Re: Testlvs and Apache...

To: Julian Anastasov <ja@xxxxxx>
Subject: Re: Testlvs and Apache...
Cc: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
From: Pietro Ravasio <pietro.ravasio@xxxxxxxxxxxxx>
Date: Fri, 29 Sep 2000 15:14:40 +0200
At 08.22 29/09/00 +0000, Julian Anastasov wrote:
> -aux |grep httpd, but if I try a connection to localhost on one of the
> realserver I can't get anything). The only solutions is to restart apache.

        This result is expected. Have you seen DDoS :)

I've read "LVS defence strategies against DoS attacks" (, but I've not implemented any of the strategies it talks about yet!
Is this what you're talking about?

Is DoS protection you're talking about at kernel level or at LVS level? I think the first one since I can't connect to real servers' port 80 after testlvs launch even trying to connect from "realservers localhost" (it's realservers' kernel to stop processing packet directed to port 80)

I can perform testlvs runs if I set -srcnum < ~20, it seems to me that kernel considers a packet flooding as a DoS attack only if it comes from a lot of different Ip numbers... Am I wrong?

> Has anyone of you experienced such a problem?

        You are brave people :)

        This tool is for people that often ask "Hm, what CPU I need for
LVS? Can LVS supprt N connections/sec? Is 128MB RAM enough for LVS?".
But if you want to hit your real servers, go ahead :)

Having set "srcnum 10", I've done some test with testlvs, and I can get about 3200-3400 packets/sec. This is CPU limited: my PIII 733 LVS servers report full CPU usage during tests, while occupied memory doesn't seem to grow (used memory: ~40Mb, and it doesn't grow during tests).

I have reached ~17500 packets/sec during first tests, I can't understand why I can't get this result anymore (I've not change anything in SW/HW configuration, I only went lunch! :)

My LVS servers are single PIII 733, 256Mb, doing NAT on a 100Mbit switched (Cabletron Smart Stack) network.


<Prev in Thread] Current Thread [Next in Thread>