Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Cannot Reproduce
-
0.9.3
Description
Currently the connection from clients are only closed by the server when a receive timeout is configured or the client is sending invalid messages that cause exceptions on the server (with THRIFT-3957 and THRIFT-3961 merged).
That means that the client can continue to occupy a limited open connection, as long as it sends valid messages in regular intervals.
To demonstrate the issue the appended patch enables the connection limit and receive timeout on the TestServer and the appended python script opens many connections to it, thus rapidly exhausting the client connection limit.
Starting the server:
$ bin/TestServer --protocol=json --transport=http --server-type=thread-pool --port=9080
Starting the script:
$ ./ThriftDOSAttack.py http://localhost:9080 3
After a short period the connection limit of the server should be exhausted and new connections are denied.
To stop the python script you have to do this in a seperate terminal:
$ kill $(pgrep -f "ThriftDOSAttack.py")
Here are a view ideas to prevent this scenario:
- Implement traffic limitation of every connection, after limit is reached, disconnect the client.
- Limit size of a single RPC call and limit number of calls per connection
- Limit number of connections per IP
Attachments
Attachments
Issue Links
- relates to
-
-
- Closed
-
-
THRIFT-3084 C++ add concurrent client limit to threaded servers
-
- Closed
-