[389-users] Safeguarding against to many established connections
Gerrard Geldenhuis
Gerrard.Geldenhuis at betfair.com
Tue Oct 19 10:36:51 UTC 2010
>>
>> I suspect that solutions to this problem probably falls outside of what can be configured in 389?
>
>While it's not a 389-specific suggestion, iptables could easily solve
>this problem for you across the board. :)
Do you have thoughts on criteria for iptables... how do you differentiate between 800 healthy connections and 800 duff ones if both have an ESTABLISHED state? Do you just assume it will never be that much and limit accordingly or do you do time limit to say that connections should never be maintained longer than x minutes and require clients to re-establish connections?
Regards
________________________________________________________________________
In order to protect our email recipients, Betfair Group use SkyScan from
MessageLabs to scan all Incoming and Outgoing mail for viruses.
________________________________________________________________________
More information about the 389-users
mailing list