[mirror-admin] enabling keep-alives
Brian Long
brilong at cisco.com
Wed Mar 26 09:12:08 EDT 2008
On Tue, 2008-03-25 at 22:22 +0200, Axel Thimm wrote:
> On Tue, Mar 25, 2008 at 07:39:48AM +0100, Günther Fischer wrote:
> > On our side I see many partial GETs for one ISO from one IP. I think
> > this are download accelerators.
> > So we reach quickly the max number of httpd 768 (I have defined). With
> > redirected the ISOs to ftp I see it around 200.
> >
> > So I look to stop too many connections from one IP.
>
> I use two tricks, one is to limit connections to ISO dirs by some
> amount per IP:
>
> <IfModule mod_limitipconn.c>
> MaxConnPerIP 6
> </IfModule>
Wouldn't this also hinder folks behind a NAT device? If I have a /24
subnet behind a single NAT IP, only 6 of my hosts would be able to
perform legitimate downloads before being limited as if they were a
download accelerator. True?
/Brian/
--
Brian Long | |
. | | | . | | | .
' '
C I S C O
--
More information about the Mirror-admin
mailing list