Hello,
We setup haveged threshold at 2048 (its max pool size is 4096 , afaik) for our
high load cyrus imap servers.
At our cyrus imap servers the depletion bursts are amazing.
Watch the entropy available during your peak ours and you will get an overview
of your needs.
Regards.
Andre Felipe
When I installed havaged the process died instantly and gives me a locked sub
system. If I restart it again, instantly dies again. Im on centos. Any ideas
why this is happening?
Anyone else experienced this?
- Paul
> On Sep 11, 2015, at 1:54 PM, Andre Felipe Machado
> wrote:
>
> Hello,
> W
Hello
This is difficult to diagnose, if not looking at the pool size.
No error is logged, it is only "slow" or even suffering hiccups on extreme loads
and or under specified cpu.
"Every time a process is started, or allocates memory, it will reduce the
entropy pool because entropy is used to ran
On Thu, 10 Sep 2015, signaldevelo...@gmail.com wrote:
> Is there some type of log I can provide from Cyrus / sasl to help
> diagnose this better to the kolab guys? Other kolab guys I know say
> their entropy is right where I'm at and they aren't experiencing these
> slowness issues.
>
> Are the
I tried imapproxy. It is the same speed. And again, definitely not hardware
related.
I see in the logs in queries the proxy and that works fine but not sure why
it's still the same speed.
- Paul
> On Sep 11, 2015, at 2:47 PM, Andrew Morgan wrote:
>
>> On Thu, 10 Sep 2015, signaldevelo...@
Hello,
By your numbers it seems that your machine is able to generate random numbers
at good speed. But the problem is WHEN and HOW OFTEN.
Afaik, the linux kernel waits too long to trigger the process to generate
random numbers and fast paced process spawning or ssl connections could deplet
Andre,
Thanks for the info!! Two questions since sasl is still new to me:
1) How many processes should I have running? Is there an option somewhere to
adjust this or see it?
2) I installed havaged, but the process instantly crashes and tells me a sub
system is locked when I try to restart it.
On 09/11/2015 04:12 PM, signaldevelo...@gmail.com wrote:
Andre,
Thanks for the info!! Two questions since sasl is still new to me:
1) How many processes should I have running? Is there an option
somewhere to adjust this or see it?
2) I installed havaged, but the process instantly crashes and t
I use imapproxy with Horde Webmail here. Assuming the proxy is using
cached connections instead of making a new connection each click, then I
would look into performance problems within Cyrus itself. It would be
interesting to see what IMAP commands Roundcube is issuing to Cyrus.
Perhaps it i
Hi Patrick,
Then do what with it?
- Paul
> On Sep 11, 2015, at 3:53 PM, Patrick Boutilier wrote:
>
>> On 09/11/2015 04:12 PM, signaldevelo...@gmail.com wrote:
>> Andre,
>>
>> Thanks for the info!! Two questions since sasl is still new to me:
>>
>> 1) How many processes should I have running?
Delete it. Then you can try to start havaged and see if it crashes again.
On 09/11/2015 08:30 PM, signaldevelo...@gmail.com wrote:
Hi Patrick,
Then do what with it?
- Paul
On Sep 11, 2015, at 3:53 PM, Patrick Boutilier wrote:
On 09/11/2015 04:12 PM, signaldevelo...@gmail.com wrote:
Andre
Nope, dies instantly and locks it again. "Haveged dead but subsys locked"
- Paul
> On Sep 11, 2015, at 8:03 PM, Patrick Boutilier wrote:
>
> Delete it. Then you can try to start havaged and see if it crashes again.
>
>
>> On 09/11/2015 08:30 PM, signaldevelo...@gmail.com wrote:
>> Hi Patrick
So I tried:
haveged -r 0
and the service now works but entropy is still 129
- Paul
> On Sep 11, 2015, at 8:03 PM, Patrick Boutilier wrote:
>
> Delete it. Then you can try to start havaged and see if it crashes again.
>
>
>> On 09/11/2015 08:30 PM, signaldevelo...@gmail.com wrote:
>> Hi Pat
Okay so I figured out since this is a container and not a VM I can't install
haveged on it. Awesome I learned something. Okay now... Next question to solve
this insanity.
Can I point everything Cyrus/SASL and TLS Related to use urandom instead of
random?
I found this:
http://security.stackex
14 matches
Mail list logo
