[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Protecting a slapd Server from Excessive Client Queries

To: openldap-software@OpenLDAP.org
Subject: Re: Protecting a slapd Server from Excessive Client Queries
From: Michael Ströder <michael@stroeder.com>
Date: Thu, 09 Feb 2006 18:14:21 +0100
In-reply-to: <44436.10.0.14.46.1139435640.squirrel@mail.ivytech.edu>
References: <32BA9E46B8BE584A8EEA3D355C00B6339170D3@emss09m08.us.lmco.com> <43EA5C80.6030900@symas.com> <44436.10.0.14.46.1139435640.squirrel@mail.ivytech.edu>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050920

John Madden wrote:
>>As Kurt already mentioned, nothing else comes to mind.
> 
> How 'bout you go outside of OpenLDAP and look at the network level?  Why not
> restrict access by shaping down this client's traffic so much it can't make so
> many requests?

Or how about deploying separate replicas?

1. Some replicas for limited anon LDAP access and potentially
misbehaving clients.
2. And the important and thoroughly tested clients should be authorized
to access protected replicas of higher service-level.

Ciao, Michael.

References:
- Protecting a slapd Server from Excessive Client Queries
  - From: "Ramseyer, Ken" <ken.ramseyer@lmco.com>
- Re: Protecting a slapd Server from Excessive Client Queries
  - From: Howard Chu <hyc@symas.com>
- Re: Protecting a slapd Server from Excessive Client Queries
  - From: "John Madden" <jmadden@ivytech.edu>

Prev by Date: Re: Protecting a slapd Server from Excessive Client Queries
Next by Date: Re: 2.3.19 and memory usage
Index(es):
- Chronological
- Thread