zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Henry Robinson (JIRA)" <j...@apache.org>
Subject [jira] Updated: (ZOOKEEPER-336) single bad client can cause server to stop accepting connections
Date Tue, 05 May 2009 04:18:30 GMT

     [ https://issues.apache.org/jira/browse/ZOOKEEPER-336?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Henry Robinson updated ZOOKEEPER-336:

    Attachment: ZOOKEEPER-336.patch

Attached is a patch which does the following:

1. Adds a configuration variable maxClientCnxns which defaults to 10, which limits the number
of simultaneous connection attempts from an InetAddress. (This is the change that touches
most files).
2. Update NIOServerCnxn.java to implement this change by closing a socket connection that
contravenes this limit. I added a new constructor (called by the old one), plus the data structures
to quickly find how many connections are already open from a particular address in O(1) (assuming
finite maxClientCnxns) time.

If maxClientCnxns is 0, there is no limit.


* If many clients are behind a NAT, this limit will have to be taken off as the code cannot
distinguish between different NATted clients.
* This probably isn't effective in the face of IPv6 if a single user has loads of addresses

At present, clients that can't connect retry once every second. I also have a patch that adds
a maxConnectionAttempt configuration variable, and have ClientCnxn enforce the limit, but
I haven't found a clean way to call up to the ZooKeeper object and tell it to abandon the
connection attempt (ZooKeeper.close() maybe seems to deadlock, I'll look further later).


> single bad client can cause server to stop accepting connections
> ----------------------------------------------------------------
>                 Key: ZOOKEEPER-336
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-336
>             Project: Zookeeper
>          Issue Type: Improvement
>          Components: c client, java client, server
>            Reporter: Patrick Hunt
>            Priority: Critical
>             Fix For: 3.2.0
>         Attachments: ZOOKEEPER-336.patch
> One user saw a case where a single mis-programmed client was overloading the server with
connections - the client was creating a huge number of sessions to the server. This caused
all of the fds on the  server to become used.
> Seems like we should have some way of limiting (configurable override) the maximum number
of sessions from a single client (say 10 by default?) Also we should output warnings when
this limit is exceeded (or attempt to exceed).

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message