The sys admin's daily grind: Siege

Siege Warfare

© chrisharvey, Fotolia

© chrisharvey, Fotolia

Article from Issue 98/2009

The siege of Troy is said to have taken 10 years, ending only after Odysseus introduced a wooden horse into the mix. Charly is planning a siege, too, and the target is his own web server. Of course, he doesn't have 10 years to complete the task, and Odysseus isn't on his team.

When contemplating my Apache server, I'm reminded of the mythical sea creature Scylla, which wiped out no fewer than six of Odysseus's men on his way home from Troy. My server's Worker MPM can devour multiple requests in one fell swoop. But where's the limit? How many threads do I need to configure to achieve maximum performance? And how many threads are just overkill?

Stress Test

With the use of the attack tool Siege [1], I will try to answer these questions with a stress test. Siege supports two modes of attack. The first simulates human web-surfing behavior, which explains the gaps of three seconds between individual access instances.

In the second mode, benchmark mode, these gaps are dropped and Siege incessantly throws requests at the server. To make the server sweat, Siege fields a configurable army of users – 10 by default, but you can use the following parameter to increase the size of the virtual vanguard until either the web server cries mercy or the attackers run out of system resources:


Which Way to Troy?

How does Siege know which server to attack? Again, there are two options. The parameter


lets you enter a URL that Siege will reload repeatedly. The option


is more interesting in that I can add an arbitrarily long list of links to the file and Siege will attack them one after another. The --reps=<number> parameter lets me specify how many times Siege should repeat the stress test.

Also, I can set --internet to tell Siege not to request the pages in the order specified in the URL file, but to use a random order instead, which is far more realistic.

Battle Over

To prevent the test going on indefinitely, it makes sense to set the --time= parameter to limit the test run time.

The attack stops at the end of this time, even if the loops configured via the --reps= parameter have not been completed.

After finishing its task, Siege shows a summary of the results (see Figure 1).

Figure 1: After the battle with the web server, Siege shows the results.

The Author

Charly Kühnast is a Unix operating system administrator at the Data Center in Moers, Germany. His tasks include firewall and DMZ security and availability. He divides his leisure time into hot, wet, and eastern sectors, where he enjoys cooking, fresh water aquariums, and learning Japanese, respectively.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • The sys admin's daily grind: Tsung

    How many users can the database take? When does a CMS throw in the towel? In order to explore performance limits, Charly Kühnast uses the Tsung load generator instead of human users as beta testers.

  • The sys admin's daily grind: DNSDiag

    If some transactions take an inexplicably long time, you don't have to blame yourself for the delayed transmission of user data. Name resolution issues might be to blame. Sys admin Charly has three tools to study the DNS server.

  • Charly's Column: SSLScan

    If, like our author Charly, you manage SSL-secured servers, read on to discover a tool that you will definitely appreciate. It checks whether the complete security setup is up to date.

  • Charly's Column

    Network monitors are a dime a dozen, but Nload, which separates incoming and outgoing traffic and draws graphs on the console without X, is unique.

  • Charly's Column

    Parallel SSH is the name of an easy-to-configure tool that our resident sys admin, Charly, now routinely deploys whenever he needs to launch the same programs, copy the same files, or kill the same processes simultaneously on multiple computers.

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More