Problems with QS_SrvMinDataRate in combination with QS_Block

Quality of service module for Apache httpd

Brought to you by: pbuchbinder

Problems with QS_SrvMinDataRate in combination with QS_Block

Forum: Open Discussion

Creator: Simon Studer

Created: 2020-10-14

Updated: 2020-10-20

Simon Studer - 2020-10-14

We have seen problem when using QS_SrvMinDataRate in combination with QS_Block as suggested here: http://mod-qos.sourceforge.net/dos.html#repeat-offender. This is blocking a lot of legitimate traffic.

We see lots of entries like the following where mod_qos says no traffic is sent at all from sources we know to be legitimate.

[2020-10-10 11:19:34.568152] [qos:error] - - mod_qos(034): log only (allowed), QS_SrvMinDataRate rule (in:0): min=772, this connection=0, c=123.456.789.012

Our assumtion is that this is due to browser optimizing loadtimes by preemtively opening connections without ever using them.

If this is the case, the directive QS_SrvMinDataRate is acting as it is supposed to but using it in combination with QS_Block becomes impractical.

Has anyone else experienced this?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Pascal Buchbinder - 2020-10-15

Indeed, speculative TCP pre-connections are a problem. That's why you should configure QS_SrvMinDataRate to become active when the server as very few free connections only.
It might also help to increase QS_SrvSampleRate (to let browsers close the unnused connection before mod_qos closes them).

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Simon Studer - 2020-10-20

Thanks for the feedback.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.