PDA

Archiv verlassen und diese Seite im Standarddesign anzeigen : root-server lahmt



[MORD]Locutus
07.01.08, 19:13
Hi Leute, ich brauche eure Hilfe.
Also wir haben einen root-server bei Netdirekt mit debian (installiert war 3.1, nach nem apt-get dist-upgrade ist jetzt 4.0 drauf).
CPU is 733er Pentium
Ram sind 256
HDD: 10GB
PHP version is 5.
MySQL Version: 5.0.32-Debian_7etch4-log
MySQL-Client-Version: 4.0.24

CPU auslastung dümpelt immer so bei 4-10%, Ram bei 100MB und swap bei 0MB

Hier die Ausgabe von netstat -s

217-20-127-23:/etc# netstat -s
Ip:
190043 total packets received
0 forwarded
0 incoming packets discarded
189855 incoming packets delivered
197251 requests sent out
2 outgoing packets dropped
Icmp:
125 ICMP messages received
0 input ICMP message failed.
ICMP Eingabehistogramm:
destination unreachable: 100
timeout in transit: 2
echo requests: 23
194 ICMP messages sent
0 ICMP messages failed
ICMP Ausgabehistogramm:
destination unreachable: 171
echo replies: 23
Tcp:
217 active connections openings
10487 passive connection openings
8 failed connection attempts
2221 connection resets received
43 connections established
155200 segments received
159910 segments send out
8972 segments retransmited
7 bad segments received.
1055 resets sent
Udp:
34408 packets received
169 packets to unknown port received.
0 packet receive errors
37196 packets sent
TcpExt:
3016 resets received for embryonic SYN_RECV sockets
3044 TCP sockets finished time wait in fast timer
2838 delayed acks sent
11 delayed acks further delayed because of locked socket
Quick ack mode was activated 416 times
10403 packets directly queued to recvmsg prequeue.
5356210 of bytes directly received from prequeue
28932 packet headers predicted
1442 packets header predicted and directly queued to user
32032 acknowledgments not containing data received
24449 predicted acknowledgments
119 times recovered from packet loss due to SACK data
TCPDSACKUndo: 1
3 congestion windows recovered after partial ack
72 TCP data loss events
1 timeouts after reno fast retransmit
250 timeouts after SACK recovery
13 timeouts in loss state
168 fast retransmits
7 forward retransmits
141 retransmits in slow start
2118 other TCP timeouts
16 sack retransmits failed
458 DSACKs sent for old packets
1 DSACKs sent for out of order packets
5 DSACKs received
19 connections reset due to unexpected data
13 connections reset due to early user close
1099 connections aborted due to timeout


mich macht vorallem diese Zeile stutzig: 10487 passive connection openings
(hab gerade das Gefühl, dass der Server angegriffen wird)

Es läuft ein TS-Server (mit 6 "servern"), einige kleine private Webseiten und eine etwas größe mit ca 300 besuchern am tag und ner Datenbank-Größe von ca 6MB. In der regel hat der Server einen Traffic von 30-40GB im Monat
Der Server läuft so schon seid Jahren ohne große Probleme..
seid 2 Wochen ist die performance spürbar schlechter und seid 4 oder 5 Tagen sogar so schlecht, dass man im Firefox manchmal nen Timeout kriegt.

Wenn ich irgendeine Seite auf dem server aufrufe, dann braucht der server im Schnitt 1 minute bis er die seite aufgebaut hat. Egal ob das die "große" Website ist oder eine der kleineren privaten.

Ping und Traceroute sind ganz normal (sogar recht guter ping ^^).

Hat jemand eine Idee wieso der Server so lahm is?

MiGo
08.01.08, 01:15
was sagt "netstat -tulpen" dazu?
Interessant wäre auch die Ausgabe von "ps -faux".

[MORD]Locutus
08.01.08, 12:38
ps -faux:

217-20-127-23:~# ps -faux
Warning: bad ps syntax, perhaps a bogus '-'? See http://procps.sf.net/faq.html
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.3 1864 584 ? S Jan07 0:00 init [2]
root 2 0.0 0.0 0 0 ? S Jan07 0:00 [migration/0]
root 3 0.0 0.0 0 0 ? SN Jan07 0:00 [ksoftirqd/0]
root 4 0.0 0.0 0 0 ? S< Jan07 0:00 [events/0]
root 5 0.0 0.0 0 0 ? S< Jan07 0:00 \_ [khelper]
root 24 0.0 0.0 0 0 ? S< Jan07 0:00 \_ [kblockd/0]
root 44 0.0 0.0 0 0 ? S Jan07 0:00 \_ [pdflush]
root 45 0.0 0.0 0 0 ? S Jan07 0:01 \_ [pdflush]
root 47 0.0 0.0 0 0 ? S< Jan07 0:00 \_ [aio/0]
root 614 0.0 0.0 0 0 ? S< Jan07 0:00 \_ [kmirrord/0]
root 46 0.0 0.0 0 0 ? S Jan07 0:02 [kswapd0]
root 183 0.0 0.0 0 0 ? S Jan07 0:00 [kseriod]
root 312 0.0 0.0 0 0 ? S Jan07 0:06 [kjournald]
root 940 0.0 0.0 0 0 ? S Jan07 0:00 [khubd]
root 2088 0.0 0.4 2492 924 ? Ss Jan07 0:01 /sbin/syslogd -a /var/lib/named/dev/log
root 2094 0.0 0.2 1496 472 ? Ss Jan07 0:00 /sbin/klogd -x
root 2141 0.0 0.2 1664 476 ? S Jan07 0:00 /usr/sbin/courierlogger -pid=/var/run/courier/authdaemon/pid -start /usr/lib/courier/authlib
root 2142 0.0 0.2 1804 516 ? S Jan07 0:00 \_ /usr/lib/courier/authlib/authdaemond.plain
root 2144 0.0 0.3 2012 712 ? S Jan07 0:00 \_ /usr/lib/courier/authlib/authdaemond.plain
root 2145 0.0 0.3 2012 712 ? S Jan07 0:00 \_ /usr/lib/courier/authlib/authdaemond.plain
root 2146 0.0 0.3 2012 716 ? S Jan07 0:00 \_ /usr/lib/courier/authlib/authdaemond.plain
root 2147 0.0 0.3 2012 728 ? S Jan07 0:00 \_ /usr/lib/courier/authlib/authdaemond.plain
root 2148 0.0 0.3 2012 732 ? S Jan07 0:00 \_ /usr/lib/courier/authlib/authdaemond.plain
root 2222 0.0 0.5 2536 1104 ? S Jan07 0:00 /bin/sh /usr/bin/mysqld_safe
mysql 2259 0.0 9.1 134668 17496 ? Sl Jan07 0:04 \_ /usr/sbin/mysqld --basedir=/usr --datadir=/var/lib/mysql --user=mysql --pid-file=/var/ru
root 2260 0.0 0.2 1476 444 ? S Jan07 0:00 \_ logger -p daemon.err -t mysqld_safe -i -t mysqld
ntp 2497 0.0 0.8 4992 1576 ? Ss Jan07 0:00 /usr/sbin/ntpd -p /var/run/ntpd.pid -u 109:109 -g
daemon 2517 0.0 0.3 1744 664 ? Ss Jan07 0:00 /usr/sbin/atd
root 2524 0.0 0.5 2128 992 ? Ss Jan07 0:00 /usr/sbin/cron
root 2597 0.0 3.9 12248 7468 ? Ss Jan07 0:01 /root/ispconfig/httpd/bin/ispconfig_httpd -DSSL
1001 2607 0.0 5.7 15604 10920 ? S Jan07 0:11 \_ /root/ispconfig/httpd/bin/ispconfig_httpd -DSSL
1001 3093 0.0 5.6 16116 10812 ? S Jan07 0:15 \_ /root/ispconfig/httpd/bin/ispconfig_httpd -DSSL
root 2598 0.0 0.6 2504 1196 ? S Jan07 0:06 /bin/bash /root/ispconfig/sv/ispconfig_wconf
root 28814 0.0 0.2 1476 388 ? S 12:41 0:00 \_ sleep 10
1001 2934 0.0 0.4 2280 936 ? Ss Jan07 0:00 /home/admispconfig/ispconfig/tools/clamav/bin/freshclam -d -c 10 --datadir=/home/admispconfi
root 2959 0.0 0.2 1488 428 tty1 Ss+ Jan07 0:00 /sbin/getty 38400 tty1
root 2965 0.0 0.2 1488 448 tty2 Ss+ Jan07 0:00 /sbin/getty 38400 tty2
root 2966 0.0 0.2 1488 480 tty3 Ss+ Jan07 0:00 /sbin/getty 38400 tty3
root 2967 0.0 0.2 1488 480 tty4 Ss+ Jan07 0:00 /sbin/getty 38400 tty4
root 2968 0.0 0.2 1488 480 tty5 Ss+ Jan07 0:00 /sbin/getty 38400 tty5
root 3003 0.0 0.2 1488 480 tty6 Ss+ Jan07 0:00 /sbin/getty 38400 tty6
bind 11679 0.0 1.2 30384 2348 ? Ssl Jan07 0:00 /usr/sbin/named -u bind -t /var/lib/named
root 11821 0.0 0.8 4848 1668 ? Ss Jan07 0:00 /usr/sbin/sshd
root 26344 0.0 1.3 8564 2520 ? Ss 12:21 0:00 \_ sshd: user [priv]
user 26355 0.0 1.3 8568 2628 ? S 12:21 0:00 | \_ sshd: user@pts/1
user 26356 0.0 1.0 3528 1964 pts/1 Ss 12:22 0:00 | \_ -bash
root 28799 0.0 0.5 2764 1084 pts/1 S 12:40 0:00 | \_ su
root 28806 0.0 0.8 2988 1612 pts/1 S 12:41 0:00 | \_ bash
root 28815 0.0 0.5 2452 956 pts/1 R+ 12:41 0:00 | \_ ps -faux
root 26456 0.0 1.3 8564 2484 ? Ss 12:23 0:00 \_ sshd: matthias-schlich.de_hex [priv]
10011 26459 0.0 1.3 8732 2636 ? S 12:23 0:00 | \_ sshd: matthias-schlich.de_hex@notty
10011 26462 0.0 0.6 4220 1288 ? Ss 12:23 0:00 | \_ /usr/lib/openssh/sftp-server
root 26470 0.0 1.3 8564 2520 ? Ss 12:23 0:00 \_ sshd: matthias-schlich.de_hex [priv]
10011 26482 0.0 1.3 8728 2632 ? S 12:24 0:00 \_ sshd: matthias-schlich.de_hex@pts/2
10011 26483 0.0 0.9 3508 1868 pts/2 Ss 12:24 0:00 \_ -bash
root 26507 0.0 0.5 2760 1076 pts/2 S 12:24 0:00 \_ su
root 26527 0.0 0.8 2996 1652 pts/2 S+ 12:24 0:00 \_ bash
root 11916 0.0 0.4 2712 832 ? S Jan07 0:00 /usr/sbin/couriertcpd -pid=/var/run/courier/pop3d.pid -stderrlogger=/usr/sbin/courierlogger
root 11918 0.0 0.2 1664 452 ? S Jan07 0:00 /usr/sbin/courierlogger courierpop3login
root 11966 0.0 0.2 1668 412 ? S Jan07 0:00 /usr/sbin/courierlogger -pid=/var/run/courier/pop3d-ssl.pid -start -name=pop3d-ssl /usr/sbin
root 11967 0.0 0.4 2712 864 ? S Jan07 0:00 \_ /usr/sbin/couriertcpd -address=0 -maxprocs=40 -maxperip=4 -nodnslookup -noidentlookup 99
root 12280 0.0 0.1 1668 360 ? S Jan07 0:00 /usr/sbin/courierlogger -pid=/var/run/courier/imapd.pid -start -name=imapd /usr/sbin/courier
root 12281 0.0 0.4 2712 776 ? S Jan07 0:00 \_ /usr/sbin/couriertcpd -address=0 -maxprocs=40 -maxperip=20 -nodnslookup -noidentlookup 1
root 12321 0.0 0.1 1668 360 ? S Jan07 0:00 /usr/sbin/courierlogger -pid=/var/run/courier/imapd-ssl.pid -start -name=imapd-ssl /usr/sbin
root 12322 0.0 0.3 2712 760 ? S Jan07 0:00 \_ /usr/sbin/couriertcpd -address=0 -maxprocs=40 -maxperip=20 -nodnslookup -noidentlookup 9
root 16325 0.0 6.1 32756 11624 ? Ss Jan07 0:02 /usr/sbin/apache2 -k start
root 16327 0.0 0.2 1604 424 ? S Jan07 0:03 \_ /root/ispconfig/cronolog --symlink=/var/log/httpd/ispconfig_access_log /var/log/httpd/is
www-data 24950 0.1 7.1 33408 13600 ? S 11:53 0:04 \_ /usr/sbin/apache2 -k start
www-data 25278 0.1 7.1 33124 13604 ? S 12:01 0:03 \_ /usr/sbin/apache2 -k start
www-data 25560 0.0 7.1 33148 13544 ? S 12:07 0:01 \_ /usr/sbin/apache2 -k start
www-data 25741 0.1 7.1 33148 13556 ? S 12:09 0:03 \_ /usr/sbin/apache2 -k start
www-data 25748 0.1 7.2 33172 13828 ? S 12:09 0:01 \_ /usr/sbin/apache2 -k start
www-data 25788 0.1 7.1 33164 13596 ? S 12:10 0:02 \_ /usr/sbin/apache2 -k start
www-data 25789 0.1 7.0 33164 13468 ? S 12:10 0:01 \_ /usr/sbin/apache2 -k start
www-data 25879 0.0 7.0 33140 13504 ? S 12:12 0:00 \_ /usr/sbin/apache2 -k start
www-data 25884 0.1 7.0 33140 13428 ? S 12:12 0:02 \_ /usr/sbin/apache2 -k start
www-data 25888 0.1 7.0 33140 13504 ? S 12:12 0:02 \_ /usr/sbin/apache2 -k start
www-data 25891 0.1 7.1 33172 13624 ? S 12:12 0:03 \_ /usr/sbin/apache2 -k start
www-data 25951 0.0 7.1 33148 13552 ? S 12:14 0:01 \_ /usr/sbin/apache2 -k start
www-data 25953 0.0 7.1 33148 13528 ? S 12:14 0:01 \_ /usr/sbin/apache2 -k start
www-data 25954 0.1 7.1 33180 13576 ? S 12:14 0:02 \_ /usr/sbin/apache2 -k start
www-data 25955 0.1 7.1 33196 13596 ? S 12:14 0:02 \_ /usr/sbin/apache2 -k start
www-data 25982 0.1 7.1 33188 13556 ? S 12:14 0:02 \_ /usr/sbin/apache2 -k start
www-data 27670 0.0 6.8 32944 12992 ? S 12:32 0:00 \_ /usr/sbin/apache2 -k start
www-data 27838 0.2 7.1 33148 13516 ? S 12:33 0:01 \_ /usr/sbin/apache2 -k start
www-data 27849 0.1 6.8 32984 13012 ? S 12:33 0:00 \_ /usr/sbin/apache2 -k start
www-data 27851 0.0 7.0 33024 13332 ? S 12:33 0:00 \_ /usr/sbin/apache2 -k start
nobody 2554 0.0 0.9 3536 1792 ? Ss Jan07 0:00 proftpd: (accepting connections)
root 28272 0.0 0.9 4760 1796 ? Ss 12:36 0:00 /usr/lib/postfix/master
postfix 28274 0.0 0.8 4744 1624 ? S 12:36 0:00 \_ pickup -l -t fifo -u -c
postfix 28281 0.0 0.9 4780 1716 ? S 12:36 0:00 \_ qmgr -l -t fifo -u -c
postfix 28435 0.0 0.8 4796 1684 ? S 12:36 0:00 \_ tlsmgr -l -t unix -u -c
postfix 28436 0.0 0.8 4744 1584 ? S 12:36 0:00 \_ anvil -l -t unix -u
user 28747 12.5 1.4 260116 2828 pts/1 SNl 12:40 0:04 ./server_linux -PID=tsserver2.pid


netstat -tulpen

217-20-127-23:~# netstat -tulpen
Aktive Internetverbindungen (Nur Server)
Proto Recv-Q Send-Q Local Address Foreign Address State Benutzer Inode PID/Program name
tcp 0 0 0.0.0.0:51234 0.0.0.0:* LISTEN 1000 207582 28747/server_linux
tcp 0 0 0.0.0.0:14534 0.0.0.0:* LISTEN 1000 207581 28747/server_linux
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 105 4642 2259/mysqld
tcp 0 0 0.0.0.0:81 0.0.0.0:* LISTEN 0 5708 2597/ispconfig_http
tcp 0 0 217.20.127.23:53 0.0.0.0:* LISTEN 104 47380 11679/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 104 47378 11679/named
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 104 47387 11679/named
tcp6 0 0 :::993 :::* LISTEN 0 49381 12322/couriertcpd
tcp6 0 0 :::995 :::* LISTEN 0 48113 11967/couriertcpd
tcp6 0 0 :::110 :::* LISTEN 0 48003 11916/couriertcpd
tcp6 0 0 :::143 :::* LISTEN 0 49315 12281/couriertcpd
tcp6 0 0 :::80 :::* LISTEN 0 67493 16325/apache2
tcp6 0 0 :::21 :::* LISTEN 65534 129063 2554/proftpd: (acce
tcp6 0 0 :::22 :::* LISTEN 0 47767 11821/sshd
tcp6 0 0 ::1:953 :::* LISTEN 104 47388 11679/named
tcp6 0 0 :::443 :::* LISTEN 0 67498 16325/apache2
udp 0 0 0.0.0.0:3333 0.0.0.0:* 1000 207554 28747/server_linux
udp 0 0 0.0.0.0:6667 0.0.0.0:* 1000 207530 28747/server_linux
udp 0 0 0.0.0.0:9876 0.0.0.0:* 1000 207536 28747/server_linux
udp 0 0 0.0.0.0:6311 0.0.0.0:* 1000 207569 28747/server_linux
udp 0 0 0.0.0.0:32808 0.0.0.0:* 104 47381 11679/named
udp 0 0 0.0.0.0:5555 0.0.0.0:* 1000 207548 28747/server_linux
udp 0 0 217.20.127.23:53 0.0.0.0:* 104 47379 11679/named
udp 0 0 127.0.0.1:53 0.0.0.0:* 104 47377 11679/named
udp 0 0 0.0.0.0:1337 0.0.0.0:* 1000 207575 28747/server_linux
udp 0 0 0.0.0.0:2000 0.0.0.0:* 1000 207524 28747/server_linux
udp 0 0 0.0.0.0:1234 0.0.0.0:* 1000 207542 28747/server_linux
udp 0 0 0.0.0.0:9696 0.0.0.0:* 1000 207518 28747/server_linux
udp 0 0 217.20.127.23:123 0.0.0.0:* 0 5372 2497/ntpd
udp 0 0 127.0.0.1:123 0.0.0.0:* 0 5371 2497/ntpd
udp 0 0 0.0.0.0:123 0.0.0.0:* 0 5367 2497/ntpd
udp6 0 0 :::32809 :::* 104 47382 11679/named
udp6 0 0 fe80::202:a5ff:fe2f:123 :::* 0 5370 2497/ntpd
udp6 0 0 ::1:123 :::* 0 5369 2497/ntpd
udp6 0 0 :::123 :::* 0 5368 2497/ntpd