erlang R17带来了新的socket选项{active,N} 。与{active,once}连同应用层提供的流量控制。为什么会这样选择,{active,once}不能够有效地抑制了很多socket消息做?
我们知道,,{active,once}一次设置active选项,才干继续接收erlang的消息通知。实际上。每次设定{active,once}都意味着调用一次epoll_ctl, 假设请求过于频繁,就会有大量的epoll_ctl调用。erlang眼下仅仅有一个线程会收割epoll_wait事件。epoll_wait要轮询已经就绪的ctl队列。假设大量的ctl事件将会堵塞了epoll_wait的操作,造成网络处理能力的下降。
那么。我们能不能设定接收N个的socket消息后再运行一次epoll_ctl。这样能够有效降低epoll_ctl的调用。{active,N}就是这样出现的。
以下来看一下{active,N}的说明
Add the {active,N} socket option for TCP, UDP, and SCTP,where N is an integer in the range -32768..32767, to allow a caller to specify the number of data messages to be delivered to the controlling process. Once the
socket's delivered message count either reaches 0 or is explicitly set to 0 with inet:setopts/2 or by including {active,0} as an option when the socket is created, the socket transitions to passive({active, false}) mode and the socket's controlling process receives
a message to inform it of the transition. TCP sockets receive {tcp_passive,Socket}, UDP sockets receive {udp_passive,Socket} and SCTP sockets receive {sctp_passive,Socket}.
The socket's delivered message counter defaults to 0, but it can be set using {active,N} via any gen_tcp, gen_udp, or gen_sctp function that takes socket options as arguments, or via inet:setopts/2. New N values are added to the socket's current counter value,
and negative numbers can be used to reduce the counter value. Specifying a number that would cause the socket's counter value to go above 32767 causes an einval error. If a negative number is specified such that the counter value would become negative, the
socket's counter value is set to 0 and the socket transitions to passive mode. If the counter value is already 0 and inet:setopts(Socket, [{active,0}]) is specified, the counter value remains at 0 but the appropriate passive mode transition message is generated
for the socket.
设定了{active,N}选项后,进程在接收了N个包后,会收到{tcp_passive, Socket}消息,意味着这个Socket进入被动模式,须要又一次设置active选项。
接下来。在实际的样例中測试这个參数:
-module(server). -export([start/0]). -export([continue/1]). -define( PORT, 8888). start() -> {ok, LSock} = gen_tcp:listen(?PORT, [binary, {packet, 0},{active, false}]), io:format("socket listen: ~p on ~p ~n",[LSock, ?编译启动这个模块后。我们创建一个client来请求这个服务端:PORT]), accept(LSock). accept(LSock) -> {ok, ASock} = gen_tcp:accept(LSock), Pid = spawn(fun() -> do_loop(ASock) end), gen_tcp:controlling_process(ASock, Pid), inet:setopts(ASock, [{active, 3}]), accept(LSock). do_loop(ASock) -> receive {tcp, Socket, Data} -> io:format("socket ~p recv: ~p ~n",[Socket, Data]); {tcp_closed, Socket} -> io:format("socket ~p close ~n",[Socket]); {tcp_passive,Socket} -> io:format("socket ~p is passive, please call continue/1 ~p ~n",[Socket, self()]); release_passive -> inet:setopts(ASock, [{active, 3}]); Err -> io:format("socket may error: ~p ~n",[Err]) end, do_loop(ASock). continue(Pid) -> Pid ! release_passive, ok.
1> f(S), {ok,S} = gen_tcp:connect({127,0,0,1},8888,[{packet,0}]). {ok,#Port<0.526>} 2> gen_tcp:send(S,<<"hello">>). ok 3> gen_tcp:send(S,<<"hello">>). ok 4> gen_tcp:send(S,<<"hello">>). ok 5> gen_tcp:send(S,<<"hello">>). ok服务端控制台打印了这种信息:
D: mp>erl -s server socket listen: #Port<0.422> on 8888 Eshell V6.0 (abort with ^G) 1> socket #Port<0.479> recv: <<"hello">> 1> socket #Port<0.479> recv: <<"hello">> 1> socket #Port<0.479> recv: <<"hello">> 1> socket #Port<0.479> is passive, please call continue/1 <0.33.0> 1> server:continue(pid(0,33,0)). socket #Port<0.479> recv: <<"hello">> ok 2>在上面的样例中,我们设定了{active,3}的选项,在接收到client3次数据后,socket进入了passive状态,在又一次设置{active,N}后继续接收tcp消息。
那么,怎样在实际项目中运用{active,N}选项?
inet:setopts(Socket, [{active, 300}]), erlang:send_after(30 * 1000, self(), release_passive);大概思路是,在30秒内最多接收300个包。超过就不接收,等待这30秒完毕后继续接收。如此重复。
利用这点还能够加多一个计数器,假设超过10次进入passive状态,说明这个Socket存在问题,有攻击的行为。
參考:
http://blog.csdn.net/mycwq/article/details/24814843
http://www.erlang.org/download/otp_src_17.0.readme
http://blog.yufeng.info/archives/2970