> I have a lame hack I do which is to check the ns_server information to see if there >is already a process running from the peer address via a filter. It works for me >since mine is an internal app and we have no proxy.
The problem with this approach IMO is that there are no options at that point. You can either do the request or reject the request. Even if you do a time delay, your server is potentially hosing itself because it would be easy to use this in a DOS attach to tie up all the server threads in a sleep. At least for us, totally rejecting simultanous requests wouldn't work. And it doesn't address the problem of a surfer on a cable modem hitting all of our dynamic pages one at a time. That could easily be a 10-20 requests per second load.
