Abstract: It is becoming essential to protect Web servers against overload by providing admission control. This paper presents the design that performs admission control based on TCP header, and implements it in the Linux OS. There are six 1-bit flags in TCP header. The packets with flags, such as ACK packets, are more important than the application request packets. The experiments demonstrate its effectiveness, and show that the approach is efficient during overload.

Key words: Admission control, TCP flags, Overload

摘要： 在过载条件下，Web服务器的响应时间会增加，吞吐率会降低，有必要采用接入控制。通过对TCP传输机制和Linux内核实现过程的分析，该文提出了接入控制保护机制，描述了它的设计和实现。通过实验，表明它能够有效地降低服务器过载带来的影响。

关键词: 接入控制, TCP标识, 过载

CLC Number: 

• TP393