[peruser] Multiple simultaneous connections issues

Stefan Seufert stefan at seuf.de
Mon Apr 3 00:52:11 MDT 2006


>> Given the apache process model the easiest solution might be to allow 
>> multiple multiplexers. But that of course will introduce some new 
>> process management/locking issues.
> 
> Multiple multiplexers would probably be a good idea regardless, for
> performance... but even if there's say, five muxes running, wouldn't it
> just take five Host-less requests instead of one to DoS the server?

Yes it would, but IMHO the same thing is true for the out-of-the box
apache server. If you open an connection to the maximum number of
possible children you've blocked the server. It only takes longer (150
requests given the default config instead if 1 for peruser) and the
timeout should free some children to let other requests sneak in.

To replicate this behaviour we need to have a dynamic pool of
multiplexer processes, similar to the pool of workers. That said, I
believe that a select() based, single process multiplexer would scale
much better but I have the bad feeling that the apache core routines
will not work with such a model.


Stefan



More information about the Peruser mailing list