mina-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Emmanuel Lecharny (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DIRMINA-764) DDOS possible in only a few seconds...
Date Mon, 15 Feb 2010 16:25:28 GMT

    [ https://issues.apache.org/jira/browse/DIRMINA-764?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12833873#action_12833873

Emmanuel Lecharny commented on DIRMINA-764:

Ok, there is some slight problem in the client : we don't wait for the response, we immediately
send another message. The server does not have the time to send the response, as it is pounded
with new requests.

I have slightly modified the client code to wait until some bytes are available, instead of
immediately sending a new message.

The server is now stable, dealing with around 12 000 message per second. No OOM, but a very
high CPU consumption.

Sadly, I can tell if the System CPU is caused by the server at this point. I have to run the
test on different machines.

However, I keep this issue open, because a malevolent client can kill a mina server in a matter
of seconds. This has to be fixed.

> DDOS possible in only a few seconds...
> --------------------------------------
>                 Key: DIRMINA-764
>                 URL: https://issues.apache.org/jira/browse/DIRMINA-764
>             Project: MINA
>          Issue Type: Bug
>    Affects Versions: 2.0.0-RC1
>            Reporter: Emmanuel Lecharny
>            Priority: Blocker
>             Fix For: 2.0.0
>         Attachments: screenshot-1.jpg, screenshot-2.jpg
> We can kill a server in just a few seconds using the stress test found in DIRMINA-762.
> If we inject messages with no delay, using 50 threads to do that, the ProtocolCodecFilter$MessageWriteRequest
is stuffed with hundred of thousands messages waiting to be written back to the client, with
no success.
> On the client side, we receive almost no messages :
> 0 messages/sec (total messages received 1)
> 2 messages/sec (total messages received 11)
> 8 messages/sec (total messages received 55)
> 8 messages/sec (total messages received 95)
> 9 messages/sec (total messages received 144)
> 3 messages/sec (total messages received 162)
> 1 messages/sec (total messages received 169)
> ...
> On the server side, the memory is totally swamped in 20 seconds, with no way to recover
> Exception in thread "pool-1-thread-1" java.lang.OutOfMemoryError: Java heap space
> (see graph attached)
> On the server, ConcurrentLinkedQueue contain the messages to be written (in my case,
724 499 Node are present). There are also 361629 DefaultWriteRequests, 361628 DefaultWriteFutures,
361625 SimpleBuffer, 361 618 ProtocolCodecFilter$MessageWriteRequest and 361 614 ProtocolCodecFilter$EncodedWriteRequests.
> That mean we don't flush them to the client at all. 

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message