ab的原理是？能否造成DoS攻击？

一般做压力测试要内网环境，就是访问的瓶颈不应该在网络状况而应该在应用本身。
所以ab去做dos话意义不大，你就那么点带宽嘛

而且nginx里面稍微设置一下就可以拒绝同一个IP地址对同一个url的并发请求

在实现技术上，它是使用APR(Apache portable Run-time libraries)来进行异步网络收发。
参数-c 控制并发连接数，每个连接可以简单认为就是一个GET，对于回复2xx的请求表示成功。使用keep-alive的会保持连接否则重连~
主要就这些了。

DoS... 你D你的虚拟机或许行。

@ywencn
@xst

谢谢，懂鸟！

可以看一下ab.c的源代码：
http://svn.apache.org/repos/asf/httpd/httpd/trunk/support/ab.c

重点是static void test(void)函数的实现，其中这几句是关键：

for (i = 0; i < concurrency; i++) {
con[i].socknum = i;
start_connect(&con[i]);
}

do {
apr_int32_t n;
const apr_pollfd_t *pollresults, *pollfd;

n = concurrency;
do {
status = apr_pollset_poll(readbits, aprtimeout, &n, &pollresults);
} while (APR_STATUS_IS_EINTR(status));
if (status != APR_SUCCESS)
apr_err("apr_pollset_poll", status);

for (i = 0, pollfd = pollresults; i < n; i++, pollfd++) {
struct connection *c;

c = pollfd->client_data;

/*
* If the connection isn't connected how can we check it?
*/
if (c->state == STATE_UNCONNECTED)
continue;

rtnev = pollfd->rtnevents;

#ifdef USE_SSL
if (c->state == STATE_CONNECTED && c->ssl && SSL_in_init(c->ssl)) {
ssl_proceed_handshake(c);
continue;
}
#endif

/*
* Notes: APR_POLLHUP is set after FIN is received on some
* systems, so treat that like APR_POLLIN so that we try to read
* again.
*
* Some systems return APR_POLLERR with APR_POLLHUP. We need to
* call read_connection() for APR_POLLHUP, so check for
* APR_POLLHUP first so that a closed connection isn't treated
* like an I/O error. If it is, we never figure out that the
* connection is done and we loop here endlessly calling
* apr_poll().
*/
if ((rtnev & APR_POLLIN) || (rtnev & APR_POLLPRI) || (rtnev & APR_POLLHUP))
read_connection(c);
if ((rtnev & APR_POLLERR) || (rtnev & APR_POLLNVAL)) {
bad++;
err_except++;
/* avoid apr_poll/EINPROGRESS loop on HP-UX, let recv discover ECONNREFUSED */
if (c->state == STATE_CONNECTING) {
read_connection(c);
}
else {
start_connect(c);
}
continue;
}
if (rtnev & APR_POLLOUT) {
if (c->state == STATE_CONNECTING) {
rv = apr_socket_connect(c->aprsock, destsa);
if (rv != APR_SUCCESS) {
set_conn_state(c, STATE_UNCONNECTED);
apr_socket_close(c->aprsock);
err_conn++;
if (bad++ > 10) {
fprintf(stderr,
"\nTest aborted after 10 failures\n\n");
apr_err("apr_socket_connect()", rv);
}
start_connect(c);
continue;
}
else {
set_conn_state(c, STATE_CONNECTED);
#ifdef USE_SSL
if (c->ssl)
ssl_proceed_handshake(c);
else
#endif
write_request(c);
}
}
else {
write_request(c);
}
}
}
} while (lasttime < stoptime && done < requests);

也就是说：
ab在执行时会先“同时”建立-c条TCP连接，然后这-c条连接一直发送请求，在响应时间大于等于-t的超时时间或者所有的-n条请求数已经被发送完毕时，停止发送。

webbench可以造成ddos。。我d过几个站，被d站出站流量瞬间1g。