Rate limiting Kerberos Requests
Russ Allbery
rra at stanford.edu
Tue Sep 25 16:49:55 EDT 2012
Jack Neely <jjneely at ncsu.edu> writes:
> Has anyone done any rate limiting or throttling of Kerberos requests?
> I've had several situations where I had a load of 600 requests / minute
> against my 3 kerberos slaves that caused degradation of performance for
> everyone else. Always from misbehaving tools or applications.
That seems like a rather slow authentication rate and low load to me. I
would expect a KDC to handle that level of load without breathing hard.
What sort of configuration (hardware, software, etc.) are you using?
Our Kerberos KDCs *averaged* 2,800 requests per minute through the whole
month of August.
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the Kerberos
mailing list