Hi all,
I wish to set up sending email from my vps - and I have been testing
php's mail facility.
Mail to two of my addresses (@googlemail.com, and @ntlworld.com) work
just fine. Three out of three got through - all within 2 or 3 seconds.
Mail to my preferred address - this one - is not being delivered,
although the call to mail returns true. (three out of three lost).
I wish to know why.
The server handling my incoming mail, is running on my firewall, with a
"dynamic" IP address, and thus the IP is in various black lists. Could
this be the reason for the non-delivery? Seems a long-shot to me. Why
should bitfolk care?
Any other reason I could check out?
Regards - and thanks for you input.
Ian
Hi,
I've been fielding a number of questions on this subject so I
thought it was best to give an update.
After the hardware upgrades earlier in the month it became apparent
that not all machines were seeing all the RAM. In fact, it was
looking pretty bleak:
Host Previous RAM New RAM Recognised
config. config. RAM
--------------------------------------------------
corona 4x2G 4x2G 8G
curacao 4x2G 2x4G, 4x2G 16G
kahlua 2x4G, 4x2G 4x4G, 4x2G 16G
kwak 4x2G, 4x1G 4x4G, 4x2G 16G
obstler 6x2G 2x4G, 6x2G 16G
That's 20G missing out of 40G purchased.
At the time it was fairly obviously a software issue and in any case
we did end up with more RAM than I started with, so I left the RAM
installed and carried on with the work.
Further research reveals that 32bit Xen is limited to 16G RAM even
in PAE[1] mode. This was a surprise to me - my understanding of PAE
was that it would allow up to 64G RAM to be used, and indeed that is
how it works in Linux. But Xen is not Linux (the Xen hypervisor
boots Linux, but it's not Linux). There is no possibility of making
32bit Xen see more than 16G RAM unless someone in the community
writes that functionality.
Why does Bitfolk even use 32bit software when all the servers are
64bit-capable? Well, it is actually only since islay was removed at
the last datacentre visit that all hosts became 64bit-capable, but
the main reason was that for a long time 32bit seemed the most
stable and offered the most stable choice of guest operating
systems. While all the supported Xen guests do have 64bit releases,
not all of these were of the same quality as their 32bit
counterparts. And running 32bit guests on a 64bit Xen host has only
been possible relatively recently. Finally, there is no real
performance gain going 64bit on a server as small as the typical
VPS. It will actually be worse, as processes use more memory under
64bit.
These decisions were due for a rethink soon though, and for the next
set of servers I had already decided to go 64bit Debian Lenny or
Ubuntu Hardy, while keeping 32bit guests.
So, in order to use the full RAM that has been installed, a 64bit
hypervisor is necessary. As I say, all the servers are
64bit-capable, and I've been advised that the hypervisor and Xen
kernel from Debian Lenny are stable when running 32bit guests on
64bit hypervisor.
My plan at the moment, therefore, is to go to that configuration on
the new server that I installed at the last visit: faustino. Over
the next couple of days I will be moving some of my own and Bitfolk
infrastructure VPSes onto this server as a means of testing its
stability.
Provided that goes well, then next week I would like to step up the
testing by putting customer VPSes onto it. I'm looking for a few
volunteers for that. It will involve a shutdown, 10-15 minutes of
downtime then being booted on the new server. As reward for
volunteering I'm offering a week of free service and the promised
120M RAM upgrade when booted on faustino. Please drop an email to
support(a)bitfolk.com if you'd like to volunteer for this.
I want to be very careful about doing this fairly radical
configuration change on existing stable servers each of which is
holding 30-50 customers, but until I do it I can't give the RAM
upgrade. Most of the existing servers are full in terms of IO
capacity so I do not need to do this for any reason other than to
give you the extra RAM. Therefore, my judgement call is on the side
of caution and I am not going to change configuration for at least a
month, in order to do sufficient testing on the new server.
If you want the RAM upgrade before this then you are going to have
to be moved to the new server.
Provided I get enough volunteers and of course depending on things
being stable, then probably towards the end of next week I will
alter the web site to reflect the RAM upgrade and new customers will
also go onto the new server.
Finally, when the time comes that I'm satisfied that the
configuration on faustino is stable, I will install the same
software on all existing servers. On each server in turn I will:
- Install the new hypervisor and kernel
- Update VPS configurations to have the additional RAM
- Shut down every VPS on that server
- Reboot the server into the new hypervisor/kernel and confirm it
sees the full amount of RAM
- Start up every VPS on that server
I will most likely do that one server per night at 1AM GMT or
something.
So, that's the plan for all this. I'm sorry that it hasn't been as
simple as originally planned, but the PAE thing was rather
unexpected.
I hope that by including volunteers in the testing process and
offering the RAM upgrade with it that it will be a suitable
compromise for both adventurous people who need the extra RAM, and
cautious people who prefer to stay with the stability known prior to
this month. Not that I would even be contemplating this if I
thought it wasn't going to be stable, but there is always risk!
If you have any further questions, feel free to ask on- or off-list.
Cheers,
Andy
[1] http://en.wikipedia.org/wiki/Physical_Address_Extension
--
http://bitfolk.com/ -- No-nonsense VPS hosting
Encrypted mail welcome - keyid 0x604DE5DB
My VPS seems have been also targeted as an unwitting participant in
this attack ...
http://www.merit.edu/mail.archives/nanog/msg14471.html
cod:~# tshark "port domain and (host ns.isprime.com or host ns2.isprime.com)"
Capturing on eth0
0.000000 66.230.160.1 -> 212.13.194.x DNS Standard query NS <Root>
1.142336 66.230.160.1 -> 212.13.194.x DNS Standard query NS <Root>
1.611227 66.230.128.15 -> 212.13.194.x DNS Standard query NS <Root>
2.521652 66.230.160.1 -> 212.13.194.x DNS Standard query NS <Root>
3.615401 66.230.128.15 -> 212.13.194.x DNS Standard query NS <Root>
5.481957 66.230.160.1 -> 212.13.194.x DNS Standard query NS <Root>
5.622538 66.230.128.15 -> 212.13.194.x DNS Standard query NS <Root>
... I think you get the idea.
Until I firewalled [1] these hosts from my DNS server, I was bouncing
back failures to the (legitimate) hosts; apparently the incoming
packets are being spoofed to over 750,000 DNS servers causing the
"real" hosts to get DOS'd by the failure responses (5Gbit of traffic
:S).
Not sure if any one else is experiencing the same issue, (I only
noticed as I run an iftop for other reasons).
~Mat
--
[1]
# iptables -I 1 INPUT -p udp --dport domain -s ns2.isprime.com -j DROP
# iptables -I 1 INPUT -p udp --dport domain -s ns.isprime.com -j DROP
Hi,
I'm afraid that obstler seems to have entered some sort of kernel
deadlock; new network connections and logins can't be initiated, nor
VPSes started, so I am going to have to reboot it shortly.
Apologies for the inconvenience.
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting
Encrypted mail welcome - keyid 0x604DE5DB
Hi,
One day in January between Saturday 10th and Sunday 18th inclusive I
intend to be taking down all BitFolk servers in turn to perform a
memory upgrade and some other work. It shouldn't take more than
about 30 minutes per server.
This will be followed by an increase of RAM allocated to each plan,
i.e. a free RAM upgrade. I do not know exactly how much yet. [1]
I will clarify the exact date as soon as possible.
Other work that will be taking place:
- Upgrade of hypervisor, since the version in use on kahlua seems to
have fixed a couple of annoying bugs that the others still have [2]
- Switch to high efficiency PSUs where possible
- Accurate power draw measurements for each server
- islay.bitfolk.com will be replaced by newer hardware
Cheers,
Andy
[1] For all paying customers, unless for some reason we have agreed
otherwise. Will likely be in the region of 120 - 240M.
[2] Notably:
- the one where if you reboot sometimes, then the VM comes back
with no networking; and
- the very intermittent one where after transferring ~3.7GiB of
data, a VM will lose all networking and have to be rebooted.
--
http://bitfolk.com/ -- No-nonsense VPS hosting
Encrypted mail welcome - keyid 0x604DE5DB
I know some the list members here pooh pooh Drupal, check out http://buytaert.net/tag/drupal-sites and relent....
> From:: John Morgan Salomon <john(a)zog.net>
> To: users(a)lists.bitfolk.com
> Subject: [bitfolk] Specs & Performance Question
> Date: Thu, 25 Dec 2008 16:47:10 +0100
> Hi there,
>
> I'm in the process of setting up a fairly basic Apache2/mod-ssl/mysql5/
> Drupal ecommerce site, and am seeing fairly horrid RAM performance on
> my VPS.
>
> I am working on figuring out my Drupal/Apache configuration issues (of
> which there are several), but while I can probably get the memory
> usage to somewhat tolerable levels, I would be grateful to hear from
> people who have similar setups what sort of minimum memory specs you
> recommend for 5-10 Apache processes? I have no problem figuring out
> what 'd theoretically need, but it would be very cool if anyone could
> share their real-life experience on what they'd recommend to be safe.
>
> Thanks,
>
> -John
>
> _______________________________________________
> users mailing list
> users(a)lists.bitfolk.com
> https://lists.bitfolk.com/mailman/listinfo/users
Hi,
I was hoping to provide a centralised clamav service -- something
that has been repeatedly asked for -- but I've hit a bit of a road
block.
I can't be having clamav on just one host, and most clamav clients
don't support multiple IPs to round robin, so I'd like to load
balance it.
The problem is that clamav appears to expect the clients to send the
file data by a separate TCP stream, the port for which it tells the
client in response to a command the client gives. This is similar
to FTP.
It means I can't see a way to know which ports to open in the
firewall, and worse still, the daemon only responds with a port not
an IP, which is no good in a load balanced scenario since all the
clients are talking to the load balancer.
The only thing I can think of is configuring each clamav box to use
a different port range and mapping all those ports on the load
balancer to the correct boxes. That's really horrible. Anyone got
any better ideas?
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting
Encrypted mail welcome - keyid 0x604DE5DB
I want to start sending text messages from a cron job - does anyone already
do this and do you have any hints or recommendations for technologies or
providers? I'd only want to send a dozen or so a month, so I'm hardly a
bulk user
Cheers
James
Make sure the following is done:
Note: We recommend disabling the InnoDB storage engine in MySQL. If you use InnoDB, recovering from an unexpected system restart will be more difficult. You can disable InnoDB by including a line that says skip-innodb underneath the 'datadir' line in your .my.cnf file.
> From:: Andy Smith <andy(a)bitfolk.com>
> To: users(a)lists.bitfolk.com
> Subject: Re: [bitfolk] Specs & Performance Question
> Date: Fri, 26 Dec 2008 00:26:54 +0000
> Hi John,
> On Thu, Dec 25, 2008 at 04:47:10PM +0100, John Morgan Salomon wrote:
> > I am working on figuring out my Drupal/Apache configuration issues (of
> > which there are several), but while I can probably get the memory
> > usage to somewhat tolerable levels, I would be grateful to hear from
> > people who have similar setups what sort of minimum memory specs you
> > recommend for 5-10 Apache processes? I have no problem figuring out
> > what 'd theoretically need, but it would be very cool if anyone could
> > share their real-life experience on what they'd recommend to be safe.
> Well, first up I have no direct experience of Drupal. However..
> The most important thing is to check you're not swapping. You
> should see how big the typical Apache child process is and then see
> how many of those you can fit in your RAM, setting maxclients
> appropriately.
> As Duane said, if you can use Lighttpd instead of Apache then that
> will help.
> Also do not neglect your MySQL configuration:
> <a target="_blank"
> href='http://drupal.org/node/85768'>http://drupal.org/node/85768</a>
> Cheers
> Andy
> --
> <a target="_blank" href='http://bitfolk.com/'>http://bitfolk.com/</a> --
> No-nonsense VPS hosting
> Encrypted mail welcome - keyid 0x604DE5DB
> </pre><pre>_______________________________________________
> users mailing list
> users(a)lists.bitfolk.com
> https://lists.bitfolk.com/mailman/listinfo/users
Hi,
Effective immediately, data transfer allowance per month has been
increased by 50%. Also the cost of data transfer overage has been
reduced by 25% to £1.50/10GB/mo.
Happy new year!
Andy
(*) Some customers already got a free 50% extra data transfer quota
a while back for being loyal customers for a year+. I'm afraid
you're not getting anything extra this time; everyone else is
just catching up with you!
--
http://bitfolk.com/ -- No-nonsense VPS hosting
Encrypted mail welcome - keyid 0x604DE5DB