Hi Michel,
Michel Santos wrote:
Tek Bahadur Limbu disse na ultima mensagem:
what size is your link?
For each proxy, the link is burstable upto to 15 mbps. But they are
grouped together in different groups. We have 6 groups. Each group has
bandwidth ranging from 5 mbps to 20 mbps. However since our link comes via
satellite, the proxies starts building a large number of mbufs especially
when our uplink gets saturated. Since it's a satellite link, bandwidth is
never enough no matter how big we are subscribing. We still have some time
to go (maybe months, or years) before we get it from a fiber link.
Sure this is not related to your crash and to your link either but
somaxconn is the queue size of pending connections and not the number of
connections and you are probably setting this far too high. somaxconn as
1024 or max 2048 would be more reasonable and nmbcluster I would not set
higher than 128 or 256k
if you eat that up you have other troubles and increasing this values
does
not solve them I guess
Well I am using nmbcluster = 256000 on some of my FreeBSD-6.2 machines
because they don't support setting the nmbcluster to 0. Well let me try
setting somaxconn to 2048.
I like to suggest again starting a clean system like said in a former msg
and observe and then check value for value instead of mixing it all up at
once
Well that will not be possible right now or at one go. Just because 1 or
2 of my busiest proxy servers are feeling the heat or running short of
memory causing it to restart, I just can't revamp the whole proxy setup
comprising the browsing and caching system. Too many users are connected
to them and will be affected. However, I will definitely try it out one
at a time in a span of a few months.
Also, it is not really causing much of a problem. I mean nobody has
noticed it except me. Even I myself hardly notice it unless I glance at
the graphs. I will just try to adjust the best possible values and
sysctl tunables or just compile the kernel.
I think the best solution right now is to upgrade the memory of the
proxy servers.
- From my observation in recent months, the mbufs value has not crossed
120K. I will probably use 128K or 256K. I read an article regarding
setting somaxconn=32768 to help stop SYN flooding.
http://silverwraith.com/papers/freebsd-ddos.php
who am i to understand miracles? without saying any else I suggest you
compare the man page or tuning what describes somaxconn and what the
author claims it is and figure out about the other statements ...
Well I was just saying that I set the value of the somaxconn after
reading the above article and needed your opinion if I was doing it right.
In your opinion, what's wrong with setting nmbcluster to 0 since, in
this way, I never run out of mbufs?
sorry if came over a wrong impression that I want to lecture or something,
I am not saying it is wrong (how would I know?), I am only changing ideas
here ok and am saying that I would do it different and what is my opinion
I am also just sharing and exchanging ideas from you since your proxy
servers are running on FreeBSD systems and you seem quite good and
familiar with BSD systems.
After all, a server is never perfect like a man. It always needs
maintenance, care and tuning. Don't you think so?
Anyway, it's always good to learn what other people have to say and if
right, apply their suggestions and tips. Your suggestions have given me
new directions and have also shed light not only in Squid but also
FreeBSD in general too.
I appreciate your help and comments.
Thanking you...
michel
...
****************************************************
Datacenter Matik http://datacenter.matik.com.br
E-Mail e Data Hosting Service para Profissionais.
****************************************************
--
With best regards and good wishes,
Yours sincerely,
Tek Bahadur Limbu
(TAG/TDG Group)
Jwl Systems Department
Worldlink Communications Pvt. Ltd.
Jawalakhel, Nepal
http://www.wlink.com.np
