views:

61

answers:

1

The only time we notice this value appears to be when the service crashes because the value is too low. The quick way to fix this is to set it to some very large number. Then no problem.

What I was wondering about is are there any negative consiquences to setting this value high?

I can see that it can potentially give some protection from a denial of service attack, but does it have any other function?

+2  A: 

It helps limit the strain on your WCF server. If you allow 1'000 connections, and each connection is allowed to send you 1 MB of data - you potentially need 1 GB of RAM in your server - or a lot of swapping / trashing might occur.

The limit on the message size (and the limit on the concurrent connections / calls) helps keep that RAM usage (and also CPU usage) to a manageable level.

It also allows you to scale, depending on your server. If you have a one-core CPU and 4 GB or RAM, you probably won't be able to handle quite as much traffic as if you have a 16-way CPU and 32 GB of RAM or more. With the various settings, including the MaxReceivedMessageSize, you can tweak your WCF environment to the capabilities of your underlying hardware.

And of course, as you already mention: many settings in WCF are kept OFF or set to a low value specifically to thwart malicious users from flooding your server with DoS attacks and shutting it down.

marc_s
Thanks for your answer. Just to make sure that I have understood it. In your example if you allow 1MB and a connections sends a message of 10kB. Will 1MB of memory be allocated on the server, or will it just use the 10Kb.
Shiraz Bhaiji
From all I know, if the service call needs 10kb, it will allocate 10kb - not more. The 1 MB limit is just that - an upper limit. If the service call requests more than 1 MB, it'll be turned down. But WCF will not just simply allocate 1 MB without really needing it.
marc_s