-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jake Bunce wrote: | Maybe this would help? | http://forums.theplanet.com/index.php?s=5cc3be1abd916a5963f58dba23aadb28&showtopic=90598&pid=597326&st=0&#entry597326
| <http://forums.theplanet.com/index.php?s=5cc3be1abd916a5963f58dba23aadb28&showtopic=90598&pid=597326&st=0&#entry597326> | No, it didn't help. I'm currently using the default settings on apache for that. The servers' now got 149 open requests, though netstat doesn't show anything significant :( Most of the open connections are getting the /feed/ directory... Johnathon | Jake | | 2008/9/12 Johnathon Tinsley <[EMAIL PROTECTED] | <mailto:[EMAIL PROTECTED]>> | | Hi Jake, | | Jake Bunce wrote: | | Are you using static NAT, i.e 1-1, 80.87.131.49 | <http://80.87.131.49> <http://80.87.131.49> - | | 10.10.10.1 <http://10.10.10.1> <http://10.10.10.1> or whatever | your internal IP is and can | | | it handle the amount of translations its performing? Also if you're | | behind a shared firewall, can it handle the amount of traffic passing | | through it? Check your firewall/iptables logs where connections are | | initialized, but not followed through - TCP SYN messages from | different | | hosts but no SYN/ACK - SYN. Could indicate a DDoS attack. I had no | | trouble viewing your site though. | | | | Currently, I have no firewall - the traffic is only running through the | routers, and no NAT. I keep meaning to load up a firewall at some point, | but I'm not sure enough of shorewall's configuration to actually turn it | on. (Locking yourself out is bad). | | Apache is running on almost-default config, with a couple of tweaks for | .htaccess files. | | The box now has 13 open connections, four of which are in CLOSE_WAIT | state.. (netstat -nt) | | There's nothing showing up in the error or access logs :S | | | | | Jake | | | | 2008/9/12 Johnathon Tinsley <[EMAIL PROTECTED] | <mailto:[EMAIL PROTECTED]> | | <mailto:[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>>> | | | | | Hello all, | | | | Slightly off topic.. I'm working on a debian server, which is | currently | | hosting my blog: kirrus.co.uk <http://kirrus.co.uk> | <http://kirrus.co.uk> | | | | | Unfortunately, something appears to be screwy with apache2 or | something | | - connections aren't being closed, and are just backing up. | | | | You can see this in action, if you visit the blog. Sometimes it just | | doesn't hand you all the data, and firefox sits waiting for data from | | "kirrus.co.uk <http://kirrus.co.uk> <http://kirrus.co.uk>". | | | | | Apache just spawns server processes, till the RAM runs out. Then the | | kernel starts killing processes and it doesn't appear to kill the | | logical choice of apache2. | | | | I've tried pinging one of the other servers in the network, to see if | | its obviously a network problem. Out of over 20,000 pings, only 4 | | weren't replied to. Is there any better way to check the network | | infrastructure? | | | | Anyone have any other ideas of things to try? | | | | Johnathon | | | -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIzBC481bUwCB/xdgRAjxpAKDK2sjTsp25spuVgDIKo6jchYvbWACghJvL oTz0HQvDzAq6ZhmZeMJk5UY= =A1MX -----END PGP SIGNATURE----- -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
