tags:

views:

231

answers:

2
+2  Q: 

Figuring out the required MaxReceivedMessageSize in WCF with NetTcpBinding

I'm using NetTcpBinding in WCF and i want to send a Stream which does not exceed the size of 1 MB. I have set the MaxReceivedMessageSize to a really high number and that works fine of course.

But I am curious:

Does setting the MaxReceivedMessageSize to a very hight number have any (negative) impact or would it be useful to set it just above the size I actually want to send/receive?

What kind of overhead can I expect when using the NetTcpBinding to transfer a stream? Meaning: when I send a stream of 1 MB, how large does my MaxReceivedMessageSize has to be?

+1  A: 

Setting MaxReceivedMessageSize allows you to tune your endpoint to reject oversized messages. This may be of particular interest when that endpoint is exposed to the public, which as we know, has it's fair share of dumb and malicious users.

Generally, if you know the max message size, you should work with that.

Some people may differ, but in my mind 1Mb = 1048576 bytes (1024*1024). I would also add a buffer for incidentals such as the message envelope. So 1048576 + 1024 = 1049600 would seem like a reasonable size for an expected 1Mb message.

Sky Sanders  2010-03-23 15:50:54
Where do you have the "+ 1024 for message envelope" number from? Or is that just an assumption?
Flo  2010-03-24 12:42:39
@Flo - Just a guess, the overhead is going to vary from one situation to another. You can intercept the request and measure it if you are concerned. Heck, to be safe, add 8*1024 for overhead. ;-)
Sky Sanders  2010-03-24 13:08:15
@Sky - Thanks for you help.
Flo  2010-03-25 09:45:07
@Flo, pleasure.
Sky Sanders  2010-03-25 15:03:17
+2  A: 

If you want to send a file of 1 MB in size to the server, the maxReceivedMessageSize on the server must be at least 1 MB (whether you calculate that as 1 million bytes, or 10 to the power of 20 = 1'048'576).

The reason WCF keeps those values really low by default is to protect your server from a denial of service attack. If you do allow up to 1 MB or 2 MB of maxReceivedMessageSize on your server, an attacker could try to flood your server with a string of requests all maxing out that size, and thus cause your server to run out of memory eventually.

WCF has a number of safeguards in place, things like limiting the number of max concurrent connections etc., which all come into play in such a scenario. So upping that limit is opening the barn door just a little bit to the bad guys - if you're safely located behind a corporate firewall, that might not be a problem, really. If your server is out in the cold, hard winds of the internet, it might be a risk you're running.

marc_s  2010-03-23 15:59:05

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?