[Bloat] Need help with netperf.bufferbloat.net server

[Jonathan Foulkes]

Hi Rich,



Sure, here's what we did to protect our Netperf servers: Require a password to run netperf (it's a command line parameter on the client), and rotate the password regularly.



This means users will need to sign up for access, and get an email every time the password is rotated. That way you know who is using (or abusing) the services. If it is being abused, knock out the abuser from the list, and rotate the pwd.



Use different passwords for each server to have fine-grained access controls.


I hope that helps,


Jonathan Foulkes








---- On Sat, 30 Mar 2024 13:03:00 -0400 Rich Brown via Bloat <bloat at lists.bufferbloat.net> wrote ---



Hi folks,

This note was prompted by a question from the crusader github repo [1] where I wrote the following:

>> It seems to me that the server netperf.bufferbloat.net (also called netperf-east.bufferbloat.net) has been down for quite a while.
>
> Yes. I have been stymied by heavy abuse of the server. In addition to legitimate researchers or occasional users,
> I see people running a speed test every five minutes, 24x7.
>
> I created a bunch of scripts [2] to review the netperf server logs and use iptables to shut off people who abuse the server.
> Even with those scripts running, I have been unable to keep the traffic sent/received below the 4TB/month cap at my VPS.

Does anyone have thoughts about how to continue providing a netperf server at the name "netperf.bufferbloat.net" while not overwhelming any particular server? Many thanks.

Rich

[1] https://github.com/Zoxc/crusader/issues/14#issuecomment-2028273112
[2] https://github.com/richb-hanover/netperfclean
_______________________________________________
Bloat mailing list
mailto:Bloat at lists.bufferbloat.net
https://lists.bufferbloat.net/listinfo/bloat
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.bufferbloat.net/pipermail/bloat/attachments/20240330/7c218428/attachment.html>