Server hog explained

Server (or resource) hogging is where a user, program or system places excessive load on a server. "Hogging" aims to significantly degrade performance experienced for clients so that the server & resources itself are so heavily loaded that it fails to perform routine functions.

History

In the early years of time-sharing computer systems in the 1960s it was common for a single institutional mainframe to control many interactive terminals. In such an environment server lag is acutely perceived. Furthermore, in many operating environments, scarce server resources such as CPU-seconds were often metered and charged against the account of the user running the program. An unintentional server hog could prove extremely costly in financial terms. These programs were often called run-away programs or endless loops.

Resource contention

Server performance has many dimensions. Any subsystem that becomes excessively loaded can compromise the performance of other clients contending for that subsystem. Common forms of hardware contention include CPU cycles, interrupt latency, I/O bandwidth, available system memory, or aggregate system memory bandwidth. At the software level, contention can arise for buffers, queues, spools, or page tables.

Known hogs

It is an accepted practice that servers are appropriately sized by system administrators for the workload (or mixture of workloads) expected, and server performance is closely monitored to establish performance baselines. The server load might include well known server hogs, such as system backup. These tasks are generally scheduled for time periods of light demand, such as in the very early hours on a Sunday morning, with an accepted administrative policy to discourage or prohibit other demands on the server during those time periods.

Unexpected hogs

More often, the term server hog is used to designate an unusual load condition where the server performance falls short of the culturally accepted baseline. A common scenario in the early years of computing was an overload condition known as thrashing where the aggregate server performance becomes severely degraded, such as when two departments of a large company attempt to run a heavy report concurrently on the same mainframe. In such a situation, the designation of the server hog becomes a political matter of pointing fingers, as the termination of either long-running report would restore the server to normal performance.

Internet era

In the internet era, the nature of server loads greatly changed, as the clients became increasingly dispersed geographically, and often increasingly anonymous, as for example, any member of the public with internet access can request a web server in any part of the world to deliver a web page. In this context, a server hog most commonly designates a malicious server hog—a program written expressly for the purpose of overloading a remote server with excessive requests or excessively difficult requests (such as complex search). Use of a deliberate server hog is known as a denial-of-service attack, a behaviour exhibited by many viruses, worms and trojan horses. It is also possible for a petulant or vindictive computer user to manually overload a remote server by unleashing a crap flood.

Bots

A special case is that of a run-away bot, a program that was designed to be helpful by automating a drudgerous task, but due to poor programming or poorly understood circumstances, goes out of control and hammers a server unceasingly at a high rate. A common case is a web spider which accesses too many pages on a web server too quickly at the expense of the server's intended audience.