Efficacy of SYN Policing

Next: Impact of Burst Size Up: Experimental Results Previous: Experimental Results

Efficacy of SYN Policing

In this section we show how TCP SYN policing protects a preferred client against flash crowds or high request rates from other clients. In our setup, one client replays a large e-tailer's trace file representing a preferred customer. For the competing load we use five machines running Webstone, each with 50 clients. All clients request an 8 KB file, which is reasonable since a typical HTTP transfer is between 5 and 13 KB [12].

**${\figurename}$ :** ${\dimen0=\fontdimen6\the\font \lineskip=1\dimen0 \advance\lineskip.5\fontdimen... ...iler's client when there was no SYN control and when SYN control was enforced.}}$
$\begin{figure} \begin{center} \epsfig {file=figures/new_rate_exp.eps, width=0.45\textwidth}\end{center}\end{figure}$

Without SYN policing, the e-tailer's client receives a low throughput of about 6 KB/sec. Using policing to lower the acceptance rate of Webstone clients, we expect the throughput for the e-tailer's client to increase. Figure 5 shows that the throughput for e-tailer's client increases from 100 KB/sec to 800 KB/sec as the acceptance rate for Webstone clients is lowered from 300 reqs/sec to 25 reqs/sec. The experiment demonstrates that a preferred client can be successfully protected by rate-controlling connection requests of other greedy clients.

TCP SYN policing works well when client identities and request patterns are known. In general, however, it is difficult to correctly identify a misbehaving group of clients. Moreover, as discussed below, it is hard to predict the rate control parameters that enable service differentiation for preferred clients without under-utilizing the server. For effective overload prevention the policing rate must be dynamically adapted to the resource consumption of accepted requests.

Next: Impact of Burst Size Up: Experimental Results Previous: Experimental Results

Renu Tewari
2001-05-01