From owner-freebsd-isp@FreeBSD.ORG Thu Aug 24 16:39:21 2006 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 22F5316A4DA for ; Thu, 24 Aug 2006 16:39:21 +0000 (UTC) (envelope-from wash@wananchi.com) Received: from ns2.wananchi.com (ns2.wananchi.com [62.8.64.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 20DA243D4C for ; Thu, 24 Aug 2006 16:39:19 +0000 (GMT) (envelope-from wash@wananchi.com) Received: from wash by ns2.wananchi.com with local (Exim 4.63 #0 (FreeBSD 4.11-STABLE)) id 1GGIEd-000HGr-7F by authid ; Thu, 24 Aug 2006 19:39:15 +0300 Date: Thu, 24 Aug 2006 19:39:15 +0300 From: Odhiambo Washington To: Jeremiah Foster Message-ID: <20060824163915.GJ12155@ns2.wananchi.com> Mail-Followup-To: Odhiambo Washington , Jeremiah Foster , freebsd-isp@freebsd.org References: <1156229799.4893.150.camel@localhost.localdomain> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1156229799.4893.150.camel@localhost.localdomain> X-Disclaimer: Any views expressed in this message, where not explicitly attributed otherwise, are mine alone!. X-Mailer: Mutt 1.5.12 (2006-07-14) X-Designation: Systems Administrator, Wananchi Online Ltd. X-Location: Nairobi, KE, East Africa. User-Agent: Mutt/1.5.12-2006-07-14 Cc: freebsd-isp@freebsd.org Subject: Re: Inherited FreeBSD machine without: firewall, proxy (i.e. squid) and RAID management X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Aug 2006 16:39:21 -0000 * On 22/08/06 08:56 +0200, Jeremiah Foster wrote: | Good morning list, | | The company I work for has brought some web serving in-house. We now | have a machine from a subcontractor that is running FreeBSD 4.11. It is | a production web server responsible for generating data from the | database and presenting it (in Zope, yuck.) | | I would like to create a firewall Use IPFilter for the firewall. The rules are kinda easy to understand. | add caching so that the web pages get served more quickly, Use Squid with reverse proxy configuration, but here again, you have to read the Squid FAQ about RAM requirements and cache optimization in | and find out when the RAID disks are failing, right now I can tell | when that happens because the database slows to a crawl. That reasoning does not sound technical at all. Please find out why the MySQL server itself is slowing down by using tools like mytop (in the ports, log-slow-queries, etc). If you have RAID, please don't say it is RAID 5 with less than 6 disks! That config sux, If you have less than six disks, just use disk mirroring (RAID 1+0). | Does anyone have any advice? ;) | I am aware of excellent FreeBSD firewalling software which I will most | likely use. Okay... | I am also familiar with squid - is this my best be for caching web pages | so that the site appears to load faster? I'd say no and yes. Tell us the machine's specs and how it is configured. BTW, could you please ask that contractor to give you a system running FreeBSD 6.1, or at worst 5.5? You'd be happy with ufs2, disk snapshots, etc.. | I can see from dmesg.boot that the relevant RAID aparatus is a Fixed Direct Access SCSI-0 device, what would be the right | software to monitor this volume? oh, RAID 1 is not that bad performance-wise. About monitoring, I am not sure it's the RAID you want to deal with at present, but rather the big picture - why certain services are slowing down... It could be Zope! | Obviously not vinum since I have been informed that it is a software | RAID management system, not hardware management. I'd say you are too mixed up at the moment about what advise you are looking for. Please be straight, present the whole scenario and let us think about it and give advise. -Wash http://www.netmeister.org/news/learn2quote.html DISCLAIMER: See http://www.wananchi.com/bms/terms.php -- +======================================================================+ |\ _,,,---,,_ | Odhiambo Washington Zzz /,`.-'`' -. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922 '---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121 +======================================================================+ Cabbage, n.: A familiar kitchen-garden vegetable about as large and wise as a man's head. -- Ambrose Bierce, "The Devil's Dictionary"