Return-Path: 
 <dev-return-72271-apmail-httpd-dev-archive=httpd.apache.org@httpd.apache.org>
X-Original-To: apmail-httpd-dev-archive@www.apache.org
Delivered-To: apmail-httpd-dev-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 1A3D78DCC
	for <apmail-httpd-dev-archive@www.apache.org>;
 Wed, 24 Aug 2011 12:43:54 +0000 (UTC)
Received: (qmail 59175 invoked by uid 500); 24 Aug 2011 12:43:53 -0000
Delivered-To: apmail-httpd-dev-archive@httpd.apache.org
Received: (qmail 58879 invoked by uid 500); 24 Aug 2011 12:43:51 -0000
Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@httpd.apache.org
list-help: <mailto:dev-help@httpd.apache.org>
list-unsubscribe: <mailto:dev-unsubscribe@httpd.apache.org>
List-Post: <mailto:dev@httpd.apache.org>
List-Id: <dev.httpd.apache.org>
Delivered-To: mailing list dev@httpd.apache.org
Received: (qmail 58867 invoked by uid 99); 24 Aug 2011 12:43:51 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 24 Aug 2011 12:43:51 +0000
X-ASF-Spam-Status: No, hits=-0.0 required=5.0
	tests=SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (nike.apache.org: local policy)
Received: from [193.227.124.2] (HELO mx01.bfk.de) (193.227.124.2)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 24 Aug 2011 12:43:44 +0000
Received: from mx00.int.bfk.de ([10.119.110.2])
	by mx01.bfk.de with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32)
	id 1QwCnj-0003L5-VC; Wed, 24 Aug 2011 12:43:23 +0000
Received: by bfk.de with local id 1QwCnj-00048H-QD;
 Wed, 24 Aug 2011 12:43:23 +0000
From: Florian Weimer <fweimer@bfk.de>
To: Dirk-WIllem van Gulik <dirkx@webweaving.org>
Cc: dev@httpd.apache.org,  =?iso-8859-1?Q?Pl=FCm=2C_R=FCdiger=2C_VF-Group?=
 <ruediger.pluem@vodafone.com>
Subject: Re: Mitigation Range header
References: 
 <E563FB5AB3F02844AC749BA39E494AB4052FBD64@VF-MBX11.internal.vodafone.com>
	<5A3B5F78-AEAF-4922-9C86-7669CCD18024@webweaving.org>
	<E563FB5AB3F02844AC749BA39E494AB4052FBE8C@VF-MBX11.internal.vodafone.com>
	<82aaazf18t.fsf@mid.bfk.de>
	<F3A91B8A-1976-4153-B4BB-7631E1AB0D99@webweaving.org>
Date: Wed, 24 Aug 2011 12:43:23 +0000
In-Reply-To: <F3A91B8A-1976-4153-B4BB-7631E1AB0D99@webweaving.org>
	(Dirk-WIllem van Gulik's message of "Wed, 24 Aug 2011 13:39:31 +0100")
Message-ID: <8262lnf09g.fsf@mid.bfk.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable
X-Virus-Checked: Checked by ClamAV on apache.org

* Dirk-WIllem van Gulik:

> Hmm - when I remove mod_deflate (i.e. explicitly as it is the default
> in all our installs) and test on a / entry which is a static file
> which is large (100k)* - then I cannot get apache on its knees on a
> freebsd machine - saturating the 1Gbit connection it has (Note: the
> attack machines *are* getting saturated).  The moment i put in
> mod_deflate, mod_external filter, etc - it is much easier to get
> deplete enough resources to notice.

Oh.  Have you checked memory usage on the server?

--=20
Florian Weimer                <fweimer@bfk.de>
BFK edv-consulting GmbH       http://www.bfk.de/
Kriegsstra=DFe 100              tel: +49-721-96201-1
D-76133 Karlsruhe             fax: +49-721-96201-99