nginx and Apache killer

Venky Shankar yknev.shankar at gmail.com
Sun Aug 28 16:48:59 UTC 2011


>
> Not really.  The problem in Apache is not "not merging", but O(N^2)
> memory consumption while handling Range requests, where N - number
> of ranges requested.
>

Sure, but it hits even badly when it does not check overlapping/same range
request. I guess nginx would send back 416 when it
encounters overlapping ranges (?) and the patch from Igor takes care of
exceeding content length case.


>
> See here for more information:
>
> http://permalink.gmane.org/gmane.comp.apache.devel/45196
> http://permalink.gmane.org/gmane.comp.apache.devel/45290
>
> With nginx you are safe: there is no O(N^2) memory consumption.
> Additionally, it won't do any actual data processing with HEAD
> requests as used in attacking script in question.
>

But GET involves data processing. But as you said since there is no O(N*2)
[or the like] memory consumption with nginx, even GET requests are safe.


>
> Maxim Dounin
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>

Thanks,
-Venky
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20110828/5a000d8b/attachment.html>


More information about the nginx mailing list