Re: : : rouge IPs / user

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: knitti

Date: Wednesday, December 12, 2007 - 1:44 pm

On 12/12/07, Daniel Ouellet <daniel@presscom.net> wrote:
quoted text> I am only
> saying that using PF in front of httpd will reduce the possible number
> of httpd close_wait you might see. By default httpd can only support up
> to 256 connections, unless you increase it and compile it again.

I don't understand why pf would reduce this. Every single CLOSE_WAIT
stems from a former established connection, and pf can nothing do
to convince httpd to close its socket. No rogue clients involved here.

quoted text> lead you in that path, then I am sorry. What will affect your close_wait
> time (when you reach that point) are the tcp stack value, witch I am
> reluctant to suggest to adjust as they sure can create way more harm
> then goods.

I don't think there is a systl for that. TCP connections don't expire by
default, if you not make them, and the same should go for a half-closed
one. There are perfectly legit reasons for long open half-closed
TCP connections.

quoted text> My point with PF here was that it would reduce the possible numbers of
> close_wait state you could possibly see in the first place, witch is one
> of the original goal of the question.

Why?

--knitti

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

rouge IPs / user, badeguruji, (Fri Dec 7, 10:51 am)

Re: rouge IPs / user, Daniel Ouellet, (Fri Dec 7, 11:03 am)

Re: rouge IPs / user, STeve Andre', (Fri Dec 7, 11:08 am)

Re: rouge IPs / user, Greg Thomas, (Fri Dec 7, 11:26 am)

Re: rouge IPs / user, Nick Guenther, (Fri Dec 7, 11:56 am)

Re: rouge IPs / user, Steve Shockley, (Fri Dec 7, 1:08 pm)

Re: rouge IPs / user, badeguruji, (Fri Dec 7, 1:32 pm)

Re: rouge IPs / user, Axton, (Fri Dec 7, 1:45 pm)

Re: rouge IPs / user, Jon Radel, (Fri Dec 7, 8:12 pm)

Re: rouge IPs / user, new_guy, (Fri Dec 7, 8:33 pm)

Re: rouge IPs / user, Nick Guenther, (Fri Dec 7, 9:13 pm)

Re: rouge IPs / user, Raimo Niskanen, (Mon Dec 10, 4:31 am)

Re: rouge IPs / user, Joel Wiramu Pauling, (Mon Dec 10, 5:15 am)

Re: : rouge IPs / user, Raimo Niskanen, (Tue Dec 11, 3:56 am)

Re: : rouge IPs / user, knitti, (Tue Dec 11, 5:43 am)

Re: : rouge IPs / user, Marti Martinez, (Tue Dec 11, 9:40 am)

Re: : rouge IPs / user, Daniel Ouellet, (Tue Dec 11, 10:15 am)

Re: : rouge IPs / user, Stuart Henderson, (Tue Dec 11, 10:47 am)

Re: : rouge IPs / user, knitti, (Tue Dec 11, 11:13 am)

Re: : rouge IPs / user, Daniel Ouellet, (Tue Dec 11, 12:20 pm)

Re: : rouge IPs / user, knitti, (Tue Dec 11, 4:04 pm)

Re: : rouge IPs / user, Daniel Ouellet, (Tue Dec 11, 4:44 pm)

Re: : rouge IPs / user, knitti, (Tue Dec 11, 5:34 pm)

Re: : rouge IPs / user, Daniel Ouellet, (Tue Dec 11, 5:51 pm)

Re: : rouge IPs / user, Daniel Ouellet, (Tue Dec 11, 6:19 pm)

Re: : rouge IPs / user, knitti, (Wed Dec 12, 2:11 am)

Re: : : rouge IPs / user, Raimo Niskanen, (Wed Dec 12, 8:18 am)

Re: : : rouge IPs / user, knitti, (Wed Dec 12, 9:32 am)

Re: : : rouge IPs / user, Daniel Ouellet, (Wed Dec 12, 10:53 am)

Re: : : rouge IPs / user, Daniel Ouellet, (Wed Dec 12, 12:43 pm)

Re: rouge IPs / user, Dan Farrell, (Wed Dec 12, 12:55 pm)

Re: : : rouge IPs / user, knitti, (Wed Dec 12, 1:03 pm)

Re: : : rouge IPs / user, Daniel Ouellet, (Wed Dec 12, 1:19 pm)

Re: : : rouge IPs / user, knitti, (Wed Dec 12, 1:44 pm)

Re: : : rouge IPs / user, knitti, (Wed Dec 12, 2:03 pm)

Re: : : rouge IPs / user, Daniel Ouellet, (Wed Dec 12, 2:13 pm)

Re: : : rouge IPs / user, knitti, (Wed Dec 12, 2:42 pm)

Re: : : rouge IPs / user, Otto Moerbeek, (Wed Dec 12, 3:25 pm)

Re: : : rouge IPs / user, Daniel Ouellet, (Wed Dec 12, 6:57 pm)

Re: : : rouge IPs / user, Daniel Ouellet, (Wed Dec 12, 9:58 pm)

Re: : : rouge IPs / user, Daniel Ouellet, (Wed Dec 12, 10:17 pm)

Re: : : rouge IPs / user, Daniel Ouellet, (Wed Dec 12, 10:30 pm)

Re: : : rouge IPs / user, Otto Moerbeek, (Wed Dec 12, 11:59 pm)

Re: : : rouge IPs / user, Daniel Ouellet, (Thu Dec 13, 12:25 am)

Re: : : rouge IPs / user, Otto Moerbeek, (Thu Dec 13, 1:09 am)

Re: : : rouge IPs / user, Stuart Henderson, (Thu Dec 13, 4:10 am)

Re: : : rouge IPs / user, Hannah Schroeter, (Thu Dec 13, 4:30 am)

Re: : : rouge IPs / user, Otto Moerbeek, (Thu Dec 13, 4:35 am)

Re: : : : rouge IPs / user, Raimo Niskanen, (Thu Dec 13, 6:25 am)

Re: : : : rouge IPs / user, Raimo Niskanen, (Thu Dec 13, 1:24 pm)


linux-kernel:
Greg Kroah-Hartman	[PATCH 041/196] kobject: add kobject_init_and_add function
Lukas Hejtmanek	Re: Another libata error related to OCZ SSD
Greg Kroah-Hartman	[PATCH 023/196] MCP_UCB1200: Convert from class_device to device
Florian Fainelli	Re: System clock runs too fast after 2.6.27 -> 2.6.28.1 upgrade
Christoph Lameter	[patch 1/4] mmu_notifier: Core code
git:
Johannes Schindelin	Re: [PATCH 1/2] Add strbuf_initf()
John Bito	[EGIT] Push to GitHub caused corruption
Jakub Narebski	Re: [PATCH 0/2] gitweb: patch view
Junio C Hamano	Re: [PATCH] When a remote is added but not fetched, tell the user.
Andy Parkins	Re: [RFC] Submodules in GIT
git-commits-head:
Linux Kernel Mailing List	ahci: Workaround HW bug for SB600/700 SATA controller PMP support
Linux Kernel Mailing List	V4L/DVB (11086): au0828: rename macro for currently non-function VBI support
Linux Kernel Mailing List	ceph: client types
Linux Kernel Mailing List	ceph: on-wire types
Linux Kernel Mailing List	crypto: chainiv - Use kcrypto_wq instead of keventd_wq
linux-netdev:
Andrew Morton	Re: [Bugme-new] [Bug 14969] New: b44: WOL does not work in suspended state
Giuseppe CAVALLARO	Re: [PATCH 03/13] stmmac: add the new Header file for stmmac platform data
Taku Izumi	[PATCH 3/3] ixgbe: add registers etc. printout code just before resetting adapters
Eric Dumazet	rps: some comments
Thomas Gleixner	Re: [RFC PATCH 02/12] On Tue, 23 Sep 2008, David Miller wrote:
openbsd-misc:
Stephan Andreas	problems with login after xlock in OpenBSD release 4.7
pmc	Make A Change. Alcoholism and Drug Addiction Treatment
ropers	Re: what exactly is enc0?
Fuad NAHDI	Re: What does your environment look like?
Matthew Szudzik	Typo on OpenBSD 4.4 CD Set