[389-users] Safeguarding against to many established connections
Andrey Ivanov
andrey.ivanov at polytechnique.fr
Tue Oct 19 10:47:47 UTC 2010
Hi,
you may be interested in the following threads with some solutions :
http://lists.fedoraproject.org/pipermail/389-users/2010-September/012149.html
http://lists.fedoraproject.org/pipermail/389-users/2009-February/009062.html
@+
2010/10/19 Gerrard Geldenhuis <Gerrard.Geldenhuis at betfair.com>
> >>
> >> I suspect that solutions to this problem probably falls outside of what
> can be configured in 389?
> >
> >While it's not a 389-specific suggestion, iptables could easily solve
> >this problem for you across the board. :)
>
> Do you have thoughts on criteria for iptables... how do you differentiate
> between 800 healthy connections and 800 duff ones if both have an
> ESTABLISHED state? Do you just assume it will never be that much and limit
> accordingly or do you do time limit to say that connections should never be
> maintained longer than x minutes and require clients to re-establish
> connections?
>
> Regards
>
>
> ________________________________________________________________________
> In order to protect our email recipients, Betfair Group use SkyScan from
> MessageLabs to scan all Incoming and Outgoing mail for viruses.
>
> ________________________________________________________________________
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20101019/4287595f/attachment.html>
More information about the 389-users
mailing list