View previous topic :: View next topic
|
Author |
Message |
vasanthz
Global Moderator
Joined: 28 Aug 2007 Posts: 1742 Location: Tirupur, India
|
|
|
|
Hello,
I have come across few websites that run on the mainframe, I would like to know what happens when such a mainframe based website is DDoS attacked?
Does the mainframe utilization get maxxed and the utilization cost goes up crazy?
What are the safeguards available on mainframe to prevent a DDoS?
Thanks & Regards, |
|
Back to top |
|
|
Robert Sample
Global Moderator
Joined: 06 Jun 2008 Posts: 8696 Location: Dubuque, Iowa, USA
|
|
|
|
HTTP server can cause fairly high CPU utilization even without any DDoS attack. Specific answers to your questions would depend upon the site involved, but in general once HTTP server drives CPU utilization to 100% then the Workload Manager policy will dictate which address spaces (jobs, tasks, TSO users) get CPU time and how much they get. Any discretionary workload on the machine would get little (if any) CPU time and how much the HTTP server got would depend upon the policy. I'm not sure there are many safeguards specifically for DDos attacks on mainframes.
However, one point to remember is that Windows / Unix / Linux servers tend to bog down early (I've seen performance issues at times when these servers are running 20 to 40% CPU utilization) whereas z/OS systems can run fine at 100% CPU utilization for hours and days (I've seen month-end processing drive CPU utilization to 98% for 72 straight hours and 100% for over 24 hours) with no significant change in response time -- except for discretionary work, of course. |
|
Back to top |
|
|
vasanthz
Global Moderator
Joined: 28 Aug 2007 Posts: 1742 Location: Tirupur, India
|
|
|
|
Thanks for your thoughts on this Robert, I got your point that a DDoS would be similar to a program gone into an infinite loop and the discretionary workloads would take the hit.
Quote: |
HTTP server can cause fairly high CPU utilization even without any DDoS attack. |
Never knew this.
Regards, |
|
Back to top |
|
|
Robert Sample
Global Moderator
Joined: 06 Jun 2008 Posts: 8696 Location: Dubuque, Iowa, USA
|
|
|
|
From what I've seen, an idle HTTP server can run about 1% of the CPU; when active it is not unusual for 35 to 65% of the CPU time to be devoted to HTTP server. Hopefully, that's not for very much elapsed time and a lot depends upon how busy the server is, but using Mainview I've seen HTTP server run as much as 80% of CPU on our box (which, admittedly, is a very small box). |
|
Back to top |
|
|
Ed Goodman
Active Member
Joined: 08 Jun 2011 Posts: 556 Location: USA
|
|
|
|
Geez, 80% serving HTTP?? Is that getting the cost of the SQL and the encryption and Java services? Or is it JUST the assembly and sending of the HTML responses? |
|
Back to top |
|
|
Robert Sample
Global Moderator
Joined: 06 Jun 2008 Posts: 8696 Location: Dubuque, Iowa, USA
|
|
|
|
We don't use DB2, so no SQL. Java is installed, and we're not running encryption on our machine. Some of the requests do involve a lot of data since we have our manual repository under Unix System Services available via web browser. |
|
Back to top |
|
|
vasanthz
Global Moderator
Joined: 28 Aug 2007 Posts: 1742 Location: Tirupur, India
|
|
|
|
Quote: |
From what I've seen, an idle HTTP server can run about 1% of the CPU; when active it is not unusual for 35 to 65% of the CPU time to be devoted to HTTP server. |
It would be nice to see HTTP server utilization. But we don't collect 103 SMF type
I will try to see SMF type 30 to see how much the server consumes. |
|
Back to top |
|
|
vasanthz
Global Moderator
Joined: 28 Aug 2007 Posts: 1742 Location: Tirupur, India
|
|
|
|
Hello,
If anyone is still interested, the HTTP server at our place consumes 42 SU/sec when it is idle and not serving any requests, with Java and no encryption. |
|
Back to top |
|
|
|