Re: [389-users] Safeguarding against to many established connections

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

you may be interested in the following threads with some solutions :

http://lists.fedoraproject.org/pipermail/389-users/2010-September/012149.html
http://lists.fedoraproject.org/pipermail/389-users/2009-February/009062.html

@+

2010/10/19 Gerrard Geldenhuis <Gerrard.Geldenhuis@xxxxxxxxxxx>
>>
>> I suspect that solutions to this problem probably falls outside of what can be configured in 389?
>
>While it's not a 389-specific suggestion, iptables could easily solve
>this problem for you across the board. :)

Do you have thoughts on criteria for iptables... how do you differentiate between 800 healthy connections and 800 duff ones if both have an ESTABLISHED state? Do you just assume it will never be that much and limit accordingly or do you do time limit to say that connections should never be maintained longer than x minutes and require clients to re-establish connections?

Regards


________________________________________________________________________
In order to protect our email recipients, Betfair Group use SkyScan from
MessageLabs to scan all Incoming and Outgoing mail for viruses.

________________________________________________________________________
--

--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users

[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux