Ahmed Kamal wrote:
cool plan. Hopefully it should hold against regular release day traffic. However, on FC6 launch, we were deliberately 'attacked', right? flooders might deliberately hit the non static pages, are we prepared for that ? How would everyone feel about limiting the number of connections per /24 network to a reasonable number, a la iptables -p tcp --syn --dport 80 -m connlimit --connlimit-above 16 --connlimit-mask 24 -j REJECT
The attack thing was never totally confirmed one way or the other and we don't have the logs from last year (we weren't running fedora.redhat.com then) So we're much better prepared this run but it's still difficult to tell exactly what to expect.
-Mike
