Opened 16 years ago

Last modified 6 years ago

#216 reopened task

Fighting Bandwidth Accelerators

Reported by: warmerdam Owned by: warmerdam
Priority: normal Milestone:
Component: SysAdmin Keywords:
Cc: grass-dev@…


It would be helpful to have a strategy to limit bandwidth accelerators. That is, situations where one IP open many connections, often on the same file - in an apparent attempt to download it quickly. In some cases this seems to be misconfigured and result in repeated downloads, and in other cases it just ties up a lot of server slots, potentially denying other users service.

One suggestion has been to use mod_cband to limit bandwidth, but this doesn't really stop multiple connections at once, and might limit legitimate high bandwidth use. A also, the mod_cband site ( does not seem to be available.

Another promising looking option is mod_limitipconn:

Change History (8)

comment:1 by warmerdam, 16 years ago

Owner: changed from sac@… to warmerdam

I'm going to pursue limitipconn2 on

comment:2 by warmerdam, 16 years ago

Resolution: fixed
Status: newclosed

I have built and installed mod_limitipconn2 from source.

I changed the download configuration to:

<Directory "/osgeo/download">
  Options FollowSymLinks Indexes
  MaxConnPerIP 3

A brief test indicates that the 4th simultaneous request from a single IP will receive a 503 (service temporarily unavailable) response.

Mission accomplished!

comment:3 by warmerdam, 16 years ago

I have put the same thing into place on xblade 14-2 (aka,,, etc) but I attached the MaxConnPerIP 3 to <Directory "/"> in /etc/httpd/conf/httpd.conf which seems to have applied it to all the virtual hosts on the machine.

comment:4 by neteler, 16 years ago

Resolution: fixed
Status: closedreopened

The settings are too limited. I cannot even pen a single page with several screenshots on it, see for example:

This is a showstopper for us... Please give us more bandwidth.

thanks Markus

comment:5 by neteler, 16 years ago

Cc: grass-dev@… added

comment:6 by neteler, 16 years ago

I have added an exception for GRASS on that server and especially enabled images to not be blocked:

( [root@xblade14-2 conf]# vim /etc/init.d/httpd )

# docs:
# grant more to GRASS to not block screenshot pages:
<Directory "/osgeo/grass/rsync">
  Options FollowSymLinks Indexes
  MaxConnPerIP 12
  # exempting images from the connection limit is often a good
  # idea if your web page has lots of inline images, since these
  # pages often generate a flurry of concurrent image requests
  NoIPLimit images/* screenshots/*

Seems to help.


comment:7 by hamish, 16 years ago


FWIW I was seeing this even though I have not done anything so rude as to bump up the max connection per ip in my browser. I think that simply "3" is too agressive.

hmm. In Debian/stable's Firefox 2.0 if you go to "about:config" and filter on connection you will see:

network.http.max-connections-per-server             default   int  8
network.http.max-persistent-connections-per-proxy   default   int  4
network.http.max-persistent-connections-per-server  default   int  2

same values in the epiphany browser.


Seems to help.

same here.

thanks, Hamish

comment:8 by TemptorSent, 6 years ago

Modern browsers and download agents utilize far more connections than they did when this bug was opened. If connection limits are really necessary, they should be set to at the very least 8, but preferably eliminated entirely and serious abuse handled at the network layer. If it's specifically downloads of large files that is causing concern, limits should be imposed only with that specific scope and/or a better means for handling very large files should be identified and implemented.

Note: See TracTickets for help on using tickets.