Rate limiting Kerberos Requests
Jack Neely
jjneely at ncsu.edu
Tue Sep 25 16:34:59 EDT 2012
Greetings,
Has anyone done any rate limiting or throttling of Kerberos requests?
I've had several situations where I had a load of 600 requests / minute
against my 3 kerberos slaves that caused degradation of performance for
everyone else. Always from misbehaving tools or applications.
What suggestions do folks have for doing this? I've thought about using
the limit module in iptables:
iptables -A INPUT -p tcp --dport 88 -m limit --limit 4/min --limit-burst 6 -j ACCEPT
iptables -A INPUT p tcp --dport 88 -j DROP
Jack
--
Jack Neely <jjneely at ncsu.edu>
Linux Czar, OIT Campus Linux Services
Office of Information Technology, NC State University
GPG Fingerprint: 1917 5AC1 E828 9337 7AA4 EA6B 213B 765F 3B6A 5B89
More information about the Kerberos
mailing list