Date: Sun, 30 Nov 1997 20:56:44 -0800 From: David Greenman <dg@root.com> To: Steve Price <sprice@hiwaay.net> Cc: chat@FreeBSD.ORG Subject: Re: ftp server on ftp.cdrom.com Message-ID: <199712010456.UAA00927@implode.root.com> In-Reply-To: Your message of "Sun, 30 Nov 1997 20:35:06 CST." <3482225A.33590565@hiwaay.net>
next in thread | previous in thread | raw e-mail | index | archive | help
>steve[~]$ ftp ftp.cdrom.com
>Connected to wcarchive.cdrom.com.
>220 wcarchive.cdrom.com FTP server (Version DG-2.0.7 Wed Oct 22 02:30:03
>PDT 1997) ready.
>Name (ftp.cdrom.com:steve): anonymous
>530-Sorry, the current limit of 2750 users has been reached.
>530-Please try again in a few minutes.
>...
>
>DG-2.0.7, whose ftp server is that? A David Greenman special? :)
Yes, written specially for wcarchive (and not released to the public, so
please don't ask).
>I wanted to know how the limit on the number of anonymous users
>was set. I was looking into PR #5109 and not wanting to re-invent
>the wheel and not yet understanding the login class functions, I
>thought this might provide some incite into how such a limit can
>be imposed in our own ftpd.
I implemented the limit using (believe it or not) system V shared memory.
The login class idea from wu-ftpd is escentially the same, but the
implementation in wu-ftpd doesn't scale and is very slow. Why is it slow?
Wu-ftpd maintains a file of all of the process IDs for a given class and
since this might become stale if an ftpd process should terminate unusually
or if the system crashes, it verifies each of the entries by doing a
kill(pid, 0) on them. On a machine like wcarchive, this means thousands of
kill()'s every time the limit for a class needs to be checked, which is at
least once for the login, and perhaps again if the current number is output
in the welcome message. Looking for a better way, I noticed one day that
system V shared memory keeps a count on the number of processes that have a
segment mapped, and further, the attach count is available via shmctl(). Aha.
So, I map ("attach") the appropriate shared memory segment into the process
(there is one per ftp login class). If the process exits for any reason,
normal or abnormal, the system unmaps the shared memory segment and thus
always keeps the attach count accurate. This provides a very low overhead
way of tracking the current number of users in each class without the need
of all of the PID files and verification.
Does this make sense? I suppose it can all be quite confusing if you
don't know what an "ftp login class" is. Probably best to read the wu-ftp
documentation for that. :-)
-DG
David Greenman
Core-team/Principal Architect, The FreeBSD Project
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199712010456.UAA00927>