> We've got a beefy server here that's crashed twice today. I dont know what
> the cause of the crash, but syslog reported "VFS: No free inodes - contact
> Linus" then a mix of SYN cookie warnings and inode warnings.
Hmmm, 2.0.30? Isn't there a known inode leak in 2.0.30? Have you tried
2.0.32 or 2.0.33?
> Specs:
> ALR revolution 6x6 (6x ppro200)
> 2.0.30
> tulip.c 0.77 (only one stable with smp, locked in at 100bT/FD)
> DPT 3334UW controller
> BusLogic BT-950
Nice kit!!
>
> syn/rst cookies on
I think RST cookies have been declared potentially buggy?
> always defrag
> filehandles patch
Hmmm, by "filehandles patch" do you mean 1,024 fd's per process? Certain
patches implementing this were _horribly_ broken. I would check this.
> ip_fragment.c patch (alan cox's and mount's)
>
>
> It looks like the VFS error came first, then the spew of SYN warnings and
> more VFS errors. Is this a problem with the filesyste? syn/rst cookies?
Possibly the VFS message killed the machine's userland processes, but left
the networking alive. The listen queues for the servers would then fill up
and cause the SYN warnings you see.
Of course the message (no free inodes) could be genuine, so remember you
can bump up the amount of system inodes and files by echo'ing things into
/proc/sys/kernel/*
> This system hosts ~3500 web sites and has _800_ ip aliases, so its a
> regular target of attacks (any one of 800 ips), but this is the most nasty
> crash it has experienced. This specific crash has happened twice in a
> month.
What a site! Out of interest what's the longest it's been up? And under
what sort of traffic load/load avg?!!
Chris
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu