Logging in to bogged down system?
Rick Stevens
rstevens at vitalstream.com
Sat Apr 1 00:19:35 UTC 2006
On Fri, 2006-03-31 at 13:59 -0700, karlp at ourldsfamily.com wrote:
> On Tue, March 28, 2006 7:30 pm, Rick Stevens said:
> > On Tue, 2006-03-28 at 17:17 -0800, Harold Hallikainen wrote:
> >> My FC4 system has been running great for months. But today, I headed
> >> for Arkansas and the server is in California. Once I got here to AR, I
> >> noticed that it was serving web pages real slowly. I logged in using
> >> ssh and ran top. I found a TON of httpd processes running, using, at
> >> that time, 86% of the processor time. I figured I'd try to reboot the
> >> system through ssh, but now I can't even get in to it that way. I
> >> connect, but the password is never requested. Instead, I get
> >> "ssh_exchange_identification: read: Connection reset by peer
> >> ". So, anything I can do from a couple thousand miles away?
> >
> > Just keep trying or get someone to hard boot it. You should also
> > put the following tweaks in your /etc/sysctl.conf file to tweak
> > HTTP session handling:
> >
> > net.ipv4.tcp_fin_timeout = 1
> > net.ipv4.tcp_max_syn_backlog = 2048
> > net.ipv4.tcp_syn_retries = 3
> > net.ipv4.tcp_tw_recycle = 1
> > net.ipv4.tcp_tw_reuse = 1
>
> Are these settings 'safe' for RH8.0 and RH9? I guess a better question is,
> are these settings used by 8.0 or 9?
They should be. Just check /proc/sys/net/ipv4 and verify that the
last bits of the things above exist as filenames, e.g.:
net.ipv4.tcp_fin_timeout = /proc/sys/net/ipv4/tcp_fin_timeout
If you want to just test them first without making them permanent, then
echo the value to the file, e.g.:
echo "1" >/proc/sys/net/ipv4/tcp_fin_timeout
Note that they'll revert back to their previous settings if you DON'T
put them in /etc/sysctl.conf.
BTW, they're explained in the kernel's
"Documentation/networking/ip-sysctl.txt" file which is part of the
"kernel-doc" RPM. It's also found in the various kernel source RPMs.
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- Never test for an error condition you don't know how to handle. -
----------------------------------------------------------------------
More information about the Redhat-install-list
mailing list