1000 ports? you say below 10 servers are protected, if it has sourcetv too thats in total 20 ports x4 = 80 ports.. I only protect the ports that need protecting by only selecting the ports of the source servers.
Dont know your setup further though, but here it seems running ok. On Thu, 06 Jan 2011 13:19:32 +0100, Marco Padovan <evolutioncr...@gmail.com> wrote: > With 1000ports protected and 4 rules for each port on simple testserver > (xeon 3430): > > > PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND > 7 root -76 0 0 0 0 S 29.5 0.0 204:01.74 sirq-net-rx/0 > 21 root -76 0 0 0 0 S 8.3 0.0 9:02.45 sirq-net-rx/1 > 15408 *** 20 0 620m 506m 18m S 6.6 6.3 114:34.22 srcds_linux > 12249 *** 22 2 363m 291m 3420 R 4.6 3.6 3:35.13 cod4_lnxded > 8495 *** 20 0 83864 19m 2104 S 3.6 0.2 545:31.54 hlds_i686 > 8649 *** 20 0 173m 61m 7416 S 3.0 0.8 516:10.89 srcds_linux > > 29.5% + 8.3% of cpu usage just to correct an engine defect is too much... > > currently, on that test box, there are like 10 servers protected... the > rest are servers that does not need protection (cod, voice and so on)... > and the traffic flow is very very very low! > > Monitoring eth0... (press CTRL-C to stop) > > rx: 632 kbit/s 777 p/s tx: 308 kbit/s 220 p/s > > :( > > Il 06/01/2011 12:02, Arie ha scritto: >> Ronny and me wrote that blogpost on vanillatf2. During our tests the >> filter >> seemed effective and not causing too much CPU usage even when sending >> multiple megabytes worth of packets per second, so I'm curious why you >> say >> it's not going to work for you. >> >> It would of course be better if the gameserver itself would use >> sv_max_queries_sec_global properly. Right now this setting doesn't help >> against these attacks. >> >> >> >> On 5 January 2011 23:42, Marco Padovan<evolutioncr...@gmail.com> wrote: >> >>> I'm hosting many tf2 servers and lately we are getting a lot of denial >>> of >>> services... >>> >>> basically we got our machservers spammed with query requests till the >>> point >>> they time out (the machine is running properly, it's just the gameserver >>> slowly dieing) >>> >>> an effective way to stop this kind of behaviour is: >>> http://www.vanillatf2.org/2011/01/fighting-dos-attacks/ >>> >>> but that cannot be handled properly on boxes as busy as ours... >>> >>> basically with just little effort anybody is able to take down a single >>> gameserver spamming it with query requests :( >>> >>> What can we do to stop that? >>> Is there a decent plugin/official fix to get rid of this problem instead >>> of >>> doing packet inspection via iptables on boxes handling 10000+ >>> packets/second? >>> _______________________________________________ >>> To unsubscribe, edit your list preferences, or view the list archives, >>> please visit: >>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >>> >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds_linux > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
