Topic: Caching Gateway for 10M X 10M connection

[cc_skavenger]

Has anyone successfully used SME for a caching gateway with a 10M x 10M connection and about 500 users?  I am having trouble with a system that I just upgraded the bandwidth to and I am trying to figure out if it is a hardware issue or just that I need to find another solution.  

The system is a 2Ghz machine with 1gb ram, 80GB primary hard drive and (3) 40gb hard drives in a raid array.  

I was using squid with a 20Gb storage size and with 128Mb max file size stored on the 40gb hard drives.  I was having all kinds of issues with what seemed to be DNS resolving.  I had to turn the storage size down to 100Mb and max file size of 1Mb to keep this machine from crashing (I had to restart tinydns and dnscache to make things work again).  

Any ideas and or suggestions?  I really want to keep SME if possible.

TIA

[hardijs]

what does logs say about the "crashing"?
/var/log/messages

what kind of crashing is it? does not respond both to local and ssh console though hard drive works (like crasy) etc?
Are there any hard drive problems?
hdparm -tT  /devc/[harddrive]

dma issue
bad memory

also excuse my ignorance - whats 10M x 10 M?

[CharlieBrady]

(I had to restart tinydns and dnscache to make things work again).

[In addition to the earlier questions ...] Why did you restart tinydns and dnscache? What exactly does "make things work again" mean - e.g. what exactly wasn't working?

If you had a server crash, shouldn't you be reporting it (in suitable detail) via the Bug Tracker?

[cc_skavenger]

what does logs say about the "crashing"?
/var/log/messages
.
.
.
also excuse my ignorance - whats 10M x 10 M?

I am still trying to sift through the 1GB messages file.  By 10M x 10M, I mean a 10MB x 10MB fiber to ethernet connection that feeds this server.  I guess I chose the wrong words, tinydns and/or dnscache would stop responding.  The workstations would be able to ping out, but could not resolve addresses.  I would restart the two services and things would start working again.  Like I said, I am still looking through the logs, but can't really see anything that would cause the dns to stop.

[hardijs]

my guess - despite you have tons of whatelse you have run out of swap.
say version 6.0.x did make 256MB swapspace. Version 6.5 (clean install) does make 1 GB swap. so if you did 6.0 series instal -and even if you made the upgrade to something later it still is 256 MB. After iot runs out of memory (buffers fills in) and the swap - no more processes may be initiated. Some of them are being suspended and some strange things do happen.

my guess is to open console - start top and see if zombies starpt appearing after free memory and free swap drops close to zero then it is that.

by saying that the log is megabytes - what is it full of ? say you may be suffering a dos attack.


2 more questions -1. what is the point of such a massive caching?
2.what kind of raid are you using (successfully) with sme? if it works for you it may work for me

[cc_skavenger]

I just upgraded the bandwidth to this server from a 4.5Mb connection to this faster connection.  With about 500 users, I had to add caching to make the boss happy with his browsing experience.  I was trying to duplicate something like one of these servers:
http://www.swelltech.com/products/20s.html
but on SME.

I am running raid level 1 on the three hard drives, and this is where squid is storing it's data.

The logs are filling up with denylog entries.  I think I will be turning logging off, though I don't really want to.

[CharlieBrady]

I was trying to duplicate something like one of these servers:
http://www.swelltech.com/products/20s.html
but on SME.

You're comparing a general purpose, very versatile workgroup server with a special purpose web acceleration appliance. You shouldn't expect identical performance and features. If you get close, you'll have done well.

I am running raid level 1 on the three hard drives, and this is where squid is storing it's data.

You should consider running raid 0 for the squid cache. The squid cache is disposable data. Raid 0 will give you a bigger and faster cache.

The logs are filling up with denylog entries.  I think I will be turning logging off, though I don't really want to.

Unless you can do something to stop those packets from coming down your WAN link, those logs aren't really doing anything useful to you. The fact that a packet is logged means it was dropped, so it didn't have any affect on a service you were running.

[cc_skavenger]

Ok, I am wrong.  I am running raid 0.  Here is a copy of /etc/raidtab:

raiddev /dev/md0
        raid-level      0
        nr-raid-disks   3
        persistent-superblock   1
        chunk-size      4
        device          /dev/hdc
        raid-disk       0
        device          /dev/hde
        raid-disk       1
        device          /dev/hdg
        raid-disk       2

I formatted /dev/md0 using reiserfs.  

I think I found the problem.  The dns servers we were using apparently had problems.  I have switched from them and things are working again.  I have put all the squid settings back in and things are working great again.  I also have turned off logging to keep the messages log file from filling the hard drive.

Thanks to everyone for their help and comments.

[smeghead]

Hi Marco

Check out the uLog contrib.  It will move the iptables log info out to its own log and not clutter the messages log.  You can then set a different logrotate schedule for these logs to keep them under control.

HTH

[CharlieBrady]

I think I found the problem.  The dns servers we were using apparently had problems.  I have switched from them and things are working again.  

The SME server has a perfectly good DNS resolver included. There's very, very rarely any need to specify an external DNS resolver, and as you've discovered, often good reasons not to.