|
Julian Anastasov wrote:
>
> It's OK if the director drops packets and nothing
> > gets through, but the director can't crash.
>
> Yes, the packets are dropped because there is no space to
> create new connection structure. The IPVS in the kernel will not crash
> but something else in the box will do, soon or later.
ah well can't do everything at once. If it's someone else's code we can
let them fix it :-)
> > I looked at Ratz's code, and that's going to have to be ported to 2.4
> > and maintained with each upgrade. Your patch doesn't address his problems,
> > but does fix my concerns.
>
> Yes, Ratz's code adds limits per service while this sysctl can
> limit everything. Or it can be additional strategy (oh, another one)
> vs/lowmem. The semantic can be "Don't allocate memory for new connections
> when the low memory threshold is reached". It can work for the
> masquerading connections too (2.2). By this way we will reserve memory
> for the user space. Very dangerous option, though.
what's dangerous about it?
> May be conn_limit is
> better or something like this:
>
> if (conn_number > min_conn_limit && free_memory < lowmem_thresh)
> DROP_THIS_PACKET_FOR_NEW_CONN
why have a min_conn_limit in here? If you put more memory into the director,
then you'll have to recompile your kernel. Is it because finding
conn_number is cheaper than finding free_memory?
> But obtaining the "free_memory" may be costs CPU cycles. May be we can
> stick with a snapshot on each second.
The number of valid connections shouldn't change dramatically
in 1 sec. However a DoS might still cause problems.
Joe
--
Joseph Mack PhD, Senior Systems Engineer, Lockheed Martin
contractor to the National Environmental Supercomputer Center,
mailto:mack.joseph@xxxxxxx ph# 919-541-0007, RTP, NC, USA
|
