-----BEGIN PGP SIGNED MESSAGE-----
Last night I attempted to install a firewall system that runs over a
thousand processes (useing the TIS FWTK proxies). I upped the NR_TASKS to
4090 to allow them all to run.
the way the particular proxies work is to have a listener for each port
that forks off a copy of itself to handle the connection.
one issue that I was seeing however is that under a light load (~30-50
simultanious connections, ~20-30 new connections/sec) vmstat was showing
~10% user, 40%system CPU utilization.
at teh time it was useing ~80MB of ram. each proxy logs to syslog, while I
had syslog configured to write to a local file system time went up by
~10%. configuring syslog to write out a serial port makes it so running
syslog or not makes no noticable difference in the sup utilization
unfortunantly the system is no longer in production, approx 2 hours after
I went home this morning it hit the max FD limit (I had bumped it up to
16K) at ~100 connections/sec and we had to pull it out as nobody was
available to do diagnostics.
hardware is AMD thunderbird 950MHz, 512MB PC133 ram, 7200rpm ATA/66 drive
is this something that 2.4 should improve? or are there other tuning
paramaters I need to fiddle with?
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.2
-----END PGP SIGNATURE-----