LVS
lvs-users
[Top] [All Lists]
Google
 
Web LinuxVirtualServer.org
<prev [Date] next> <prev [Thread] next>

Limiting simultaneous requests from a single ip

from [Neil Sandow] [Permanent Link]
To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: Limiting simultaneous requests from a single ip
From: Neil Sandow <rxlist@xxxxxxxxxx>
Date: Tue, 6 May 2003 12:39:28 -0700 (PDT) 
I'm running an LVS (ipvsadm v1.11 2000/06/16 (compiled with popt and IPVS
v0.9.14)) on a Mandrake system (Linux version 2.2.17-21mdksecure ) With 7
realservers behind it.  It's been running for > 2 years and balances the
load quite nicely.

Occassionaly I get a ton of requests from a single ip address that can
really bog things down.  This AM I had > 2500 requests within a 7 minute
period for a page that has lots of ssi's running cgi's.   The cpu load on
ALL realservers skyrocketed and effectively blocked access to the site for
about 5-10 minutes.

Is there a way to limit the number of active connections to a single ip
address using ipchains?    If this is possible using iptables, but not
ipchains, I would upgrade the server to resolve this problem which seems
to be happening several time per week.

Thanks! -Neil




                               ===================
                        Neil Sandow, Pharm.D. rx@xxxxxxxxxx
                     http://rxlist.com - The Internet Drug Index
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Small packets handling : LVS-DR vs LVS-NAT, Peter Mueller
Next by Date:  Re: Limiting simultaneous requests from a single ip, Joseph Mack
Previous by Thread:  Small packets handling : LVS-DR vs LVS-NAT, Nicolas Chiappero
Next by Thread:  Re: Limiting simultaneous requests from a single ip, Joseph Mack
Indexes:  [Date] [Thread] [Top] [All Lists]