[PATCH] : sock_writable not appropriate for TCP sockets
hi marcelo-
[ i sent this patch August 30 against 20-pre5, and it appears to have been
dropped. this is an important performance fix that should be included in
2.4.20. i apologize for not tracking this more closely. ]
sock_writeable determines whether there is space in a socket's output
buffer. socket write_space callbacks use it to determine whether to wake
up those that are waiting for more output buffer space.
however, sock_writeable is not appropriate for TCP sockets. because the
RPC client's write_space callback uses it for TCP sockets, the RPC layer
hammers on sock_sendmsg with dozens of write requests that are only a few
hundred bytes long when it is trying to send a large write RPC request.
this patch adds logic to the RPC layer's write_space callback that
properly handles TCP sockets.
patch reviewed by Trond, Alexey, and DaveM, and already accepted in 2.5.
I wonder if I can get the name changed from Linux to Evilix by sending a patch to Marcelo and just mentioning that Trond, Alexey and DaveM have reviewed it and it's already in 2.5...;)
Have a look at this device. Not quality of service, but guarantee of service. Very cool.
The FlowFusion 2M and 5M are U4EA's first commercial hardware products to simultaneously manage all three of the factors affecting multi-service networks - throughput, loss and delay.
While others have addressed bandwidth, U4EA has developed the GoS solution that allows network managers to manage packet delay and device buffers, as well as to isolate problematic streams to avoid random packet loss. Critical applications are guaranteed bandwidth - up to 2 Mbit/s (FlowFusion 2M) and up to 5 Mbit/s (FlowFusion 5M) at the WAN interface - and Quality of Service (QoS), even during extended periods of network overload.
The FlowFusion units are typically installed between an office LAN and the WAN access equipment via two fast Ethernet ports, and can stand alone or be rack mounted.
The network administrator is able to define treatment parameters for each application so that mission-critical applications get the exact resources when needed, while maintaining the WAN resource at near 100% utilisation. For the first time, mixed networks can achieve maximum efficiency through a single connection, accelerating the deployment of converged services like VoIP and online videoconferencing.
Contrary to popular belief, it isn't impossible to run IIS and not get hacked.
We ran about 30 of them, and if you are clever about it, you can do all kinds of things to keep the bugs out.
Step 1. Remove all mappings apart from asp.dll
Step 2. Keep web content on a different drive to the system (thus negating../../../cmd.exe stuff)
Step 3. Disable, and never use the default website.
With those 3 things, you don't get affected by about 60% of the bugs.
Add things like making all the static content read only, and only allowed a certain secured firewalled server to update the DBs, and you're almost there.
Disallowed any net connections originated by the webservers (with exceptions of course) and you rule out strange shells making connections to IRC servers, etc.
The only other thing is then to STAY PATCHED.
Having said what I've said, I wouldn't like to do it again. Keeping those things secure took up so much of my time. Should it be a full time job to keep webservers running securely?
rpm --freshen -vah apache*.rpm anyone?
Now I have lots more time to do more interesting things;)
In other news the BBC encourages you not to anger a mobster with a loaded gun.
Are you suggesting that Microsoft is a mobster with a loaded gun?:o)
The Microsoft Emergency Armed Lawyer Response team are donning their black face masks now, and are climbing into unusually quiet helicopters....
They know where you live, you know..:)
How long until some company puts up huge TVs every 100 metres all showing the same TV show, and has the audio on a set radio channel? That way, you could watch something as you drive. Cos let's face it, driving a long way (if you don't have any passengers) is boring.
Stock RedHat install on an old machine. Not sure what you're doing wrong. You did configure a swap partition, didn't you;)
I do find that ext3 is damn slow. I use ext2 for/boot and reiserfs for everything else.
The thing is, I don't have the time to implement Linux,
What do you mean, implement it?!! It virtually installs itself! Head off to some mirror, and burn some Redhat 8.0 ISOs to CD, and stop using lame excuses.
A fun experiment... Would be to track the credit cards of people that protest the Virtual McDonalds...
Hey, er, yes, I think this will work - come on all you Slashdotters moaning about this - email me your credit card details, and, er, I'll be sure to forward them on to evil.tracking.system@macdonalds.com so they can pounce should you ever buy any merchandise from one of their shops with the same credit card.
No, really, I think it's a good idea, and it'd really work - do it....
We had a guy at a place I worked at that was really worried about an asteroid hit. I got some of the people there to knock up a spoof BBC News home page, with a really big story that the end of the world was only about 36 hours away, and added a little tiny weeny DNS entry pointing at the box that was hosting the "site", and waited.
--Joey
--Signature-- Compustore.com/linux%20pc.htm is home of the $325 dollar computer (runs mandrake)
Sorry Joey, not sure if you run Compustore or not - but having a space (%20) in a URL, and making it.htm rather than.html shows they don't know even the basics about making a website. Made with FrontPage, anyone?
280,000,000 * $500 + n * $5 (where n is large an undetermined...)
You should parenthesise to remove abiguity:
(280,000,000 * $500) + (n * $5) (where n is large an undetermined...)
The first thing we did at school when we had a chance to go on the "computer" was to try and find our houses on it.
Oh, and of course you'd explore peoples houses, to see if you could see women in the showers.
Shit never changes....
Cue all the people telling us why it's better than MySQL.
So - why it it then?
Ask yourself the question.
Would you pay £4 ($6) per half-megabyte for GPRS in the UK?
I wouldn't. I don't.
Normal people just don't want to pay that much.
"Microsoft heeft diverse makers van software met in de naam 'Windows' gevraagd om een andere naam te kiezen."
:)
Microsoft has diverse makers of software with in their name Windows asked them an other name to choose.
I'm English and I could work that out. Put some imagination into it, eh?
[PATCH] : sock_writable not appropriate for TCP sockets
hi marcelo-
[ i sent this patch August 30 against 20-pre5, and it appears to have been dropped. this is an important performance fix that should be included in 2.4.20. i apologize for not tracking this more closely. ]
sock_writeable determines whether there is space in a socket's output buffer. socket write_space callbacks use it to determine whether to wake up those that are waiting for more output buffer space.
however, sock_writeable is not appropriate for TCP sockets. because the RPC client's write_space callback uses it for TCP sockets, the RPC layer hammers on sock_sendmsg with dozens of write requests that are only a few hundred bytes long when it is trying to send a large write RPC request. this patch adds logic to the RPC layer's write_space callback that properly handles TCP sockets.
patch reviewed by Trond, Alexey, and DaveM, and already accepted in 2.5.
I wonder if I can get the name changed from Linux to Evilix by sending a patch to Marcelo and just mentioning that Trond, Alexey and DaveM have reviewed it and it's already in 2.5...
I'm British and I have absolutely no idea what you mean by "redacted out".
In other news, London is covered in fog all the time, it never gets hot in the UK, and Sherlock Holmes is close to catching Jack the Ripper.
Have a look at this device. Not quality of service, but guarantee of service. Very cool.
. pdf
The FlowFusion 2M and 5M are U4EA's first commercial hardware products to simultaneously manage all three of the factors affecting multi-service networks - throughput, loss and delay.
While others have addressed bandwidth, U4EA has developed the GoS solution that allows network managers to manage packet delay and device buffers, as well as to isolate problematic streams to avoid random packet loss. Critical applications are guaranteed bandwidth - up to 2 Mbit/s (FlowFusion 2M) and up to 5 Mbit/s (FlowFusion 5M) at the WAN interface - and Quality of Service (QoS), even during extended periods of network overload.
The FlowFusion units are typically installed between an office LAN and the WAN access equipment via two fast Ethernet ports, and can stand alone or be rack mounted.
The network administrator is able to define treatment parameters for each application so that mission-critical applications get the exact resources when needed, while maintaining the WAN resource at near 100% utilisation. For the first time, mixed networks can achieve maximum efficiency through a single connection, accelerating the deployment of converged services like VoIP and online videoconferencing.
http://www.u4eagroup.com/pdf/data%20sheet;%206844
What happens when someone starts using that free connection to hack people/companies?
Or are there lots of cameras in the parks with automatic facial recognition?
Yeah, what is it about mortgages, and spam?
Do people ever buy the most expensive thing in their life with a loan from someone they don't know that sent them a random email?
I know there are dumb people out there, but are there any that dumb?
Basil Iwanyk is not a neo-Nazi.
;) Oh, if only that "y" would disappear... :)
No, but he does have a very funny surname
Ahem, what's your IP address....? ;)
Of course, capitalise one of the letters, and fling in a little dash of puctuation somewhere, and it'll be x^n times hard to guess...
Contrary to popular belief, it isn't impossible to run IIS and not get hacked.
../../../cmd.exe stuff)
;)
We ran about 30 of them, and if you are clever about it, you can do all kinds of things to keep the bugs out.
Step 1. Remove all mappings apart from asp.dll
Step 2. Keep web content on a different drive to the system (thus negating
Step 3. Disable, and never use the default website.
With those 3 things, you don't get affected by about 60% of the bugs.
Add things like making all the static content read only, and only allowed a certain secured firewalled server to update the DBs, and you're almost there. Disallowed any net connections originated by the webservers (with exceptions of course) and you rule out strange shells making connections to IRC servers, etc.
The only other thing is then to STAY PATCHED.
Having said what I've said, I wouldn't like to do it again. Keeping those things secure took up so much of my time. Should it be a full time job to keep webservers running securely?
rpm --freshen -vah apache*.rpm anyone?
Now I have lots more time to do more interesting things
In other news the BBC encourages you not to anger a mobster with a loaded gun. :o)
:)
Are you suggesting that Microsoft is a mobster with a loaded gun?
The Microsoft Emergency Armed Lawyer Response team are donning their black face masks now, and are climbing into unusually quiet helicopters....
They know where you live, you know..
How long until some company puts up huge TVs every 100 metres all showing the same TV show, and has the audio on a set radio channel? That way, you could watch something as you drive. Cos let's face it, driving a long way (if you don't have any passengers) is boring.
Seriously, assuming that you had the resources to build a large cluster, what would you do with it?
And I'm hoping I won't get the obligatory "pr0n collection" jokes.
[calum@host calum]$ cat /proc/cpuinfo | grep MHz
;) /boot and reiserfs for everything else.
cpu MHz : 334.096
[calum@host calum]$ free -m
total used free shared buffers cached
Mem: 249 240 9 0 22 102
-/+ buffers/cache: 114 134
Swap: 509 58 451
[calum@host calum]$ rpm -qa | grep kdebase
kdebase-3.0.3-13
[calum@host calum]$ uname -r
2.4.18-18.8.0
Stock RedHat install on an old machine. Not sure what you're doing wrong. You did configure a swap partition, didn't you
I do find that ext3 is damn slow. I use ext2 for
The thing is, I don't have the time to implement Linux,
What do you mean, implement it?!! It virtually installs itself! Head off to some mirror, and burn some Redhat 8.0 ISOs to CD, and stop using lame excuses.
A fun experiment... Would be to track the credit cards of people that protest the Virtual McDonalds...
Hey, er, yes, I think this will work - come on all you Slashdotters moaning about this - email me your credit card details, and, er, I'll be sure to forward them on to evil.tracking.system@macdonalds.com so they can pounce should you ever buy any merchandise from one of their shops with the same credit card.
No, really, I think it's a good idea, and it'd really work - do it....
We had a guy at a place I worked at that was really worried about an asteroid hit. I got some of the people there to knock up a spoof BBC News home page, with a really big story that the end of the world was only about 36 hours away, and added a little tiny weeny DNS entry pointing at the box that was hosting the "site", and waited.
;)
Oh the laughter from the IT dept...
echo y | format c: might work better?
Or ::1 if you're trying the "new stuff" ;)
More like, "If you run windows, click on this harmless link...." ;)
--Joey --Signature-- Compustore.com/linux%20pc.htm is home of the $325 dollar computer (runs mandrake)
.htm rather than .html shows they don't know even the basics about making a website. Made with FrontPage, anyone?
Sorry Joey, not sure if you run Compustore or not - but having a space (%20) in a URL, and making it
Why not set up a fake address (somespammer@obl.org) or some blackhole list?
Then simply block all IP addresses/ranges that send email to this.
Add to webpages, sigs, newsgroup posts, and wait.
Obviously it means that we all have to use some blocking method on our mailservers.