[mirror-admin] Gigabit NIC saturated.. [Re: Fedora 9 bitflip... slow becauseof the updates
Carlos Carvalho
carlos at fisica.ufpr.br
Thu May 15 22:37:02 EDT 2008
Paul Mezzanini (paul.mezzanini at rit.edu) wrote on 14 May 2008 18:06:
>As for those pesky download accelerators... Just today I blocked all
>resumes for .iso files on my server.
If you have a problem with too many connections you might limit them
at the firewall like this:
iptables -A FORWARD -p tcp --syn -m state --state NEW -d ${mirror-machine} --dport 80 -m recent --set
iptables -A FORWARD -p tcp --syn -m state --state NEW -d ${mirror-machine} --dport 80 -m recent --rcheck --seconds 60 --hitcount 10 -j DROP
This will limit connections to 10/min from the same IP.
>How does everyone else handle this problem?
We don't limit at all. The number of connections is not the problem,
nor is apache. People looking to "improve performance" of the web
server, either by tuning apache or using lighthttpd, are just trying
to limit load...
--
More information about the Mirror-admin
mailing list