Return-Path: Delivered-To: apmail-new-httpd-archive@apache.org Received: (qmail 66564 invoked by uid 500); 22 Dec 2000 18:37:32 -0000 Mailing-List: contact new-httpd-help@apache.org; run by ezmlm Precedence: bulk Reply-To: new-httpd@apache.org list-help: list-unsubscribe: list-post: Delivered-To: mailing list new-httpd@apache.org Received: (qmail 66544 invoked from network); 22 Dec 2000 18:37:32 -0000 From: TOKILEY@aol.com Message-ID: Date: Fri, 22 Dec 2000 13:37:01 EST Subject: Re: We are NOT ready for a beta. To: new-httpd@apache.org MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Mailer: AOL 3.0 16-bit for Windows sub 86 X-Spam-Rating: locus.apache.org 1.6.2 0/1000/N Follow-up to previous message. Before anyone accuses me of trying to launch a DOS attack last night against 2.0 running at ASF I assure that was not what I was testing. It was only 1000 connect/disconnect hits from ApacheBench 3 times in a row about 1 minute apart. That's more like normal traffic than any kind of DOS. My intention was to test the reported issue of the filtering getting and invalid bucket if a connection drops before a valid request is received ( IE: Connect but no data ). It worked fine from here, as far as I can tell. However... I suppose load balancers themselves like BigIP could be considered to do DOS attacks against their own registered back-ends, when you think about it. If some admin sets either the 'touch' delay or the panic recovery polling to NO TIME then the BigIP is going to start slamming it's backends just like a DOS attack would. This would be more likely when BigIP senses a connection to a backend has DROPPED. It then goes into panic mode and if some admin wants to know the very millisecond when that box comes back I suppose they might set the panic turnaround that backend to NO TIME or something. Perhaps moot point though, since any sane load balancer is going to drop out of panic mode the minute it gets a few good connections back to the missing backend server so what looks like a DOS attack is 'supposed' to stop at that point. Yours... Kevin Kiley CTO, Remote Communications, Inc. > In a message dated 00-12-22 09:10:47 EST, Ryan writes... > > > The locus downtime right now seems to be because of Apache 2.0. I turned > > on 2.0 at about 10:30, and it worked just fine for about fifteen > > minutes. Then at just about 10:45, the machine stopped responding to > > everything. I am not sure what the issue is, because this doesn't happen > > on any of my machines when I run Apache. I believe the problem is that we > > are trying to run every module, which I am not sure anybody has ever tried > > before. > > Maybe not. > I happened to 'see' it just as it came up last night so I decided > to test the 'connection without a request' issue reported yesterday. > > I used an altered copy of ApacheBench to imitate a BigIP Load > balancer polling sequence and then turned it loose. > > Everything was fine. > You won't see any entries in the log there because it was > simply connection/disconnecting immediately. > > I slammed it about 1000 times on 3 different test runs and your > address never missed a beat. I got no errors on this end and > all connection attempts were successful. > > Maybe that was what caused the 'freeze-up'... I don't know. > Everything was AOK on this end. > > Yours... > Kevin Kiley > CTO, Remote Communications, Inc. >