|
Hello all--
We're using the RedHat AS 2.1 version of LVS. I'm not sure exactly what
the differences are, but Red Hat didn't have any answers for what we'd
like to do.
I know that iptables can block connections if they exceed a specified
number of connections per second (from anywhere). The question is, is
anybody doing this on a per-client basis, so that if any particular IP is
sending us more than a specified number of connections per second, they
get blocked but all other clients can keep going?
We occasionally (several times per week) experience what can only be
described as a traffic storm, or DOS attack. LVS handles it just fine,
but the web-servers get loaded up really bad, and pretty soon our site is
all but un-usable. Also looking for tools we could use to analyze this
(we use Webalizer for our web-logs-- but it can't tell us who's talking to
us in any given time-frame...)
Thanks in advance for any words of wisdom... :-)
-Matt-
|
