![]() |
server was down all the weekend again...
I bet the swap partition bug struck again.
We really must get this fixed at all costs, admins. I'll check the logs tonight. What if I put back the default kernel ? I don't see why mine would cause the problem, though, but better make sure... No time for that right now, but in the meanwhile if memed or Nova want to take a look, please guys, do ! And to all members... we are sorry :) The server crashed just at the beginning of the weekend and the hosting company was closed and nobody could reboot it until this morning :( We'll be investigating the issue ASAP. Hopefully this won't happen ever again. |
Re: server was down all the weekend again...
That's really sad as I considered this hoster for some of our servers but now I won't :-)
|
Re: server was down all the weekend again...
Quote:
|
Re: server was down all the weekend again...
it's a kernel I compiled myself to get rid of the useless hardware drivers and all the bloatware there is in a generic Linux kernel. Recompiling a custom kernel can save up to 80% kernel space, saves resources (IRQ and memory) and leads to a non neglectable speed improvement.
|
Re: server was down all the weekend again...
Quote:
But this are all not the reasosn, the only bug appearing which is a real indicator for anything is the swap_free call returning ugly errors, this is usually one of the las messages, then it takes some time until it's dead. Oh b.t.w. the Hoster was not closed, they just did refuse to reboot, because i do not have proper authorization to trigger a reboot (i even miss-spelled Nova's realname...) and the guy capable of deciding to react simply because it is logic to reboot a stuck server does not work on weekends. To rule out harddisk failure in the swap area i now switched to a swap file and disabled the swap partition, the swapfile is called /lin386.swp ;) @PMB there are CHANGELOG files on the server, just look in the root. Cheers memed |
Re: server was down all the weekend again...
Quote:
|
Re: server was down all the weekend again...
Afaik pptp with mppe is one of those module only, also beeing able to load and unload ip_table modules is a common practice for me. despite that, you words are contrary to PMB, why should all possible ip_tables modules be in the kernel (iiiieeeek), that makes it bigger and bloated. And im prety shure that some modules are (where) mutaly exclusive, resulting in the need for modules to get all funtions.
I also don't want to reinvent the wheel on a waggon allready in motion, e.g. my "forensic" connection tracker tool relies on being able to load/unload some of those modules. So i terms of security we ain't no border gate or secure login server and the kernel running now is atleast save enough for pmb and me ;-), while Nova can still recover what PMB and me failed. cheers p.s. when i dream of security: If there where time and local access i would make it a GSX server running a cascaded openbsd/linux environment, preferably guarded by two aravox'es used in asynchonous mode (one for in and one for out). not to mention that i would like to have access to the onion router ring for cnnectivity to "my" border network which would be staffed with cisco's routers and pix'es running CSM on an isolated outband management station. (apart from outband management, the number of aravox'es and the onion router ring access is did that once) |
Re: server was down all the weekend again...
Btw (and off-topic): what is your profession memed?
|
Re: server was down all the weekend again...
care
solve trust is my company credo, I'm an independent IT Consultant, mostly for liunx servers [Webserver, App.-Servers, Storage-Nodes and Multimedia] and telecommunication needs [change telco provider, assist in negotiations with sub-contractors, enforce SLA's by documenting failure] and security conceps, testing and implementation [includes teaching, data-protection laws and software QA]. http://kreuzinger.biz or kreuzinger.com but enough of advertising, i no good at that anyways. Cheers memed {Onno Kreuzinger} |
Re: server was down all the weekend again...
Quote:
And there is much more than the kernel regarding security. E.g. stopping unneccessary services, no direct root logins etc. (hardening systems) Quote:
Btw: aravox is out of buisness since last year... Btw2: what is a "onion router ring"? |
All times are GMT +2. The time now is 19:36. |
Powered by vBulletin® Version 3.8.2
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.