CQiNet

K5GUD wrote:

> I was wondering if there is a way to restrict those who connect to a 
> conference server? I have some middle eastern stations that connect to 
> our conference server and just talk for a really long time. I don't 
> even think they are talking to anyone, just causing interference. I 
> would like to restrict connections to just stations from the USA. Any 
> help would be appreciated.
>  
> Jay Kruckenberg
> K5GUD
> Tri-State Amateur Radio Group

Why not just ban the users that are causing problems?

Ron W6FM

At 6:57 AM -0800 3/2/05, Skip WB6YMH wrote:
>The error messages sounds like the data is backing up in the kernel's network
>stack which would indicate a problem getting it out of the Ethernet.  Perhaps
>the server is plugged into an overloaded hub before it gets to the fat pipe?

I don't think so. The same system can consistently push 800 
megabytes/second into a TCP connection to an off-campus site.

>Is there a reasonable Ethernet board in the box?  Not some old ISA card or
>something?

I'm not sure exactly what card is in there. Something from 3COM, by 
the MAC address, but that doesn't say much about how good it is. PCI, 
for sure. The 800 MB/sec TCP throughput would suggest that it isn't 
too shabby.

>  Was there any other activity on the same box at the time?  A busy
>Web server perhaps?

The same server handles lots of email and web service, but typically 
not busy enough to matter. Right now, for example, with all that 
stuff running, "netstat -m" shows 33/944/65536 (current/peak/max) of 
mbufs in use and the load average is 0.18/0.07/0.02. It is certainly 
possible that some other traffic peaked during the conference room 
event, but I don't have any real reason to think it did.

>I'm sure there are some kernel variables to increase the stack's buffer space
>on FreeBSD, but I'd be shocked if the default values aren't reasonable.

64K mbufs sounds like plenty to me. Unfortunately I wasn't present at 
the time to check the mbufs during the event.

>So what was the event?  82 users sounds exciting.  I seldom hear anyone on
>EchoLink these days.

It was a scheduled contact between kids at a school and astronauts 
aboard the International Space Station. EchoLink is used to share the 
event with others, broadcast only; the actual contact audio is 
handled separately for now. There's another one at 1410 UTC on March 
8, and ongoing activity is scheduled on 
http://www.amsat.org/amsat-new/fieldops/events.php

Unless I can come up with something to improve the situation, I'll 
get a chance to monitor the problem again on March 8 (if I remember 
this time) and maybe learn more about what's going on. Any 
suggestions on what to look at?

73  -Paul
kb5mu@...

> At 6:57 AM -0800 3/2/05, Skip WB6YMH wrote:
> >The error messages sounds like the data is backing up in the kernel's
> >network stack which would indicate a problem getting it out of the
> >Ethernet.  Perhaps the server is plugged into an overloaded hub before
> >it gets to the fat pipe?
> 
> I don't think so. The same system can consistently push 800 
> megabytes/second into a TCP connection to an off-campus site.

800 megabytes/second via a 100 megabit/second Ethernet connection ... something 
doesn't add up there!

> >Is there a reasonable Ethernet board in the box?  Not some old ISA card
> >or something?
> 
> I'm not sure exactly what card is in there. Something from 3COM, by the
> MAC address, but that doesn't say much about how good it is. PCI, for
> sure. The 800 MB/sec TCP throughput would suggest that it isn't too
> shabby.
> 
> >  Was there any other activity on the same box at the time?  A busy
> >Web server perhaps?
> 
> The same server handles lots of email and web service, but typically not
> busy enough to matter. Right now, for example, with all that stuff
> running, "netstat -m" shows 33/944/65536 (current/peak/max) of mbufs in
> use and the load average is 0.18/0.07/0.02. It is certainly possible
> that some other traffic peaked during the conference room event, but I
> don't have any real reason to think it did.
> 
> >I'm sure there are some kernel variables to increase the stack's buffer
> >space on FreeBSD, but I'd be shocked if the default values aren't
> >reasonable.
> 
> 64K mbufs sounds like plenty to me. Unfortunately I wasn't present at
> the time to check the mbufs during the event.
> 
> >So what was the event?  82 users sounds exciting.  I seldom hear anyone
> >on EchoLink these days.
> 
> It was a scheduled contact between kids at a school and astronauts
> aboard the International Space Station. EchoLink is used to share the
> event with others, broadcast only; the actual contact audio is handled
> separately for now. There's another one at 1410 UTC on March 8, and
> ongoing activity is scheduled on
> http://www.amsat.org/amsat-new/fieldops/events.php
> 
> Unless I can come up with something to improve the situation, I'll get a
> chance to monitor the problem again on March 8 (if I remember this time)
> and maybe learn more about what's going on. Any suggestions on what to
> look at?

Netstat is probably your best bet on the box itself.  If it shows a backlog it 
would be interesting to look at the bandwidth utilization outside of the 
box.... Brian probably has things monitored to the hilt.

It might make some sense to try to duplicate the problem before you next big 
event ... 17 users shouldn't be impossible to come up with.

*Techtalk* has lots of bandwidth, if you run into problems during your event 
feel free to connect to *techtalk* and have people move over there.  

73's Skip WB6YMH

> 
> 73  -Paul
> kb5mu@...
> 
> 
> -------------------------------------------------------
> SF email is sponsored by - The IT Product Guide
> Read honest & candid reviews on hundreds of IT Products from real users.
> Discover which products truly live up to the hype. Start reading now.
> http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
> _______________________________________________ Cqinet-general mailing
> list Cqinet-general@...
> https://lists.sourceforge.net/lists/listinfo/cqinet-general

At 2:15 PM -0800 3/2/05, Skip WB6YMH wrote:
>800 megabytes/second via a 100 megabit/second Ethernet connection 
>... something
>doesn't add up there!

Uh, yeah. Would you believe 800 kilobytes/second?

That'd be like a dedicated, saturated 10 megabit Ethernet. Still, 
plenty of bits for our purposes.

>It might make some sense to try to duplicate the problem before you next big
>event ... 17 users shouldn't be impossible to come up with.

I was just thinking about how easy it would be to add a few lines of 
code to send each packet N times to simulate N times the load.

>*Techtalk* has lots of bandwidth, if you run into problems during your event
>feel free to connect to *techtalk* and have people move over there.

Thanks, I may take you up on that. We already have at least one other 
conference server committed, and last time another one (in Russia) 
showed up.

73  -Paul
kb5mu@...

> At 2:15 PM -0800 3/2/05, Skip WB6YMH wrote:
> >800 megabytes/second via a 100 megabit/second Ethernet connection 
> >... something
> >doesn't add up there!
> 
> Uh, yeah. Would you believe 800 kilobytes/second?
> 
> That'd be like a dedicated, saturated 10 megabit Ethernet. Still, 
> plenty of bits for our purposes.

True.
 
> >It might make some sense to try to duplicate the problem before you next big
> >event ... 17 users shouldn't be impossible to come up with.
> 
> I was just thinking about how easy it would be to add a few lines of 
> code to send each packet N times to simulate N times the load.

Yup, just make sure you send it to an IP address that needs to follow the same 
route as the "real" users, not localhost or something on the local subnet.

Is your routing table simple with a single default route or are there multiple 
routers?  If there's a complex routing going on the problem might be associated 
with a bad route in the routing table.  Do you ever see any "no route to host" 
errors in your log file?
 
> >*Techtalk* has lots of bandwidth, if you run into problems during your event
> >feel free to connect to *techtalk* and have people move over there.
> 
> Thanks, I may take you up on that. We already have at least one other 
> conference server committed, and last time another one (in Russia) 
> showed up.

If we can't figure out what *AMSAT*'s problem is before the event I'd be happy 
to reconfigure *techtalk* to replace *amsat* for the event if you like ... that 
might be easier to manage than trying to redirect the users in real time.  Your 
call.

73's Skip WB6YMH

At 5:14 PM -0800 3/2/05, Skip WB6YMH wrote:
>Is your routing table simple with a single default route or are there multiple
>routers?

Routing is as simple as can be. One gateway, plus a dedicated route 
to the primary nameserver.

>Do you ever see any "no route to host" errors in your log file?

Never.

>If we can't figure out what *AMSAT*'s problem is before the event I'd be happy
>to reconfigure *techtalk* to replace *amsat* for the event if you 
>like ... that
>might be easier to manage than trying to redirect the users in real 
>time.  Your
>call.

Thanks, but I think I'd rather use the session to collect data on the 
problem, if it comes to that.

73  -Paul
kb5mu@...

I've learned a bit more about the problem.

First of all, it's not mbufs. I created a test version of tbd that 
duplicates each packet many times, and recreated the error with just 
a single user. The peak mbufs usage stat didn't go up at all, much 
less approach the system limit. In fact, it turns out that a single 
burst of datagrams sent quickly is enough to trigger the problem. How 
many datagrams in the burst depends on the datagram size. If the 
datagrams are very short, just over 128 of them can be queued in a 
row before getting ENOBUFS.

If not mbufs, it must be a limit on the outgoing queue. It would be 
reasonable to have such a limit, since UDP doesn't otherwise have any 
flow control. However, on amsat.org that limit seems to be annoyingly 
low.

It seems to be a FreeBSD limitation, and as far as I can tell there's 
no way to tune it. There is only so much buffer space available for 
outgoing UDP datagrams.

setsockopt(2) can tune the receive buffer size using SO_RCVBUF. 
There's even a corresponding-looking option called SO_SNDBUF. 
However, that option doesn't tune the total buffer size at all, it 
tunes the maximum size of a single outgoing datagram. I verified this 
by experiment.

sysctl(8) can tweak hundreds of system parameters, including one 
called net.inet.udp.recvspace, which again controls receive 
buffering. But despite some mentions on net forums, there does not 
seem to be a parameter called net.inet.udp.sendspace, at least in 
FreeBSD 4.8-RELEASE. One hypothesis I saw mentioned is that UDP 
datagrams are queued directly into the hardware, so there's no 
software buffer limit to tune.

A little test program that does nothing but set up a socket and send 
a single burst of packets to it shows exactly the same behavior, so 
it's nothing specific to tbd.

I think there's a possible solution. Send2() could simply retry 
datagrams that get ENOBUFS. I'm not sure whether a full-speed spin 
loop or a spinloop that calls nanosleep(2) would be best. And I'm 
worried that bigger architectural changes will be needed to recover 
from the case where network bandwidth really is the limit (a new 
voice frame arrives before the old one has been completely sent out). 
I'm not sure what currently happens under those conditions.

If I set my test program to send a burst of 380 (42 byte payload, 
which is about what 16kbps works out to) without any waiting, about 
2/3 of them succeed and it takes about 20ms (that's a voice frame 
time if I'm not mistaken). So around 250 is going to be an upper 
bound on how many connections can be supported on this system before 
packets start to drop. I could live with that.

Sending those test packets through the net via my cable modem and 
Linksys router to my Powermac G5, only about 150 actually arrive as 
logged by Ethereal. Not sure what happened to the others. That part 
isn't a very realistic test, of course.

I'm out of time for playing with this until probably Monday.

Any better ideas would be welcome.

73  -Paul
kb5mu@...

Maybe this can help give some clues:

"I had the same exact problem.  I traced it to be a bug in some software 
that opened a domain socket(2) but could not connect(2) and never closed
the descriptor returned.

something like:

sd = socket(AF_UNIX, SOCK_STREAM, 0);
...
if(connect(sd, (struct sockaddr *)&saddr, sizeof(saddr)) < 0) {  
   return -1;
}
 
where close(2) was skipped on sd if the connect failed.

over a period of time (12-18hrs), these unconnected sockets would fill
up the available buffer space, and exhibit the same symptoms you are
having. even running ifconfig would fail with No buffer space available.

from intro(2):
55 ENOBUFS No buffer space available.  An operation on a socket or pipe
was not performed because the system lacked sufficient buffer space or
because a queue was full.

Fixing that bug fixed the problem. I doubt you have a hardware problem,
I would try narrowing down what software is causing the lockup. truss(1)
might help you out here."



Good luck!  I hope you can get it fixed.
-- 

Robert C. Pectol
http://rob.pectol.com
PGP Key: http://rob.pectol.com/public_key.txt
__________________________________
|  Linux Registered User: 193226
|  Mandrake Linux 10 System
|  Uptime:  3 days 21 hours 47 minutes
|  Wed Mar  2 12:22:01 PST 2005


On Tuesday 01 March 2005 19:34, Paul Williamson wrote:
> On the *AMSAT* server (thebridge 0.81) a few days ago, we had a
> special event with lots more users than usual. Around 17 users, the
> log started filling up with messages like this:
>
> Feb 28 09:54:19 amsat tbd: Send2(): sendto() failed, No buffer space
> available (55)
>
> and the audio started breaking up. We got up to a peak of 82 users
> connected, but the audio was pretty bad by then. With the usual
> handful of users we never see this error.
>
> The hardware on this server is nothing special (256M RAM on a Pentium
> 3 I think, under FreeBSD 4.8) but it's extremely well-connected, with
> a 100 Mb Ethernet the slowest thing between the CPU and major
> backbones.
>
> Is this reasonable performance? Or should I be looking for something wrong?
>
> Any suggestions would be appreciated.
>
> 73  -Paul
> kb5mu@...
>
>
> -------------------------------------------------------
> SF email is sponsored by - The IT Product Guide
> Read honest & candid reviews on hundreds of IT Products from real users.
> Discover which products truly live up to the hype. Start reading now.
> http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
> _______________________________________________
> Cqinet-general mailing list
> Cqinet-general@...
> https://lists.sourceforge.net/lists/listinfo/cqinet-general