question about concurrent auth packet process.
Alan DeKok
aland at ox.org
Thu Dec 29 18:57:34 CET 2005
Liu dejun <dejun.liu at gmail.com> wrote:
> The queue size is too big !! if thread's queus is full of auth packet or
> acct packet , the thread is busy processing the packets,the packet will time
> out by the thread clean process,so 65536 is too big for thread queue size.
No.
"too big" is a function of how fast the machine is, what kind of
requests come in, and how many requests the machine can handle. If a
machine can handle 5000 requests/second, then the queue contains only
13 seconds of request processing, so the requests won't time out.
e.g. If a machine normally handles 1K requests/s, but is capable of
handling 5k requests/s, then a sudden "spike" of 10k requests/s will
cause the queue to fill up. So long as the spike is smaller than 10
seconds or so, there shouldn't be a problem.
In that case, it could be argued that a queue of 64k requests is too
small.
I have some trial patches in my sandbox that expire requests from
the queue if they've been there too long. This allows the server to
recover from huge spikes.
I have some other trial patches that create 3 queues: One for new
requests, one for proxy replies from home servers, and one for ongoing
EAP sessions. The queues have different levels of priority, and it's
preferable to drop new requests in order to finish processing previous
requests.
Alan DeKok.
More information about the Freeradius-Devel
mailing list