You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by "Emmanuel Lecharny (JIRA)" <ji...@apache.org> on 2014/09/07 07:59:28 UTC
[jira] [Commented] (DIRMINA-389) Create a Connection Throttle
Filter
[ https://issues.apache.org/jira/browse/DIRMINA-389?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14124792#comment-14124792 ]
Emmanuel Lecharny commented on DIRMINA-389:
-------------------------------------------
The ConnectionThrottlerFilter is uterly broken. The conecpt itself is broken.
One should *never* try to fix such an issue in the applicatioin itself, it should be dealt with at a upper level. If a rogue client is trying to DDOS the server by creating thousands of sessions, this should be detected *before* the MINA server is hit.
The real problem with this approach is that we have a map storing the created session *forever*. We *Never* delete any of the session from the map, which will lead to a OOM in the long run (and even if we do keep the session for only a period of time, that would put a huge strain on the server : in the case we do have a DDOS, we would have to handle tens of thousands of requests per second, though a synchronized map. It's not going to fly...)
I would rather suggest we remove this filter from MINA. Use the right tool for the right problem...
> Create a Connection Throttle Filter
> -----------------------------------
>
> Key: DIRMINA-389
> URL: https://issues.apache.org/jira/browse/DIRMINA-389
> Project: MINA
> Issue Type: New Feature
> Components: Filter
> Environment: All
> Reporter: Mark Webb
> Assignee: Mark Webb
> Priority: Minor
> Fix For: 2.0.8
>
>
> Create a filter that will throttle connections. This filter will monitor newly created sessions and if new connections from the same IP address come in too fast, drop the connections.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)