[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[LDM #BRZ-289323]: Feature request: throttling inbound/outbound traffic

Subject: [LDM #BRZ-289323]: Feature request: throttling inbound/outbound traffic
Date: Wed, 16 Sep 2015 10:45:34 -0600

Gilbert,

> Hi Steve,
> 
> So, a funny thing happened to me yesterday, and not "ha ha" funny:
> an SCCM

Society of Critical Care Medicine? System Center Configuration Manager?

> server was pegged with 800 mb/sec of downloads on campus,
> and as a result, for three hours, I was down. Then, when they
> shut it off to stop the problem, as it was jamming the DNS
> servers as well...
> 
> I got a flood of data. An hour's worth of radar: Level 2, 3
> and then NGRID, HRS, yadda, yadda.

So, for 3 hours your LDM wasn't receiving data because the campus network was 
clogged by other downloads?

> And one of our campus IT professionals was NOT happy, nor was
> one of our ISP's Syndeo. They flagged it as a DDOS due to the
> high amounts of traffic from multiple different servers inbound
> and outbound, being a relay...and so they blocked me.

That was rather draconian. The LDM uses TCP, which plays nice with others and 
automatically adjusts to available bandwidth -- using less if the network is 
congested and more as the network becomes uncongested.

> I'm unblocked now, but here's why this happened: Weather3.admin.niu.edu
> used to be a server from 2005. Now it's from 2014, has 8 Core i7
> processors, a 4620 (not sure I remember correctly) motherboard, 1600 GHZ
> RAM, etc. It's not slow. In 7 years, it will be. :-)
> 
> So, instead of taking up to 15 minutes for the LDM to catch up and
> retransmit the data with the old weather3, it took SECONDS
> with the new one. This is a very good thing, and potentially a
> bad thing.
> 
> Is there any way to have a feature "throttle" the LDM to some degree so
> that it doesn't hit panic alarms when outages like this happen? With
> gigabit comnnections and fast servers, this may be a problem
> in the future, causing false DDOS alarms to ISP's and such.

The LDM doesn't have the capability of throttling itself -- nor is one planned. 
If you feel this is a needed feature, then I encourage you to add it to the 
"Issues" list for the LDM at its GitHub repository 
<https://www.github.com/Unidata/ldm>.

One might be able to use the tc(1) utility to impose a limit on TCP connections 
involving port 388. Would you please investigate this before adding to the 
LDM's "Issues" page. Thanks.

> Gilbert

Regards,
Steve Emmerson

Ticket Details
===================
Ticket ID: BRZ-289323
Department: Support LDM
Priority: Normal
Status: Closed

Prev by Date: [LDM #VFJ-931752]: Does this affect the LDM at all?
Next by Date: [LDM #BRZ-289323]: Feature request: throttling inbound/outbound traffic
Previous by thread: [LDM #VFJ-931752]: Does this affect the LDM at all?
Next by thread: [LDM #BRZ-289323]: Feature request: throttling inbound/outbound traffic
Index(es):
- Date
- Thread