Re: Moving /usr stopped wireless network!

From: Peter T. Breuer (ptb_at_oboe.it.uc3m.es)
Date: 10/06/03 

Date: Mon, 6 Oct 2003 23:49:33 +0200

Ed Murphy <emurphy42@socal.rr.com> wrote:
> On Mon, 06 Oct 2003 19:15:41 +0200, Peter T. Breuer wrote:

> > For example, I do not want the growth of log files to stop my mail
> > server. Therefore /var/log and /var/spool are now on different
> > partitions. Were this not so, somebody could stop my mail server by
> > pinging my machine continuously, thus registering an entry in the logs
> > from icmplog.

> Pay attention, Paul, because this is where Peter's viewpoint becomes
> absolutely right. A full partition seems like a loss *until* you
> encounter a situation where it prevented a more important partition
> from *also* becoming full.

Well, that's not the only rationale, as you know. But thanks.

> Mind you, you should also look into configuring a size-based logrotate
> if you're dealing with a mission-critical server situation like this.

Logrotate only runs once a day. And it needs extra space in the log
partition in order to compress the logs, so it can actually contribute
to such a problem, snookering itself. There is no effective defense
against unexpected log growth except sending them all off disk.
Somebody should build some more intelligence into syslogd.

Mind you, sending them off disk doesn't always work either, because
they can stuff the secondary node, taking it down or stopping its
mailer, which then starts to emit messages asking for help, or other
machines start to ask for help in talking to it, and the mail messages
bounce to your MX ... owwwww. If that goes off air, the secondaries
will take the mails, and their secondaries, and then you are doomed
to days of receiving mails at thousands per hour as the queues empty
around the universe.

Even an intermittent ethernet problem can trigger thousands of mails
from arpwatch, complaining. If you have two hundred machines on your
class C, each of them yelling, the result is catastrophic. They can
saturate the net and take out your MX, generating more error messages
and mail bounces ...

> I only have three partitions myself, because that's how it was
> pre-installed; but it doesn't get nearly enough usage to matter. I'm
> barely over 20% disk usage. My music collection is about 2% of the
> size of the disk. Four weeks worth of logs are less than 0.1%. I

My incoming MX is a P100! With immensely expensive scsi disks of about
8GB each :-). As you can imagine, it is immensely reliable. It has no
fan on board - not even a heat sink! It has daemons that monitor other
daemons ... the whole thing will reboot itself via a softwatchdog if
it gets into impossible trouble. Yes, it has been going since P100s
were state of the art.

It probably has about 30 partitions. I'm not sure ... a lot of them are
softraided together in different combos, for different reasons, to
guarantee recovery if one disk dies. It used to support about 100 users
as well, but nowadays it's just handling mail and dns and NIS and DHCP.
Yes - that means it has tftpboot partitions.

> also receive e-mail through my ISP and pull it down with fetchmail,
> lest I risk losing e-mail during downtimes (rare but possible).

Your ISP will probably helpfully delete your mail if you don't do it
yourself :-).

Let me not mention those horrible dictionary spam attacks. I am not
allowed to dump the mail directly - instead I have to devote one
machine to collecting mail for people who dont exist.

Peter

Relevant Pages

  • Re: Big-disk woes
    ... Or read up on LVM. ... > heavy logging for your webserver or mail server, ... And check for free disk space _before_ intalling new software. ... grow my partitions as needed till I "correct" things -- ain't ...
    (comp.os.linux.setup)
  • Re: Disk configuration
    ... These days I'm creating 16-20GB OS partitions and leaving the rest for other ... possibly do a simple 5 disk RAID5 and survive. ... have the transaction logs and dbs on the same spindles though. ... >> You could do the OS on a mirror, logs on a separate mirror volume, ...
    (microsoft.public.exchange.setup)
  • Re: migrate to new system disk
    ... I have the following partitions: ... I would like to add a new IDE disk between say 160GB and 250GB, ... my mail server would be dead in the water. ...
    (Debian-User)
  • Re: Moving /usr stopped wireless network!
    ... somebody could stop my mail server by ... I only have three partitions myself, ... Four weeks worth of logs are less than 0.1%. ... lest I risk losing e-mail during downtimes. ...
    (comp.os.linux.misc)
  • LVM on SW RAID for sarge - success
    ... I've just had success migrating Debian Sarge to root on LVM on RAID. ... First make sure the SCSI BIOS boots from the first disk. ... I made reiserfs on all the filesystem partitions and completed the ... The remaining two disks were partitioned and used to create RAID arrays ...
    (Debian-User)