Kurt D. Zeilenga wrote:
At 11:27 AM 2/7/2006, Ramseyer, Ken wrote:
Can OpenLDAP (slapd) be protected from a runaway client process that
repeatedly calls ldap_search thousands of times a second?
IIRC, slapd(8) will attempt to prevent a single connection to consume
more than half thread pool. Of course, client which consumes
half the thread pool for even short periods of time can adversely
affect service to other clients.
Beyond this, no other slapd(8) features come to mind.
And of course, a moderately powerful machine can easily service
thousands of searches per second. So the other question is,
what are you really trying to protect against?
--
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
OpenLDAP Core Team http://www.openldap.org/project/
