Re: [lopsa-tech] The FPGA and the NFS mount: A tale of bursty writes [SEC=UNCLASSIFIED]

2010-09-26 Thread James R Grinter 
The "device reports dropped packets" - I'd ask the original poster - is it 
definitely a TCP based NFS mount? Are these dropped packets on the NIC 
stats, or reported at the RPC/NFS level?

If it's any useful comparison, a completely untuned CentOS 5.4 system that I 
have - with Broadcom Gbit NIC, can write nearly 60MB/sec over a 10 second 
period to a Sun 7110 NFS server (OpenSolaris based, FWIW) without a problem. 
(I just tested by dd'ing /dev/zero to a file with a 1MB block size. No jumbo 
frames involved.)

James.
___
Tech mailing list
Tech@lopsa.org
http://lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
 http://lopsa.org/

Re: [lopsa-tech] Disingenuous side-swipes

2010-09-26 Thread Brandon S Allbery KF8NH 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 9/26/10 22:58 , Edward Ned Harvey wrote:
> From: Brad Knowles [mailto:b...@shub-internet.org]
>> I didn't claim that FaceTime was there yet.  But if you want to
>> criticize a product or a service, you should actually take the time to
>> learn one iota or two about it, before you start bashing it.
> 
> Geez, between this and the wave comment, I don't know where this is coming
> from.  I'm not bashing anything.  Wave and facetime are both cool in their

Where this is coming from is the way you made your comments; both came
across as confrontational, i.e. as attacks.  If that's not what you
intended, you may want to reconsider how you make your points.

- -- 
brandon s. allbery [linux,solaris,freebsd,perl]  allb...@kf8nh.com
system administrator  [openafs,heimdal,too many hats]  allb...@ece.cmu.edu
electrical and computer engineering, carnegie mellon university  KF8NH
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.10 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkygCxUACgkQIn7hlCsL25XJxQCglhyWnZbXykTm1iCpshwvGFmE
x28An1f7Dbt0dltoJadMXhGEUrfDoa4a
=xFtA
-END PGP SIGNATURE-
___
Tech mailing list
Tech@lopsa.org
http://lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
 http://lopsa.org/

Re: [lopsa-tech] Disingenuous side-swipes

2010-09-26 Thread Edward Ned Harvey 
> From: Brad Knowles [mailto:b...@shub-internet.org]
> 
> I didn't claim that FaceTime was there yet.  But if you want to
> criticize a product or a service, you should actually take the time to
> learn one iota or two about it, before you start bashing it.

Geez, between this and the wave comment, I don't know where this is coming
from.  I'm not bashing anything.  Wave and facetime are both cool in their
own way...  er ... were both cool in their own way.  But wave was hyped as
an email killer, which was ridiculous, and facetime is not currently open or
standard, hence not useful except for apple.  And yes I read at least the
wikipedia page.  So please ... cool down.

___
Tech mailing list
Tech@lopsa.org
http://lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
 http://lopsa.org/

Re: [lopsa-tech] The FPGA and the NFS mount: A tale of bursty writes [SEC=UNCLASSIFIED]

2010-09-26 Thread Robinson, Greg 
UNCLASSIFIED

Hi all,

Coming in late to this conversation...

It seems to me, that data going in to the workstation is ok, to local
disk, but data going out, to a NFS share is the slow part.

Have you considered adding another NIC to the workstation, and making
that new one dedicated to receiving the data, and the primary one,
dedicated to deliverying the data to the NFS server, as well as
everything else network related.

This would eliminate potential contention issues on the wire, and
clearly point the finger to where the issue lies.
Others have suggested good points for the NFS server to consider...

Greg.

-Original Message-
From: tech-boun...@lopsa.org [mailto:tech-boun...@lopsa.org] On Behalf
Of Patrick Cable
Sent: Friday, 24 September 2010 11:18 AM
To: tech@lopsa.org
Subject: [lopsa-tech] The FPGA and the NFS mount: A tale of bursty
writes

I have a device that sends out information at 4.7 Megabytes a second.
I have a desktop that receives the data from this device that runs Red
Hat Enterprise Linux 5.5. They are on the same switch, a 24-port Juniper
EX2200.

When I write the data to the desktop on the local filesystem, there's no
dropped information. When I write the data to an NFS share, the device
reports dropped packets.

I have tried playing with the rsize/wsize NFS parameters (8192K seems to
be the best value), and values in
/proc/sys/net/core/{r,w}mem_{default,max} and increasing the NFS daemon
count, as suggested by
http://nfs.sourceforge.net/nfs-howto/ar01s05.html. Very similar results
across the board.

The NFS server also runs RHEL5.5. It's got 11 600gb 15k SAS drives in a
hardware RAID6 array. Running 'iftop' on the machine during the data
gathering operations, I'll see bursty traffic... that is to say,
workstation -> NFS server traffic will be in the high 40mb/sec rate,
then slow down, and once it slows down the device I refer to complains
of dropped information then it'll speed up again.

I find it hard to believe that a machine on the same (recent, gigabit)
switch can't write out 4.7MB/sec. Am I wrong?

Does anyone have any NFS or TCP tuning recommendations that may be a
little more up to date than the NFS howto that was last updated in 2006?
I'm really at a loss here.

Thank you, more than a lot, in advance..

- Pat
___
Tech mailing list
Tech@lopsa.org
http://lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/

IMPORTANT: This email remains the property of the Department of Defence
and is subject to the jurisdiction of section 70 of the Crimes Act 1914.
If you have received this email in error, you are requested to contact
the sender and delete the email.


___
Tech mailing list
Tech@lopsa.org
http://lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
 http://lopsa.org/

Re: [lopsa-tech] The FPGA and the NFS mount: A tale of bursty writes

2010-09-26 Thread Brandon S Allbery KF8NH 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 9/24/10 12:12 , Andrew Keen wrote:
>2. NFS over UDP probably won't help, and it has its own issues. See
>   WARNINGS under nfs(5)

The primary WARNING that needs to be in there on Linux is "Try FreeBSD
instead."  (I'd've suggested Solaris, but f*** you too, Horricle.)

- -- 
brandon s. allbery [linux,solaris,freebsd,perl]  allb...@kf8nh.com
system administrator  [openafs,heimdal,too many hats]  allb...@ece.cmu.edu
electrical and computer engineering, carnegie mellon university  KF8NH
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.10 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkyfvzYACgkQIn7hlCsL25Wy5gCeMPVuvnkUHaZyM6DfiY2+MfXe
PV8An0iGzd7DqE8mCfNkMJT4kSaNN9vd
=SQBQ
-END PGP SIGNATURE-
___
Tech mailing list
Tech@lopsa.org
http://lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
 http://lopsa.org/

Re: [lopsa-tech] Build Your Own Skype

2010-09-26 Thread Brandon S Allbery KF8NH 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 9/25/10 08:53 , Edward Ned Harvey wrote:
> If it's apple-only, you can only call it "the new standard" like google wave
> was the new standard to replace email.  It bombed because they weren't
> friendly with non-google email accounts.  In order to use wave, you could

...whaa?

Wave had plenty of issues, the biggest being that it was a solution looking
for a problem space; but tight integration with Gmail wasn't even on the
radar as an issue.  What exactly brought on this nonsensical diatribe?

- -- 
brandon s. allbery [linux,solaris,freebsd,perl]  allb...@kf8nh.com
system administrator  [openafs,heimdal,too many hats]  allb...@ece.cmu.edu
electrical and computer engineering, carnegie mellon university  KF8NH
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.10 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkyfvXUACgkQIn7hlCsL25WCJgCfThJYRlsBRLsPZnClcqotNtBv
8Z8AoIsZe5t6AWBohstoDpQbLgUvJ0vR
=eMdN
-END PGP SIGNATURE-
___
Tech mailing list
Tech@lopsa.org
http://lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
 http://lopsa.org/

Re: [lopsa-tech] Disingenuous side-swipes

2010-09-26 Thread Brad Knowles 
On Sep 26, 2010, at 9:13 AM, Edward Ned Harvey wrote:

> I'm not focusing on the pros/cons of wave.  I'm focusing on calling
> something a "new standard" which is not a standard because it's exclusive.
> If there's a product which is apple-only or google-only or MS-only, you
> can't call it a new standard, unless you want to qualify that, by calling it
> an "industry standard" or something like that, which imples it's not a
> standard so much as a near universal adoption by consumers.

Try actually taking a look at what is written at 
http://en.wikipedia.org/wiki/FaceTime

Yes, FaceTime is right now an Apple-only product.  Heck, it doesn't even 
interface with any other Apple products (like iChat).  However, that doesn't 
change the fact that it is composed primarily of existing standards, and that 
Apple is actively involved in taking the rest and making that a standard as 
well.  As in International standard.  As in Internet standard.

As in real-deal actual standards-based standard.


I didn't claim that FaceTime was there yet.  But if you want to criticize a 
product or a service, you should actually take the time to learn one iota or 
two about it, before you start bashing it.

--
Brad Knowles 
LinkedIn Profile: 


___
Tech mailing list
Tech@lopsa.org
http://lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
 http://lopsa.org/

Re: [lopsa-tech] Disingenuous side-swipes

2010-09-26 Thread Giovanni Tirloni 
On Sun, Sep 26, 2010 at 11:13 AM, Edward Ned Harvey wrote:

> > From: tech-boun...@lopsa.org [mailto:tech-boun...@lopsa.org] On Behalf
> > Of Phil Pennock
> >
> > On 2010-09-25 at 08:53 -0400, Edward Ned Harvey wrote:
> > > If it's apple-only, you can only call it "the new standard" like
> > google wave
> > > was the new standard to replace email.  It bombed because they
> > weren't
> > > friendly with non-google email accounts.  In order to use wave, you
> > could
> > > only sign in using your gmail account, and you could only communicate
> > with
> > > other gmail users.  Wanna talk to someone who isn't on gmail?  Too
> > bad.
> >
> > This is not only a mis-characterisation in part, it's also untrue.
> > [disclaimer: while employed by $G, I've never been involved with Wave
> >  other than as a user; this post, like all of my LOPSA posts, is
> > written
> >  in a strictly personal capacity]
>
> Most response snipped.  I'm replying to the message as a whole.
>
> I'm not slamming wave.  I'm saying:
>
> I'm not focusing on the pros/cons of wave.  I'm focusing on calling
> something a "new standard" which is not a standard because it's exclusive.
> If there's a product which is apple-only or google-only or MS-only, you
> can't call it a new standard, unless you want to qualify that, by calling
> it
> an "industry standard" or something like that, which imples it's not a
> standard so much as a near universal adoption by consumers.
>

While I totally agree with you, that is a lost battle. Companies are always
trying to bend reality and create hype about their products and "standards".
In the IT world we must see at least a new "standard" every week.


“The good thing about standards is that there are so many to choose from.” –
Dr. Tanenbaum


-- 
Giovanni Tirloni
gtirl...@sysdroid.com
___
Tech mailing list
Tech@lopsa.org
http://lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
 http://lopsa.org/

Re: [lopsa-tech] Disingenuous side-swipes

2010-09-26 Thread Edward Ned Harvey 
> From: tech-boun...@lopsa.org [mailto:tech-boun...@lopsa.org] On Behalf
> Of Phil Pennock
> 
> On 2010-09-25 at 08:53 -0400, Edward Ned Harvey wrote:
> > If it's apple-only, you can only call it "the new standard" like
> google wave
> > was the new standard to replace email.  It bombed because they
> weren't
> > friendly with non-google email accounts.  In order to use wave, you
> could
> > only sign in using your gmail account, and you could only communicate
> with
> > other gmail users.  Wanna talk to someone who isn't on gmail?  Too
> bad.
> 
> This is not only a mis-characterisation in part, it's also untrue.
> [disclaimer: while employed by $G, I've never been involved with Wave
>  other than as a user; this post, like all of my LOPSA posts, is
> written
>  in a strictly personal capacity]

Most response snipped.  I'm replying to the message as a whole.

I'm not slamming wave.  I'm saying:

I'm not focusing on the pros/cons of wave.  I'm focusing on calling
something a "new standard" which is not a standard because it's exclusive.
If there's a product which is apple-only or google-only or MS-only, you
can't call it a new standard, unless you want to qualify that, by calling it
an "industry standard" or something like that, which imples it's not a
standard so much as a near universal adoption by consumers.

___
Tech mailing list
Tech@lopsa.org
http://lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
 http://lopsa.org/

Re: [lopsa-tech] Is anyone using Imperva solutions?

2010-09-26 Thread david 
I've used their http product before and we are currently testing their 
database product (I haven't used the database product yet, but from what 
I hear the testing is going well)

the filtering products do a pretty good job, the weakness has been in the 
administration.

they have a learning algorithm to figure out what's 'normal' and then 
block anything it decides isn't. This part actually works fairly well.

for us the administration didn't scale (things like we host a couple 
thousand secure websites, each with separate certs and the only method for 
updating certs was a slow graphics-heavy web interface)

one problem it has is that there is no way to learn in a development/test 
environment and then move the learning to another control point.

another is that if you have different sites/servers with different 
combinations of applications useing them, it learns each combination 
separately (and and depending on what it learns, potentially differently)

David Lang


On Fri, 24 Sep 2010, Allan West wrote:

> Date: Fri, 24 Sep 2010 10:35:47 -0400
> From: Allan West 
> To: 'LOPSA Technical Discussions' 
> Subject: [lopsa-tech] Is anyone using Imperva solutions?
> 
> Does anyone use Imperva  solutions for database
> auditing or their data discovery tools? I'm getting sales calls, but I
> don't know enough about the product field to judge what they're saying
> or even who/what to compare them to.
> Thanks, Allan
> ___
> Tech mailing list
> Tech@lopsa.org
> http://lopsa.org/cgi-bin/mailman/listinfo/tech
> This list provided by the League of Professional System Administrators
> http://lopsa.org/
>
___
Tech mailing list
Tech@lopsa.org
http://lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
 http://lopsa.org/

[lopsa-tech] Disingenuous side-swipes

2010-09-26 Thread Phil Pennock 
On 2010-09-25 at 08:53 -0400, Edward Ned Harvey wrote:
> If it's apple-only, you can only call it "the new standard" like google wave
> was the new standard to replace email.  It bombed because they weren't
> friendly with non-google email accounts.  In order to use wave, you could
> only sign in using your gmail account, and you could only communicate with
> other gmail users.  Wanna talk to someone who isn't on gmail?  Too bad.

This is not only a mis-characterisation in part, it's also untrue.
[disclaimer: while employed by $G, I've never been involved with Wave
 other than as a user; this post, like all of my LOPSA posts, is written
 in a strictly personal capacity]

This is a germane sysadmin topic, as it concerns models of communication
and authentication (and product launches, etc).  So while I might have
bitten my tongue, I think this reply is appropriate for this audience.

Wave's only relationship to email is that it's federated and the
developers pushed a model of companies being able to choose between
installing their own servers or outsourcing to the cloud.  The standards
are openly published, http://www.waveprotocol.org/ and the code is
available and various people do run their own Wave servers, against
their own authentication providers.

Your assertion is like claiming that you can only exchange email with
people who have a gmail account, because you need a gmail account to
sign into gmail and gmail is one of the biggest providers.  The only
difference is that Google's hosted Wave was predominant and other
installs haven't taken off.

It was also always very clearly an alpha product, but people got so used
to permanent-beta of Google products that they assumed there was no
meaning to such qualifiers and first hyped it up, then slammed it when
it failed to live up to expectations.  Google's certainly in a tough
position when it comes to putting out *experiments* and having people
play and give feedback, instead of expecting final products.

Heck, even Google didn't claim to know what niche or killer role Wave
might have.  It was put out anyway, as cool technology and to see what
happened.

There are good things and bad things to say about Wave.  It's really
quite decent for taking meeting minutes, both during the meeting and
collecting feedback from people who missed the meeting but can
illuminate certain points.  Also for general discussion and early
sketching out of ideas where you want a more discussion-oriented model,
instead of a Wiki model.

But hey, Google opted to discontinue it.  Nice easy target to pick on.

-Phil
___
Tech mailing list
Tech@lopsa.org
http://lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
 http://lopsa.org/

Re: [lopsa-tech] The FPGA and the NFS mount: A tale of bursty writes

2010-09-26 Thread Phil Pennock 
On 2010-09-25 at 02:03 -0500, Brad Knowles wrote:
> Yup.  The mmap() system call on NFS is undefined, which means that Berkeley 
> DB, and any other software that uses mmap() cannot safely be used on NFS.  
> This is supposedly fixed in the latest versions of NFS, but I have yet to 
> have that claim actually demonstrated to me.

My recollection is that it's actually the flushing behaviour of writes
to mmap()d memory that is undefined and not flushable and so can't be
combined with locks, of any kind, for protecting access to data.  You
also can't predict order-of-writes, etc.

So mmap() works just fine, as long as you're very certain that only one
host is ever going to be accessing the file at any time.  So a single
dedicated host, with manual failover to a hot standby after taking down
the normal server, would work.

I'm not saying that I recommend this, but knowing the actual limitations
can make a difference when you're trying to duct-tape your way out of a
problem.

-Phil
___
Tech mailing list
Tech@lopsa.org
http://lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
 http://lopsa.org/