[OpenAFS-devel] Retry transaction creates on transient problems

[Rainer Toebbicke]

Tom Keiser schrieb:

> 
> Raising thread count is not a solution.  More to the point, this patch
> introduces a trivially-exploitable (by rxnull conns, no less) thread
> DoS against the volume server, and that's just not acceptable.
> 
> The solution to this problem needs to happen client-side, period.
> 


Tom,

as you are aware the file server is trivially DoSsable. Even logical and valid 
requests from a batch farm of a few thousand clients like ours will lock it up 
in no time, which we solved here in a way that's perhaps even more 
contentious. A volserver DoS would rarely have a comparable impact, and 7005 
can probably be firewalled out from the wild world without much loss.

I agree however that introducing a DoS point even if it's only the 20th or 
30th on the list is a filthy habit of the past century. I'll check if that 
problem can be fixed on the client side without spaghettitizing the code 
significantly - when I get some time!

Until then I nevertheless believe that the patch could go in, be it with a 
comment that this demands to be revisited. I would not battle for it, though, 
as I agree with with your criticism while ranking it's importance lower.

Cheers, Rainer

-- 
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Rainer Toebbicke
European Laboratory for Particle Physics(CERN) - Geneva, Switzerland
Phone: +41 22 767 8985       Fax: +41 22 767 7155