On Sep 30, 2011, at 4:31 PM, Doug Barton wrote: > o, this is a bit of an odd one .... I've got a web server running > apache 2.2.17 and php 5.3.5. The host itself is running 7.3-RELEASE, > i386, and is not busy. I can do DNS queries on the command line all day > long and they are very snappy. Using nslookup, dig, whatever.
Are you using prefork or worker/threaded MPM with Apache? While some PHP modules claim to be threadsafe, experience has left me convinced that neither threaded PHP nor threaded mod_perl is reliable under even minimal load. If you haven't tried using prefork MPM, consider using it, and maybe add fastcgi if you need to. > The weirdness comes in when the httpd process needs to do a DNS lookup. [ ... ] > I'm open to suggestions on where to look to improve this situation. One of the major problems with doing any DNS lookups in Apache is that you can easily encounter a DoS as all of the child processes try to resolve addresses; a malware scan coming from an IP with broken reverse DNS can cause things to grind to a halt for a few seconds. If at all possible, do not perform any DNS resolution in Apache, either for Allow/Deny rules in Location blocks, or for log processing. Regards, -- -Chuck _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
