OS: SuSE 9.1 (Fully patched) WE are trying to run two bridging firewalls using 9.1 and Shorewall but the systems keep dying. They apparently just crash with nothing in the syslogs or displayed on the console. We are filtering packets for a T1 running at 1/2 to 3/4 capacity. We have tried both Athlons and Pentiums with up to 1Gb RAM and running nothing else. The only system to stand up is an old 750 MHz Athlon with 512Mb RAM and most logging turned off. (It did go down when we were logging packets during a heavy syn flood attack but has stayed up with logging turned off.) The only difference between the two installations is the 750Mhz Athlon system has had all graphical stuff stripped out. It was originally installed with minimal KDE graphics but I have removed all that including X11 (as opposed to installing from scratch without the graphical stuff). 1. Could the presence of the graphical subsystems somehow cause a problem like this? 2. Is there someway to make the OS record its final moments before crashing? I am used to Unix which basically dumped a memory image to the dump device which we had an option of saving on reboot. Once saved, we could then inspect the various kernel data structures including an in memory "panic" message log which usually recorded quite a bit of useful information. Is there a similar faciltiy available in Linux? Meanwhile, I am going to reinstall minimal systems on two Athlon 2.5Ghz systems (all new hardware) and see if that makes a difference. Thank you, Lucky Leavell
On Friday, 8 October 2004 00.43, Lucky Leavell wrote:
OS: SuSE 9.1 (Fully patched)
WE are trying to run two bridging firewalls using 9.1 and Shorewall but the systems keep dying. They apparently just crash with nothing in the syslogs or displayed on the console. We are filtering packets for a T1 running at 1/2 to 3/4 capacity. We have tried both Athlons and Pentiums with up to 1Gb RAM and running nothing else. The only system to stand up is an old 750 MHz Athlon with 512Mb RAM and most logging turned off. (It did go down when we were logging packets during a heavy syn flood attack but has stayed up with logging turned off.)
The only difference between the two installations is the 750Mhz Athlon system has had all graphical stuff stripped out. It was originally installed with minimal KDE graphics but I have removed all that including X11 (as opposed to installing from scratch without the graphical stuff).
1. Could the presence of the graphical subsystems somehow cause a problem like this?
Not just by having them installed, no. But if it was running at the time, yes. The graphics is the single most common source of crashes in linux.
2. Is there someway to make the OS record its final moments before crashing? I am used to Unix which basically dumped a memory image to the dump device which we had an option of saving on reboot. Once saved, we could then inspect the various kernel data structures including an in memory "panic" message log which usually recorded quite a bit of useful information. Is there a similar faciltiy available in Linux?
You might want to look at the lkcd.sourceforge.net project, and the kdb kernel debugger. You might also want to look at setting up a serial console, which can grab "last minute" error message
On Fri, 2004-10-08 at 00:55, Anders Johansson wrote:
On Friday, 8 October 2004 00.43, Lucky Leavell wrote:
OS: SuSE 9.1 (Fully patched)
WE are trying to run two bridging firewalls using 9.1 and Shorewall but the systems keep dying. They apparently just crash with nothing in the syslogs or displayed on the console. We are filtering packets for a T1 running at 1/2 to 3/4 capacity. We have tried both Athlons and Pentiums with up to 1Gb RAM and running nothing else. The only system to stand up is an old 750 MHz Athlon with 512Mb RAM and most logging turned off. (It did go down when we were logging packets during a heavy syn flood attack but has stayed up with logging turned off.)
The only difference between the two installations is the 750Mhz Athlon system has had all graphical stuff stripped out. It was originally installed with minimal KDE graphics but I have removed all that including X11 (as opposed to installing from scratch without the graphical stuff).
1. Could the presence of the graphical subsystems somehow cause a problem like this?
Not just by having them installed, no. But if it was running at the time, yes. The graphics is the single most common source of crashes in linux.
2. Is there someway to make the OS record its final moments before crashing? I am used to Unix which basically dumped a memory image to the dump device which we had an option of saving on reboot. Once saved, we could then inspect the various kernel data structures including an in memory "panic" message log which usually recorded quite a bit of useful information. Is there a similar faciltiy available in Linux?
You might want to look at the lkcd.sourceforge.net project, and the kdb kernel debugger. You might also want to look at setting up a serial console, which can grab "last minute" error message
This surprises me... You might want to turn off the graphical on the AMDs to see if it is that... I use SuSE 9.1 as a Firewall, Router, antivirus, NFS, Samba, Print server, Music server, Domain server, VNC Server, X_WIndows server, Mail Server, etc... I work remote (on the server), and Remote thru the server all day long... And I've been doing this since 9.1 came out.... I have never gotten a crash (once I got past the SATA disk stuff).... Did you do the YOU updates? Jerry
On Fri, 8 Oct 2004, Jerome R. Westrick wrote:
You might want to turn off the graphical on the AMDs to see if it is that...
I assume this would be in the BIOS? Could you be more specific? Is there a guide somewhere as to the best/safest BIOS settings for Linux?
Did you do the YOU updates?
Yes, frequently. Thank you, Lucky Leavell
On Fri, 8 Oct 2004, Lucky Leavell wrote:
On Fri, 8 Oct 2004, Jerome R. Westrick wrote:
You might want to turn off the graphical on the AMDs to see if it is that...
I assume this would be in the BIOS? Could you be more specific? Is there a guide somewhere as to the best/safest BIOS settings for Linux?
BTW, the motherboard is an ASUS A7N8X-X. Thank you, Lucky Leavell
The Friday 2004-10-08 at 06:35 -0400, Lucky Leavell wrote:
On Fri, 8 Oct 2004, Jerome R. Westrick wrote:
You might want to turn off the graphical on the AMDs to see if it is that...
I assume this would be in the BIOS? Could you be more specific? Is there a guide somewhere as to the best/safest BIOS settings for Linux?
I think he means starting in runlevel 3. -- Cheers, Carlos Robinson
On Fri, 8 Oct 2004, Jerome R. Westrick wrote:
On Fri, 2004-10-08 at 00:55, Anders Johansson wrote:
On Friday, 8 October 2004 00.43, Lucky Leavell wrote:
OS: SuSE 9.1 (Fully patched)
WE are trying to run two bridging firewalls using 9.1 and Shorewall but the systems keep dying. They apparently just crash with nothing in the syslogs or displayed on the console. We are filtering packets for a T1 running at 1/2 to 3/4 capacity. We have tried both Athlons and Pentiums with up to 1Gb RAM and running nothing else. The only system to stand up is an old 750 MHz Athlon with 512Mb RAM and most logging turned off. (It did go down when we were logging packets during a heavy syn flood attack but has stayed up with logging turned off.)
The only difference between the two installations is the 750Mhz Athlon system has had all graphical stuff stripped out. It was originally installed with minimal KDE graphics but I have removed all that including X11 (as opposed to installing from scratch without the graphical stuff).
1. Could the presence of the graphical subsystems somehow cause a problem like this?
Not just by having them installed, no. But if it was running at the time, yes. The graphics is the single most common source of crashes in linux.
2. Is there someway to make the OS record its final moments before crashing? I am used to Unix which basically dumped a memory image to the dump device which we had an option of saving on reboot. Once saved, we could then inspect the various kernel data structures including an in memory "panic" message log which usually recorded quite a bit of useful information. Is there a similar faciltiy available in Linux?
You might want to look at the lkcd.sourceforge.net project, and the kdb kernel debugger. You might also want to look at setting up a serial console, which can grab "last minute" error message
I have installed lkcd on both bridges but haven't configured it yet. (It was on the 9.1 CD/DVDs and also available for 9.0.)
You might want to turn off the graphical on the AMDs to see if it is that... I use SuSE 9.1 as a Firewall, Router, antivirus, NFS, Samba, Print server, Music server, Domain server, VNC Server, X_WIndows server, Mail Server, etc...
Just a quick update: One of the bridges crashed again last night. It was the one with no graphical stuff even installed. The other bridge has all the GUI stuff installed but turned off by changing the runlevel to 3. I did find an article in the SuSE knowledge base applicable to 9.0 which indicates the 'desktop' parameter in the loot loader configuration can cause instability. The system that crashed still had this parameter (note past tense) while the system that did not crash did not. Hopefully, this is the answer ... will keep you posted. Meanwhile the 9.1 system used as a mail server with antivirus, antispam has never crashed and it has both the graphical stuff installed and running and the 'desktop' parameter in place. Again, perhaps iptables stresses the system more or in a different way ... Thank you, Lucky Leavell
participants (4)
-
Anders Johansson -
Carlos E. R. -
Jerome R. Westrick -
Lucky Leavell