Results 1 to 4 of 4
Enjoy an ad free experience by logging in. Not a member yet? Register.
Strange flood of connections to mysql server
These connections are from the expected IP (our firewall) and all for "unauthenticated user" and they remain in the login state for several minutes at least.
We have two apache web servers on different physical machines throwing connections at the server. They are configured such that even if they throw their maximum number at the DB it shouldn't be overwhelmed.
There is nothing to indicate this activity in the database or web server logs.
We are having occasional issues with our ad servers taking a very long time to respond so we have identified a couple of possibilities:
1. Ad taking a long time so everyone pressing F5 several times
2. D.o.S. attack
Has anyone encountered this before and if so, how did you fix it?
Thanks for any insights
* For here at least
I'd first want to check the firewall logs for the actual sources of the connections and whether there's a pattern. If it's a 'bot attack, it may be difficult to discern from the reload possibility, but that's where I'd start.
It appears to be a DNS or more specifically a reverse DNS issue where one of the threads is locking and then none of the others can progress. The solution appears to be to reconfigure things to user@ip instead of user@host or user@% and then restart the service with lookups turned off by using --skip-name-resolve
We added a entry to the hosts file for the firewall and it seems to have sorted it out.