rssLink RSS for all categories
 
icon_red
icon_green
icon_red
icon_red
icon_blue
icon_green
icon_green
icon_red
icon_red
icon_red
icon_orange
icon_green
icon_green
icon_green
icon_green
icon_blue
icon_red
icon_orange
icon_red
icon_red
icon_red
icon_red
icon_green
icon_red
icon_red
icon_red
icon_red
icon_orange
icon_green
 

FS#4408 — FS#8341 — Load balancing a10

Attached to Project— Hosting
Maintenance
20gp
CLOSED
100%
We received the new pictures that fix the two problems that we have reported:
1. Memory Leak
2. Slowloris / Torhammer attack

We will update the boxes and we will restore traffic of shared hsoting and ovh. * above as usual.
Date:  Saturday, 30 March 2013, 00:49AM
Reason for closing:  Done
Comment by OVH - Saturday, 30 March 2013, 00:40AM

We established a parallel configuration with a new IP in order to make tests without imapcting production.


Comment by OVH - Saturday, 30 March 2013, 00:42AM

We found the bug in the configuration that was included in redundancy with the new code.
We removed it. It works.

We pushed kimsufi.com above. It works.
OVH. * It works.
All shared hosting : it works.


Comment by OVH - Saturday, 30 March 2013, 00:43AM

One of the boxes has crashed. We will remove everything.


Comment by OVH - Saturday, 30 March 2013, 00:44AM

We will reset traffic on one of the boxes which is protected against this kind of attack.

p19-77-a10#sh log
Log Buffer: 30000
Mar 29 2013 11:15:31 Warning [AX]:conn proxy queue depth exceeds limit (465001)
Mar 29 2013 11:15:30 Warning [AX]:conn proxy queue depth exceeds limit (464001)
Mar 29 2013 11:15:30 Warning [AX]:conn proxy queue depth exceeds limit (463001)
Mar 29 2013 11:15:30 Warning [AX]:conn proxy queue depth exceeds limit (462001)


Comment by OVH - Saturday, 30 March 2013, 00:46AM

crash after 12 minutes of the attack that we had on shared hosting. attack is managed properly by the ACE, but not by AX.


Comment by OVH - Saturday, 30 March 2013, 00:48AM

The box has strained 350K of simultaneous sessions and crashed under the attack.

p19-77-a10#sh session brief
Traffic Type Total
--------------------------------------------
TCP Established 318882
TCP Half Open 64456

p19-77-a10#sh log
Log Buffer: 30000
Mar 29 2013 11:21:29 Warning [AX]:conn proxy queue depth exceeds limit (2289001)
Mar 29 2013 11:21:29 Warning [AX]:conn proxy queue depth exceeds limit (2288001)
Mar 29 2013 11:21:29 Warning [AX]:conn proxy queue depth exceeds limit (2287001)
Mar 29 2013 11:21:29 Warning [AX]:conn proxy queue depth exceeds limit (2286001)
Mar 29 2013 11:21:28 Warning [AX]:conn proxy queue depth exceeds limit (2285001)
Mar 29 2013 11:21:28 Warning [AX]:conn proxy queue depth exceeds limit (2284001)


Comment by OVH - Saturday, 30 March 2013, 00:49AM

Obviously the new fireware does not work.
We will stop there.