>>9111Woah, dem some digits. Maybe this board really
is compromised... :)
"Flood detected" from the dmesg/kmsg logs? Those can be disregarded. Happens all the time just for having an open port. Maybe some broken traffic from India, maybe some script kiddie, but nothing legitimate is going to use such an old known technique.
What I mean is that the requests will take longer. So what happens is you have some slightly smaller subset of 65534 "private ports" available. Somebody connects to 443 or 3, the server can have a max backlog of 5 requests on a tcp socket which the kernel will handle. So what happens is that main process grabs the request, forks (copies itself and diverges), and the "main" loop goes back to sitting on that 5-limited socket to feed another request.
The TCP Handshake provides a private port, so other than 443, and client and webserver then interact directly.
There is apache tuning for default number of children and whatnot, I think default is something like 900 in the threaded-fork model. Nginx has even way more.
Anyway, so what happens is all these requests just become individual processes on the system. They fetch the data from disk, maybe hit the database a few times, and serve the result to the client.
This all takes time, for static files it's taking me about 150ms including latency (I get world-wide in < 20ms, so almost all of that is server latency). There's a max timeout, but it's like 30 seconds.
Anyway, if the server doubles in number of requests, you can assume that -- roughly, you will get a slightly above doubling of response time. So maybe * 1.6 so 150ms per request would move up to 240ms per request.
So stuff just takes longer, the server just doesn't explode.
Check your memory levels (I recommend installing "htop" but you can just use free -m to see the memory usage and swap usage). That can run out, and will lead to server implosion. So can disk space.
Message too long. Click here to view full text.