[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[LDM #BRZ-289323]: Feature request: throttling inbound/outbound traffic



Gilbert,

> Hi Steve,
> 
> So, a funny thing happened to me yesterday, and not "ha ha" funny:
> an SCCM

Society of Critical Care Medicine? System Center Configuration Manager?

> server was pegged with 800 mb/sec of downloads on campus,
> and as a result, for three hours, I was down. Then, when they
> shut it off to stop the problem, as it was jamming the DNS
> servers as well...
> 
> I got a flood of data. An hour's worth of radar: Level 2, 3
> and then NGRID, HRS, yadda, yadda.

So, for 3 hours your LDM wasn't receiving data because the campus network was 
clogged by other downloads?

> And one of our campus IT professionals was NOT happy, nor was
> one of our ISP's Syndeo. They flagged it as a DDOS due to the
> high amounts of traffic from multiple different servers inbound
> and outbound, being a relay...and so they blocked me.

That was rather draconian. The LDM uses TCP, which plays nice with others and 
automatically adjusts to available bandwidth -- using less if the network is 
congested and more as the network becomes uncongested.

> I'm unblocked now, but here's why this happened: Weather3.admin.niu.edu
> used to be a server from 2005. Now it's from 2014, has 8 Core i7
> processors, a 4620 (not sure I remember correctly) motherboard, 1600 GHZ
> RAM, etc. It's not slow. In 7 years, it will be. :-)
> 
> So, instead of taking up to 15 minutes for the LDM to catch up and
> retransmit the data with the old weather3, it took SECONDS
> with the new one. This is a very good thing, and potentially a
> bad thing.
> 
> Is there any way to have a feature "throttle" the LDM to some degree so
> that it doesn't hit panic alarms when outages like this happen? With
> gigabit comnnections and fast servers, this may be a problem
> in the future, causing false DDOS alarms to ISP's and such.

The LDM doesn't have the capability of throttling itself -- nor is one planned. 
If you feel this is a needed feature, then I encourage you to add it to the 
"Issues" list for the LDM at its GitHub repository 
<https://www.github.com/Unidata/ldm>.

One might be able to use the tc(1) utility to impose a limit on TCP connections 
involving port 388. Would you please investigate this before adding to the 
LDM's "Issues" page. Thanks.

> Gilbert

Regards,
Steve Emmerson

Ticket Details
===================
Ticket ID: BRZ-289323
Department: Support LDM
Priority: Normal
Status: Closed


NOTE: All email exchanges with Unidata User Support are recorded in the Unidata inquiry tracking system and then made publicly available through the web. If you do not want to have your interactions made available in this way, you must let us know in each email you send to us.