[rabbitmq-discuss] OOM kill
dmitry.andrianov at alertme.com
Sat Mar 8 14:54:08 GMT 2014
Well, creation of exchanges and queues we can at least control with some auth plugin so we can try protecting from these types of DOS. However with connections there seem to be no way to solve it. If no ulimit is used - we are susceptible to that OOM DOS. And if we set ulimit, it is still possible to DOS us - Rabbit won't die but won't accept connections from consumers either.
I will look into limiting connections by the means if OS or Amazon ELB but it feels like that kind of DOS protection should be part of Rabbit itself.
> On 8 Mar 2014, at 13:04, Matthias Radestock <matthias at rabbitmq.com> wrote:
>> On 08/03/14 12:18, Dmitry Andrianov wrote:
>> But that means that is possible to DOS any internet facing Rabbit...
> It is one of *several* ways to DOS a rabbit. Creating lots of exchanges/bindings/queues is another one, for example.
>> Are there any mechanisms in RabbitMQ to listen on two ports or
>> network addresses at the same time
> Yes. See tcp_listeners in https://www.rabbitmq.com/configure.html#config-items.
>> while being able to set independent connection limits on these?
> No, but firewalls should be able to do that.
> rabbitmq-discuss mailing list
> rabbitmq-discuss at lists.rabbitmq.com
This email is for the use of the intended recipient(s) only.
If you have received this email in error, please notify the sender immediately and then delete it.
If you are not the intended recipient, you must not use, disclose or distribute this email without the
author's prior permission. AlertMe.com Ltd. is not responsible for any personal views expressed
in this message or any attachments that are those of the individual sender.
AlertMe.com Ltd, 30 Station Road, Cambridge, CB1 2RE, UK.
Registered in England, Company number 578 2908, VAT registration number GB 895 9914 42.
More information about the rabbitmq-discuss