trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Reindl Harald <h.rei...@thelounge.net>
Subject Re: How to limit the number of concurrent connections ?
Date Wed, 09 Jan 2013 03:15:44 GMT


Am 09.01.2013 04:05, schrieb Leif Hedstrom:
> On 1/8/13 6:55 PM, b13621367396@gmail.com wrote:
>> HI!all
>> I want to limit the number of concurrent connections  at ATS .such as Nginx (limit_conn
>> <http://wiki.nginx.org/NginxHttpLimitZoneModule#limit_conn> and limit_zone
modules).
>> someone can give me some advice?
>>
> 
>     CONFIG proxy.config.net.connections_throttle INT 30000
> 
> 
> That's an approximation though, it's both client and origin connections (it's the number
of sockets that it
> throttles on). Once you hit this limit, it'll start throttling. I'm assuming by concurrent
you mean connected
> sockets, and not active connections (there's no way to throttle the number of active
connections, afaik. It'd be
> nice to have though).

did you have a look at the link?
http://wiki.nginx.org/NginxHttpLimitZoneModule#limit_conn

the request was how to limit the ACTIVE connections from the
same IP as example some idiot who try a DOS attack by open
a lot of connections and let them open until timeout

this would be genrally nice

but IMHO the application layer is the wrong one
iptables_recent -> limit connection per IP / second
this is much more effective because the service itself
is not touched if one exceeds the limit


Mime
View raw message