Web lists-archives.com

Re: [Samba] Flooding Samba DC with random requests




On Tue, 2017-04-25 at 09:05 +0000, Julian Zielke via samba wrote:
> Hi,
> 
> yesterday we experienced a heavy request flooding from multiple
> servers being a domain member against our Samba Sernet DCs.
> All those servers are domain members and allow login using PAM
> (Samba+Winbind).

Currently we only have one process handling the LDAP traffic, which
would explain why a traffic flood like this:

> Running TCPDump we had like 400 Requests per 5 seconds like this:

...

Still only gives busy CPU, but not I/O wait:

> Due to that flooding, even logins via ssh on our servers timed out.
> CPU Load on both DCs went up to 95% without high I/O wait.
> After restarting the sernet-samba-ad service on both DCs, the Problem
> went away.

My first guess is that the multiple connections caused timeouts on the
clients, causing the clients to reconnect and try again, magnifying the
load.  However it is really hard to tell with the limited information
provided. 

I'm working to make our LDAP server multi-process, more efficient and
able to use all the available CPUs. 

Andrew Bartlett
-- 
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba