced in nodes via host system? (I mean host as system hosted guests - VPSes)

Running a time synchronization tool like NTP is strongly recommended for several reasons, including diagnostic and security purposes. While disabling NTP for a short period of time to reconfigure or troubleshoot is fine, the goal should be to reenable it once any changes are made or issues are fixed.

Otherwise, Linodes are not time synced by their hosts — Linodes need to have their own time sync measures in place.

You DEFINITELY should NOT leave the time sync daemon disabled permanently!
But, there ARE alternatives to ntpd: in RHEL/CentOS 7 & 8 there is the chronyd service. Maybe in other distros? But I'm a RHEL guy, so I know that…

NOTE: I ran into a similar issue, and I resolved the matter by replacing my ntpd service with chrony…

For a discussion, see here

You should be careful (and a good reason to use chrony) - you likely only mean to be a network-time CLIENT! That is, you likely want to synch YOUR time to another time SERVER, not provide time to other servers…. (I would think linode would have their own…???)

The ntpd daemon can be used as a DOS attack target because it listens on a network port 123/udp - and as, such, it can be flooded…

If you run chronyd, you can use the command "chronyc sources" to check how far YOU are off from the external sources… as long as it's within single-digit seconds, you should be fine (honestly, mine is usually within two-digit MILLISECONDS, much less whole seconds!)


Please enter an answer

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct