httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From r..@ai.mit.edu (Robert S. Thau)
Subject Re: fork free
Date Sat, 22 Apr 1995 18:36:02 GMT
   From: Rob Hartill <hartill@ooo.lanl.gov>
   Date: Sat, 22 Apr 95 12:30:49 MDT

   The latest fork-free patch is in /patches/for_Apache_0.6.2/

   Things we need to fix...

   There's a potential problem in the current setup, which I think
   the NCSA approach will suffer from too, it should be possible for
   a trouble maker to open N connections, and grab the attention of
   all N child processes. He can then hold these N connections open
   for TIMEOUT seconds, and thus block all other connections to the
   server.

I wouldn't be so worried about deliberate denial of service attacks;
if an attacker wants to take down any current server (or a non-forking
server with a forking fallback state, for that matter), they can
always just bombard it with connections faster than it can keep up,
leading to a proliferation of processes which spend all of their time
fighting over the CPU, and none of it getting anything done.  (When
the load average is 400, no one is getting served effectively).

The real problem is situations where this may occur by accident, some
of which Brandon outlined.  Unfortunately, the forking fallback
position has problems of its own --- basically, when NCSA 1.4, or a
like-constructed server, is under heavy load, it actually gets slower.
This can lead to catastrophic failure when the load has sudden peaks
against a background of steadily high activity (which I saw a number
of times while testing my 1.4/Apache mix under load); note that real
Web traffic does turn out to be fairly peakish in practice (the AI
lab's peak load is roughly 10,000 transactions/hr, at about 4:00 PM
EDT, which is < 3 tr/sec, but we see peaks of up to 12-13 tr/sec when
we histogram transactions/calendar second on a daily basis).

rst

Mime
View raw message