ndt-users list created

[Mark Boolootian <>]

Hi Tom,

Gack - not sure how I missed this post...

> I'd be curious to hear if anyone else is seeing similar behavior - if
> you are, or discover that you are after reading this, I'd be interested
> in comparing notes.  If I work out what it is, of course I'll let y'all
> know as well.

Yes, we've been seeing it.  It looks like the start of the uptick 
happened the same month you sent your email, so I'm guessing what
we see is related:

  
http://newnoc.ucsc.edu/nrg/net/router/utilization/comm-g.ucsc.edu/comm-g.ucsc.edu-_nitro.cgi

I rummaged the log file and found that between Aug 17th and Sept 15th,
nitro had 1472 unique IP visitors.  Roughly 1200 of those visited ten
or fewer times.  228 visited more than 100 times, and two guys seem to
be using nitro all the time:

   65.198.174.82    2186
  207.246.107.130   1061

I'm getting ready to upgrade nitro and move to using the perfSONAR
distribution (though it will remain an NDT-only service running on
port 80).  I'll likely add some iptables restrictions for systems
that are abusing the service.

> Couple of ideas that fell out of looking at this problem that would make
> good feature enhancements:
> 
> - client detail/version reporting, sorta like user-agent reporting in a
> web server (to discern testing via applet, or cli client, as well as
> applet/client version)
> - logging some detail about client queuing, if not running in
> multi-client mode

I think a useful feature enhancement might be a hosts.allow type of feature
that allows you to deny access to NDT services by IP address.  That would
be far less consumptive of resources (one check per HTTP connection) than
the iptables approach (one check per packet).

mark
---
Mark Boolootian
UC Santa Cruz