under heavy load dccd cannot answer dccproc ?

Levent Serinol lserinol@yahoo.com
Tue Oct 23 17:35:38 UTC 2001


> invoked.  Are there any messages in your logs like 
> "xx requests/sec are too many"?
yes. sorry I forgot to send it in my previous mail.
here what it says :

Oct 22 18:18:10 gemini dccd[14598]: [ID 803709
mail.notice] 53 requests/sec are too many from 32768
212.xxx.xxx.xxx,55920

> If not, you've found an upper bound on the performce
> of fork()/exec(),
> dccproc, dccd, or something else on your system.
> 
> You might have simply overflowed the kernel socket
> buffer.
> 700 UDP packets is at least 140 KBytes.  A burst of
> 700 requests
> after things were quiet would probably suddently
> inflate the RTT,
> and so each of the dccproc clients would have
> quickly sent 3 
> retransmissions.  That would try to stuff 400 KBytes
> into the 
> socket buffer.  Dccd asks a socket buffer of 1 MByte
> or whatever
> the kernel will allow, whichever is smaller.  What
> is the maximum
> RCVBUF value for your system?
> 
udp_recv_hiwat 8192
udp_max_buf 262144
tcp_max_buf 1048576


> There must be some limit on the request rate to
> defend against denial
> of service attacks and or buggy clients (e.g. an
> infinite loop in the MTA).
> What do you think the limit should be?  
I agree with you on DOS attack and buggy clients.But
can you make it customizable while compiling code or
running dccd ?

>I think
> 700/second is far too
> high for almost all installations, and if you really
> need that rate,
> I'll have to make the rate limit machinery
> configurable.
 I'll be so glad.

Best Regards,

 


=====
Levent Serinol
ICQ#  : 9792343

#exclude <windows.h>
"Trust me.  I know what I'm doing."
-- Sledge Hammer

__________________________________________________
Do You Yahoo!?
Make a great connection at Yahoo! Personals.
http://personals.yahoo.com



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.