[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

High connections...

To: "'Packeteer Listserv'" <packeteer-edu@lists.Stanford.EDU>
Subject: High connections...
From: Chris Marshall <marshall@denison.edu>
Date: Tue, 07 Jan 2003 13:26:06 -0500
Importance: Normal
In-reply-to: <5.1.0.14.0.20021222234006.07092ca0@pop3.postoffice.net>
Organization: Denison University
Sender: owner-packeteer-edu@lists.Stanford.EDU

All,

	I hope everyone had a good holiday.  When we installed the
latest version of the Packetwise software, we didn't see as much of an
improvement as we wanted, and we blamed it on our tree layout.  We
flushed the tree and rediscovered everything, applying policies as we
went.  Unfortunately, since our student body doesn't return for another
week, we won't know if we were successful in our attempts or not.  In
the mean time, we've been wondering if there are ways we can
preemptively control applications that may pop up in the future that
abuse the number of connections generated similar to the way we used the
packet shaper to control bandwidth.  Perhaps this might be even be
something we could bounce to the Packeteer reps as a feature request.
We decided to take a stab at controlling the high number of non-tcp
connections being generated (presumably by Kazaa v2 and Bulbster and the
like) by setting up a linux machine running IPTABLES on the link between
our student subnets and our firewall, the theory being that we could
limit the number of connections each host is allowed to consume.
However, it was only after we set it up that we realized that IPTABLES
will only control TCP connections, which for us are behaving quite
nicely.  I was wondering if anyone else has tried anything similar as a
band-aid fix, or has any thoughts on things we all could try.  At this
point, I'm thinking of emailing our PS rep and making a feature for
per-host connection limiting, but would like to try and articulate my
request a little better before I bother them with a vague request.

Thoughts?

-Chris Marshall
Network Engineer
Denison University

-++**==--++**==--++**==--++**==--++**==--++**==--++**==--++**==--++**
This message was posted through the Stanford mailing list server. To
subscribe/unsubscribe, send email to majordomo@lists.stanford.edu
with "subscribe packeteer-edu" or "unsubscribe packeteer-edu" as the body.  Archive
is at http://www.stanford.edu/group/networking/netlists/

Next by Date: RE: High connections...
Next by thread: RE: High connections...
Index(es):
- Date
- Thread