The SF-Alpha's blog

Some network newbies may have read books about networking and still doubt about what is the point of VLAN and Subnet. Why we need both ? ... It looks similar, it segment network into separate network (L2,L3) for security, smaller broadcast domain, etc.

So ... what is the key point of VLAN and Subnet ?

VLAN - is used for segment/separate L2 network. Key point of creating VLAN is for more security, lower broadcast domain, save costs. If computer shared same physical/equipment it usually on same L2 network, if you want to separate L2 network you need 2 sets of equipments. But if equipment/computer supported VLAN, we can put each computer/equipment to different L2 network while sharing same physical infrastucture (switches, wire, router, etc.).

Subnet - is used for address assignment. Key point of subnetting is to assign L3 network address (subnet) appropriate for usage (also sometimes for network address conservation). In typical setups, different VLAN also need different subnet. So ... subnetting usually done along with VLAN segmentation. Security and smaller broadcast domain is not main point of subnetting because it already done by VLAN instead.

You can also do have few subnets in one L2 network (VLAN) but ... anyway no security between two L3 network at all. All node in each L3 network still receive other L3 network packets broadcasts in same L2 network.

...

In short

VLAN = segment/separate L2 network

Subnetting = Assign appropriate L3 network address (subnet) to L2 network

FYI!

Posted by SF-Alpha

I was looking for ways to enhance database performance on the quite busy database server of the very busy forum site. Currently I have to maintain forum that have to handle more than 1000 people online concurrently and have average posts about 5k posts per day. Therefore, it ever reached around 5M posts last year before my clients decided to split to new forums and left old forums read-only. And now ... It already reach 700k of posts for only half year with 1.5GB of database size (So ... WHAT A HECK THEY POSTING ?).

When database size increase dramatically ... And if it becoming large and nearly reach amount of RAM that your server has. Your database will face serious performance problems because your memory now not enough to hold all disk cache of database files on disk.

It happened last year when database size of this forums reach around 10GB when the server has only 8GB RAM. Even this database is on very fast 4 disks, 15k RPM RAID 10, Battery Backed LSI MegaRAID SAS HBA. I/O Utilization usually reach 100% at the busy time. And my web server start to respond Error 500 because of database overload.

And now SSD is out and may be a choice of what I want ... High mixed, random, read/write IOPS. But one thing to consider, Endurance, how much data can writes to SSD.

As you may know, SSD have limited time of writes compared traditional magnetic harddisk. If you decided to put SSD inside server ... You need to measure how much data gonna write on it to ensure your SSD will live long enough.

From X25-M SSD datasheet:

3.5.4 Minimum Useful Life
A typical client usage of 20 GB writes per day is assumed. Should the host system
attempt to exceed 20 GB writes per day by a large margin for an extended period, the
drive will enable the endurance management feature to adjust write performance. By
efficiently managing performance, this feature enables the device to have, at a
minimum, a five year useful life. Under normal operation conditions, the drive will not
invoke this feature.

You may notice 2 things here. First X25-M SSD endurance is 5 years for average writes of 20GB per day. Second, if you put data more than 20GB per day, it will activate endurance management mechanism that results in lower performance.

Now it time to measure disk writes on my server. It can done by basic command in Linux ... 'iostat' (If your server not have iostat ... simply install sysstat package).

popcorn2 64h # uptime
 03:31:16 up 23 days,  6:47,  2 users,  load average: 0.35, 0.15, 0.31
popcorn2 64h # iostat -m /dev/sdb
Linux 2.6.27-gentoo-r5 (popcorn2)       03/30/09

avg-cpu:  %user   %nice %system %iowait  %steal   %idle
           9.30    0.00    1.66    0.49    0.00   88.55

Device:            tps    MB_read/s    MB_wrtn/s    MB_read    MB_wrtn
sdb              15.81         0.02         0.07      37865     144223

With basic calculation ... This result around 6.26GB per day.

So I can use X25-M SSD on this system for database, or even faster version X25-E.

If you decided to use SSD for your database server ... make sure you check how much data gonna write to your SSD before putting some important data on it. And do not forgot to BACKUP. SSD is quite more expensive than 15K RPM disks of the same capacity with much lower write endurance. ($400 80G SSD vs $250 74G 15K RPM)

Posted by SF-Alpha

I have an idea for using IPSET together with NETLINK (nf_queue) based for userspace processing of bittorrent detection and connection marking.

Bitorrent now can use enctyption ... And with encryption, it now hard to detect and throtting those traffic.

I have study bittorrent blocking for long time and I have bitorrent throttling and blocking system using iptables + IPSET + L7-filter + IPP2P setup and working in production environment, but it cannot detect encrypted bittorrent traffic.

After that I comes up with more effective way to block bittorrent, That is tracker communicaton detection with works easily by pattern matching on HTTP query (annouce.+?info_hash=.+) in L7-filter. This way I can throttle specific IP by insert IP to IPSET but this way can only throttle all traffic not bittorrent only.

I comes up with new idea after notice that client send ip/port pair to tracker for other peers to connect, and tracker send back all ip/port peer also. I can grab this information and insert IP+Port to IPSET to throtte all traffice match ip/port without effect all other traffic. But this way need some processing that IPP2P and L7-Filter cannot do this.

So I need to implement this in userspace with NF_QUEUE. But ... it still hard to program and need quite much time to complete this.

Posted by SF-Alpha

I follow state of iSCSI and FCoE on linux since a few years ago. But ... It seems slow and Wrong Way !

Altough kernel SCSI maintainer like the move everyting to userspace idea. But it not good for performance. I know that SCST already exists and mature but not going to mainline kernel. Why ? because kernel maintainer doesn't like this way and more likely happy to have STGT instead (which use much userspace things).

I tried both but STGT performance is simply BAD!. Like iSCSI, moving to more complicated layers to handle such storage low-lattency things is BAD!. So, by the same reason, iSCSI not so popular on performance storage because of too much overhead added to processing and it increasing lattency, although throughput seems ok (1GBPS with only 2-3% cpu load even on software initiator) but SCST proves to have lower lattency very close to pure HW implemantation. but STGT is more likely to have delay on userspace processing.

Something wrong ? Although STGT is more good, but SCST is mature enough to get it to mainline kernel for now. It should be, at least, for everyone to test on the mainlike kernel both SCST and STGT to see what is good for real life usage.

Posted by SF-Alpha

Long time no blog !.

Last year I working on new type of connection probe for one of the private Torrent tracker in Thailand. So ~150000 Peers and around ~15000 clients out there. (Prove that bittorrent users typically run average of 10 torrents). It previously work using 1 process to start serveral child process for processing and die.

I just upgraded it to work as Daemon with new interprocess communication things. It work by simple unix based named socket. It work the same way that preforked daemon usally do with one master process to distribute request to clients.

But ... you may surprise -- It wrote with PHP not C, Java, Perl, Python. Dynamic languages is seems to work well for this too if it supports. This almost the C wrapper so memory leak is no probably exists. (but PHP parser itself usually have memory leaks).

Meanwhile PHP usually not good in memory conservation. My server got some errors on PHP script that decode (bencoded) .torrent files and ... Hey ... 128 MB memory was exhaust. Why, .torrent is just around 300k in size.

I figured out that PHP structure usually allocate memory in chunk. And PHP store variables that use small memory together. But sometimes it fragments so much and PHP does not good on handle memory fragment.

I use memory_get_usage(true) to check how much memory was allocated. That 300k .torrent files use as much as 136MB of memory after parsed (that memory_get_usage(true) report). But memory_get_usage(false) will give real memory usage of PHP (not alloated memory). It gives only 28MB.

So PHP not good when handle memory fragments.

Posted by SF-Alpha

Content-SHA1 HTTP header may be useful for hash integrity as well as file download caching.

It should widely developed and have support by cache proxy server, web browser, OS search indexing, etc. Hope it will.

Content-SHA1: (sha1) a927bc412550dadeff573220d00e1505601e8aacd

For example, in scenario that we put download file name 'fooprogramsetup.exe' in many download mirrors which absolutely have different URL ... So cache (proxy) server will not see this file as SAME file, If different users download same file but from different mirrors. Cache proxy will cache it separately and may need to put DIRECT request to download server for new URL even it is the same file. If we have this header, cache can check local cache and then send the same file if hash is match (also need more key: filesize, mtime to make sure that is the same).

Not only proxy, browser may can be configure content-check folder or cache folder, browser can look into hashing of cache or file in content-check folder to see it is the same file and notice the user.

Implementation should also implement in web server directly by looking for hash suffix, for example:

fooprogramsetup.exe may have fooprogramsetup.exe.SHA1 in that folder, so web server pick sha1 and send it automatically (if it configured to do).

Hope this will developed in the future. I am not sure is there any implemented on some of web servers and proxy already, but ... I think it is good idea to do!

Posted by SF-Alpha

If your database disks have read-ahead enable, It good to turn off especially database that require very very high random-read on busy servers.

Posted by SF-Alpha

Recently filesystem activity besides ext4 in Linux kernel is Tux3. Which, in technicial, is really B-Tree extents based filesystem like ext4 or reiserfs. Despite of it not too complete and not stable now, Tux3 is journal fileystem with log and atomic commit. New atomic commit approch is to write metadata update to logical log (memory) and then data blocks to physical storage follow by commit block. Then update metadata (from logical to physical) afterwards, unlike NTFS and other journaled fileystem. Transaction on Tux3 are considered completed after log is written and will not replay any metadata but will load log in place every mount to check filesystem consistency. That simplify maintain data consistency when disk is hot remove and make sure log recovery code is well tested. Considered situation when atomic commit is not complete (data blocks not contains commit block), after mounted, log not need to replay because corrupted data is written somewhere not the same block as previously reside in.

Seems SSD and flash based disks really benefits from Tux3 implementation which not require much performance of contigous blocks or fragments data but reduce write levering that will turn disk in to short life.

Posted by SF-Alpha

I have recently test the CAT6 cable from some manufacturer to test the signal quality and performance. It done by do simple 1GByte file download test using 100 Meter and 150 Meter CAT5e/CAT6 cable (connected via patch panel and patch cord like common installation in TIA/EIA 568B structured cabling standard) to see how much frame error occurred. I did not measured with TDR, Signal Analyzer, etc because all cable should conform the spec when tested from factory (or it to be rejected by most customer anyway).

But ... Results is somewhat really surprising, At first, I thought that using 10BASE-T Signal on CAT6 cable should result in longest transmission with no frame lost, and followed by 100BASE-TX and 1000BASE-T.

Actual result is not like that, on 150M CAT6 cable, 10Mbps using 10BASE-T signal doing well and with small numbers of frame lost when transferring 1Gbyte files. 100Mbps on 100BASE-TX signal is very bad with thousands of frame error. And really surprising, 1000Mbps on 1000BASE-T signal is doing good, PAM5x5 modulation plus 8b10b encoding on 1000BASE-T is very reliable and immune to noise, only a few (less than 10) frames are error.

This are numbers of frame error on the cable tested with transferring 1GB file on 150M cable

So ... Installing 1Gbps Switch on CAT6 Infrastructure does some advantage over 100Mbps switch. You can even use 100M+ distance over CAT6 cable, although TIA/EIA 568 recommended CAT6 at 100M, Actual usable distance is up to 150M if the cable is good enough.

Noted that, TIA/EIA 568B.2 AD10 (2008) now updated to have Argumentd CAT6 (CAT6a or CAT6e) for 10GBASE-T Installation for 100M distance but also permit CAT6 for 10GBASE-T if the total length is less than 55M for old CAT6 installation, because CAT6a is expensive and must have twice signal performance characteristics than CAT6 (250MHz vs 500MHz). CAT6a is not probably not the choice to deploy in installation with distance not exceed 55M.

Posted by SF-Alpha

Recent news from Intel statement says, Netbook is fine for an hour of computing and not to replace notebooks.

I am agree about netbook will not replace notebook anyway. But netbooks is fine for an hour is something stupid to say that.

What most netbook users buy netbook for ? What criteria users' consider to choose their own netbook. Saying that fine for an hour is something not the case.

For me, few reasons to choose and have netbook.

- Battery ... Typical notebook that can use up to 4 hour or more cost at least $1000.  Netbook is more affordable, My EeePC 901 costs only $349 with up to 5 hrs batt.

- Weight and Size ... Notebook ? I can pack (huge/performance) notebook inside luggage where I can carry netbook on board. If your flight is 5 hours ? What fine for an hour is just kick ass ?

- Usage ... For me, Netbook is only use for web browsing, Google apps (mail/calendar/etc), Office, Video watching, etc. Typically when traveling. I can use it instead of most small media player on market with more large screen. You would more happy with 1024x600 than 480x320 on iPOD/iPhone.

That's why intel says fine for an hour is kick ass for me .

Soon, tablet style netbooks will replace all MIDs and typical large screen media player on market, with 4G (802.16e) and 3.5G connectivity. Left only smartphone and small media player in the market for small portable devices.

Posted by SF-Alpha

Now ... What if I am using url_rewrite and above code not working ? ... You need to specify your WEB_ROOTDIR as absolute path, using __FILE_ instead, for example, this file is reside in document root.

<?php
define(WEB_ROOTDIR, realpath(dirname(_FILE_)));
...
...
?>

this file is in <docroot>/include/config.inc.php

<?php
define(WEB_ROOTDIR, realpath(dirname(_FILE_) . '/..'));
...
...
?>

Posted by SF-Alpha

Gentoo recently drops old release schedule and focus on new Weekly or Monthly automatic release build.

And more, There is (may be) no more Gentoo Catalyst for release build for the Gentoo, and that means, Catalyst project is gone.

Because of new release model and attempt of Daniel Robbins (former Gentoo leader and founder), he decides to bring Gentoo and his own Gentoo Portage Overlay project called Funtoo to the next steps. By providing something that let people build distribution and customization based on Gentoo and Funtoo more easier and have larger user based. Daniel have create new automatic build mechanism called Metro (Wtih the release 1.1 currently released).

Gentoo developer now working closely with Dainel to get this thing working for gentoo release as well, but not much activity on this. Gentoo councils now seems to focus on based system (such as EAPI, Baselayout) than the release engineering or building things.

Let's try Funtoo. Just For Fun.

P.S. You should to watch videos on Daniel's blog. Much fun !

Posted by SF-Alpha

Article about techniques to reduce writes on flash based disks.

http://www.cyrius.com/debian/nslu2/linux-on-flash.html

I found this article useful for me (EeePC901 Flash model) and other who run Linux on flash.

And again, portage seems to do much about filesystem read/writes ? I will figure out how to reduce it !!!

Posted by SF-Alpha

I found this bug when trying building stage4 image for my EeePC from my AMD64 PC.

Seems like genkenrel not pass valid ARCH on make menuconfig (this bug #247246)

I reported this for a while and nobody seems to work on it. What those bug wranglers doing guys.

Although I can get fixed myself. I think this is major bugs that could by fixes soon.

BTW: I got Gnome+XFCE stage4 for my EeePC (with compiz-fusion optionally enabled).

Posted by SF-Alpha

They said to be National Download and Mirrors for OpenSource. It supported by SIPA

I want them to mirrors some more distros and have suggestion of fixing error on their mirrors.

But HEY! There is no way to contact them, no contact information on web sites.

Moreover, only a few of things are mirrored properly. They does not listed mirrors as official mirrors site of most distributions, some of them out of sync.

IMHO. This is bad ... How people know you does mirror things if they does now know mirror.in.th before.

Posted by SF-Alpha