Maximum active connections

Home Page Forums Network Management ZeroShell Maximum active connections

This topic contains 17 replies, has 0 voices, and was last updated by  AtroposX 9 years, 2 months ago.

Viewing 15 posts - 1 through 15 (of 19 total)
  • Author
    Posts
  • #42166

    AtroposX
    Member

    I have a ZS box that has a E8300 2.83 duo, with 2Gigs of ram. The default amount of maximum active connections is set for 1048576. The amount of total bandwidth throughput is around 90-100megs for the download traffic and at most 30 for the upload. This is on a mirrored port to test the throughput first. The connection count has already been maxed out and receiving “nf_conntrack: table full, dropping packet.” in dmesg. The MRTG graph shows 100% at 1,080,000 max. The system load is on average 0.3%, less than 1, and the MRTG system memory graph shows 405Megs utilized so far.

    This is just in bridgemode, no classifiers yet in place. Would it be best to just echo a higher amount to the ip_Conntrack_max, or to just get more ram? If more ram is put in place, would the max amount automatically set itself to something higher than what it currently is, or would I need to echo it? I should probably just put in more ram anyways, since no classifiers are in place yet.

    #49504

    ppalias
    Member

    Try first to raise the ip_Conntrack_max since you have lots of free mem.

    #49505

    AtroposX
    Member

    I bumped it up by 150%, to 1572864, (1048576 * 1.5) = 1572864, and adjust accordingly. Thank you for your response. I’ll update in a few hours or so.

    #49506

    AtroposX
    Member

    I added the echo to the post boot, it works, but MRTG shows it as 106%, 108% etc.. Does the mrtg graphs need to be deleted, or mrtg restarted to represent the graph correctly?

    #49507

    ppalias
    Member

    Normally mrtg.conf needs to be revised to change the top value. If you spot the file let us know where it is.

    #49508

    AtroposX
    Member

    found it on beta12…

    /DB/_DB.001/var/register/system/mrtg/mrtg.conf

    edit the to MaxBytes [Connections]: *

    #49509

    AtroposX
    Member

    oh, do a “service mrtg restart” after saving.

    #49510

    AtroposX
    Member

    Total active connections according to MRTG at 1340.7k, at 85.2% by the way, again with 2gigs ram echo’d at “1572864”.

    506megs used according to MRTG and system load of average 0.1%, 98meg down, 24megs up. The processor seems to be extremely minimal. This, IS, just in bridge mode on a mirrored port, forwarding traffic though. Would anyone know if this is what would be seen if real-time traffic is passed through it? It just seems exceptionally low on the cpu, but then again cpu isn’t really doing much just passing, and the ram is doing all the conntrack, and no classifiers.

    Seems ram should be upped soon…

    #49511

    AtroposX
    Member

    Just upped the mac active connections to 2097152.

    #49512

    ppalias
    Member

    I don’t really think that CPU less than 4 years old will be a bottleneck in a routing system. My ZS is on a P3@1300MHz working usually at very low utilization with 192MB ram and serving 2 ADSLs, with some services.

    #49513

    AtroposX
    Member

    I upped it to 2097152, it was climbing up there. It was running great until I thought I’d push it more, actually alot, so… fyi running 90down/20upload and taking an entire /20 block, tiering it with after 10megs go to this class, then after 15megs go to this one, and after 20megs go to the next, and 1.3million connections caused the box to …

    13:10:58 [] out_of_memory+0x19e/0x1e0
    13:10:58 Out of memory: kill process 1807 (named) score 1548 or a child
    13:11:08 [] out_of_memory+0x19e/0x1e0
    13:11:08 Out of memory: kill process 7389 (httpd) score 780 or a child
    13:11:08 [] out_of_memory+0x19e/0x1e0
    13:11:08 Out of memory: kill process 7748 (httpd) score 753 or a child
    13:11:08 [] out_of_memory+0x19e/0x1e0
    13:11:08 Out of memory: kill process 7751 (httpd) score 750 or a child
    13:11:08 [] out_of_memory+0x19e/0x1e0
    13:11:08 Out of memory: kill process 7750 (httpd) score 749 or a child
    13:11:08 [] out_of_memory+0x19e/0x1e0
    13:11:08 Out of memory: kill process 7386 (httpd) score 736 or a child
    13:11:08 [] out_of_memory+0x19e/0x1e0
    13:11:52 [] out_of_memory+0x19e/0x1e0
    13:11:52 Out of memory: kill process 25700 (httpd) score 1439 or a child
    13:11:52 [] out_of_memory+0x19e/0x1e0
    13:11:52 Out of memory: kill process 25707 (httpd) score 1439 or a child
    13:11:52 [] out_of_memory+0x19e/0x1e0
    13:11:52 Out of memory: kill process 25708 (httpd) score 1439 or a child
    13:11:52 [] out_of_memory+0x19e/0x1e0
    13:11:52 Out of memory: kill process 25712 (httpd) score 1439 or a child
    13:11:52 Out of memory: kill process 25713 (httpd) score 1439 or a child
    13:11:52 Out of memory: kill process 25714 (httpd) score 1439 or a child
    13:12:10 [] out_of_memory+0x19e/0x1e0
    13:12:10 Out of memory: kill process 25715 (httpd) score 1439 or a child
    15:11:14 Memory: 2045188k/2070528k available (2449k kernel code, 22768k reserved, 1089k data, 260k init, 1151740k highmem)
    15:11:14 virtual kernel memory layout:
    15:11:14 Freeing initrd memory: 1607k freed
    15:11:14 agpgart: Detected 7164K stolen memory.
    15:11:14 Freeing unused kernel memory: 260k freed
    17:20:18 Memory: 2045188k/2070528k available (2449k kernel code, 22768k reserved, 1089k data, 260k init, 1151740k highmem)
    17:20:18 virtual kernel memory layout:
    17:20:18 Freeing initrd memory: 1607k freed
    17:20:18 agpgart: Detected 7164K stolen memory.
    17:20:18 Freeing unused kernel memory: 260k freed

    traffic was still passing but I couldn’t ssh or web into it. Cpu load was still at about 0.3%. Just need some more ram it looks like, to do that.

    #49514

    ppalias
    Member

    AtroposX you are a mem-eater 😛

    #49515

    AtroposX
    Member

    There’s 2gigs in it, it looks like the max connections is fine, but the box appears to lock up after using a gig according to mrtg.

    root@zeroshell root> cat /proc/meminfo
    MemTotal: 2047968 kB
    MemFree: 1843852 kB
    Buffers: 12204 kB
    Cached: 39560 kB
    SwapCached: 0 kB
    Active: 40472 kB
    Inactive: 30656 kB
    HighTotal: 1151740 kB
    HighFree: 1049164 kB
    LowTotal: 896228 kB
    LowFree: 794688 kB
    SwapTotal: 131064 kB
    SwapFree: 131064 kB
    Dirty: 160 kB
    Writeback: 0 kB
    AnonPages: 19388 kB
    Mapped: 8604 kB
    Slab: 84856 kB
    SReclaimable: 3616 kB
    SUnreclaim: 81240 kB
    PageTables: 784 kB
    NFS_Unstable: 0 kB
    Bounce: 0 kB
    CommitLimit: 1155048 kB
    Committed_AS: 107268 kB
    VmallocTotal: 114680 kB
    VmallocUsed: 4188 kB
    VmallocChunk: 110192 kB

    It looks like HighMemory is only a gig. Is this where it is getting bottlenecked? It looks like traffic keeps passing, but SSHD, NAMED, HTTPS, and SLAPD, got killed during this point, so no management. I lowered it back down to 1572864 connections, and let it run for a while again. Probably stick another 1gig in later.

    #49516

    AtroposX
    Member

    I got a new network card that has bypass support and tcp/ip off-loading, but need to compile the driver to use it as well as configure the watchdog timer for the bypass timeout, but can’t figure out how to install the gcc, kernel-headers, etc… Would it be possible to email the driver in a zip format to someone on here that has compiling working, compile it, rezip the folder, and email back? Then I could just insmod the .ko. It’s an N2265 on ebay, great features, just can’t compile it. Maybe included as an external package?…

    #49517

    AtroposX
    Member

    I placed the driver and its PDF documentation here if anyone can compile it on the 2.6.25.20 kernel…

    http://www.mediafire.com/download.php?jgmvyxyyxny

    And the manufacturer’s specs are here…

    http://www.interfacemasters.com/products/2265.html

    Thank you for any help…

Viewing 15 posts - 1 through 15 (of 19 total)

You must be logged in to reply to this topic.