Re: log rotation
I've always rotated my logs without ever starting apache. I just do something like this. cp access_log $date_access_log echo access_log gzip $date_access_log It's possible to lose a line or 2 of logging, but if that's ok, this is what I've done. Robert Zajda wrote: It's hosting server so restarting apache is bad idea. On 5/15/07, John Mendenhall [EMAIL PROTECTED] wrote: If you don't mind a second or two of down time then you can use something like this in newsyslog.conf as a restart command: apachectl stop;sleep 1;apachctl start;sleep 10;apachectl start The first sleep gives apache a second to finish active requests before trying to start again. The second sleep and start is to catch the case where the first start fails because apache is still running. I have a script which does the following: + rotates logs + calls apachectl stop (twice, with sleep 2 after each call) + calls apachectl stop and greps the output to make sure it is stopped (looks for 'not running') + if I don't find not running, pages me + run apachectl startssl This is all in a wrapper script which then calls awstats after a successful rotate and restart. Works for us. JohnM -- john mendenhall [EMAIL PROTECTED] surf utopia internet services -- Alex Thurlow Technical Director Blastro Networks email: [EMAIL PROTECTED] office: 512-485-3148 mobile: 512-762-5814
Re: how to view Ethernet frame CRC errors
I haven't used it on OpenBSD, but on linux, ethtool can give you a good bit of information on an ethernet connection. -Alex Dan Farrell wrote: Another shot--- Anyone know how to see L2 CRC errors on an Ethernet interface? Thanks, danno -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dan Farrell Sent: Monday, April 09, 2007 11:02 AM To: misc@openbsd.org Subject: how to view Ethernet frame CRC errors Hello, I'm looking for a way to view L2 frame CRC errors on an interface. I've scoured netstat, but found nothing (from what I've known of it it's all Layer 3 anyway). I googled and came up rather empty (FCS error openBSD, ethernet frame CRC errors openbsd, etc.) . The purpose for this is to deduce duplex-mismatch problems on Fast Ethernet interfaces where you only have visibility/control over one side of the Ethernet connection. If there is no way to specifically view counters like this are there other counters (or a combination of counters) I can look to that would definitively show a duplex-mismatch situation (as in no false-positives) ? I know there are error counters in netstat -i but are those always going to mean there is a duplex mismatch problem (it just seems there's a lack of detail there so those errors could result from a variety of issues)? Is there anything to be gleaned from a netstat -s to show this also? I appreciate any suggestions, Dan Farrell Applied Innovations Corp. [EMAIL PROTECTED]
Router performance on OpenBSD and OpenBGPD
So anywhere I look for router performance on OpenBSD, all the benchmarks are on small lines or old machines. I also see mentions of people using it in large scale installations, which is what I'm looking to do. I thought I'd ask here and see what people have done. I have 2 GigE lines from different providers balanced via BGP with full routes from both providers. Currently, these are running through a Linux/Quagga/Iptables router/firewall with a P4 3.2 GHz. The distro is Gentoo, and we've stripped it down quite a bit. We're pushing streaming video, so it's almost all outbound traffic by about a 30:1 factor, and our average packet size is quite large - around 1200 bytes. At the moment, when we hit about 350Mbps, the router gets to ~30% CPU usage, and it appears that we stop being able to pass all the traffic at full speed. I don't see packet loss, but our traffic graph flattens a good bit. At those rates, we also start to see crashing, but we haven't been able to figure out the exact cause of those either. So, long story short, I need a new router. We've looked at Cisco, etc. and for what we're doing, it looks like we need a carrier class router. I can get a decked out 12008 for about $8k, but I'd rather not spend that much, or use the 2 feet of rack space. I've used OpenBSD/PF for firewalls in the past, and loved them, so I'd like to use it for a router if it can handle what we need. Basically, I need to be able to saturate both of those GigE lines. I'm willing to buy the brand-newest hardware - the PCI express bus should be able to do 2.5 Gbps, but I can't find anything that says I can push that much through software. I was also looking at the Intel I/O Accelerator, but I didn't see if there was OpenBSD support for it. I'm sure if there is, that would help get me to be able to push the traffic I want to. A long explanation, but I'm just hoping someone could give me some insight here. Alex Thurlow Technical Director Blastro, Inc.
Re: Router performance on OpenBSD and OpenBGPD
Oops, forgot that part. At 325Mbps, we do about 60,000pps, so that puts us at about 360,000pps needed for 2Gbps. Daniel Ouellet wrote: Alex Thurlow wrote: We're pushing streaming video, so it's almost all outbound traffic by about a 30:1 factor, and our average packet size is quite large - around 1200 bytes. At the moment, when we hit about 350Mbps, the router gets to ~30% CPU usage, and it appears that we stop being able to pass all the traffic at full speed. I don't see packet loss, but our traffic graph flattens a good bit. At those rates, we also start to see crashing, but we haven't been able to figure out the exact cause of those either. The issue as explain in the archive many times is not the level of traffic, but the number of packets per seconds you pass and it's based also on good network cards. Many can do in the 500mbps with their OpenBSD router and more without to much issues. But again, what is the limit is the pps, not the bps. S, if all your packets are in the 1200 bytes as you put here, you sure can test it with one OpenBSD and you sure should have no issue with good decent hardware, but more importantly, good network cards. That's really the key here. I use it in public peering places no issues and I keep rolling out more and more and my next one, as I go slow to be safe will be in Equinix where I have close to 100 sessions and many full bgp feeds as well. Test and adjust for your own needs, but you sure should be able to do that better then your current setup. Funny that some replace their setup with Cisco and I replace Cisco with OpenBSD as much as I can! My only problem is really I can't replace Cisco DS3 and multi channel DS3 with OpenBSD yet for the lack of decent hardware for that! (; But every Ethernet type are going away from Cisco one after the others and hopefully before the end of the year, all will be gone! Best, Daniel
