On Wed, Jan 22, 2003 at 01:30:01AM +0100, Martin Stjernholm, Roxen IS @ Pike developers forum wrote:
The DoS would be that a client establishes connections faster than the server handles them? How would a shorter backlog make such a DoS less severe?
Shorter backlog would cause connections to be rejected on the OS level, so those will never reach the server (application) itself. Those rejected sockets (slots) would be freed quicker, since no connections will be established.
On the other hand, when application has to handle all connections, it will be significantly slower and will use much more resources (since it is interpreted anyway).
the author thought noone would feel the need to to twiddle it (which apparently was incorrect).
Is it planned to be fixed? It can be done easily, even without losing compatibility - by adding one parameter (or function).
Additionally, it would be good to limit number of connects (sessions), not only for web servers but for other session-based apps, completely transparently to the application itself (it was original intent for backlog parameter).
Regards, /Al