| From: | ncm(at)zembu(dot)com (Nathan Myers) |
|---|---|
| To: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Doing authentication in backend |
| Date: | 2001-06-15 23:51:36 |
| Message-ID: | 20010615165136.F18121@store.zembu.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Thu, Jun 14, 2001 at 01:42:26PM -0400, Tom Lane wrote:
> Also note that we could easily fix things so that the max-number-of-
> backends limit is not checked until we have passed the authentication
> procedure. A PM child that's still busy authenticating doesn't have
> to count.
And impose a very short timeout on authentication.
> Another problem with the present setup is total cost of servicing each
> connection request. We've seen several complaints about connection-
> refused problems under heavy load, occurring because the single
> postmaster process simply can't service the requests quickly enough to
> keep its accept() queue from overflowing.
This last could also be addressed (along with Solaris's Unix Sockets
problem!) by changing the second argument to listen(2) from the current
SOMAXCONN -- which is 5 in Solaris 2.7 -- to 127. See the six-page
discussion in Stevens UNPv1 beginning at page 93.
This is not to say we shouldn't fork before authentication, for
the above and other reasons, but the fix to listen(2)'s argument
should happen anyway.
Nathan Myers
ncm(at)zembu(dot)com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Hiroshi Inoue | 2001-06-16 01:05:38 | RE: Update on Access 97 and = NULL |
| Previous Message | Joe Conway | 2001-06-15 23:44:23 | Re: Encrypting pg_shadow passwords |