Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 20 Jun 2001 02:57:07 -0700
From:      Terry Lambert <tlambert2@mindspring.com>
To:        "Ashutosh S. Rajekar" <asr@softhome.net>
Cc:        Matt Dillon <dillon@earth.backplane.com>, freebsd-hackers@FreeBSD.ORG
Subject:   Re: max kernel memory
Message-ID:  <3B307373.74C7316A@mindspring.com>
References:  <Pine.LNX.4.21.0106201405001.1509-100000@vangogh.indranetworks.com>

next in thread | previous in thread | raw e-mail | index | archive | help
"Ashutosh S. Rajekar" wrote:
> > I guess we beat you to the punch...
> >
> > We have a product which is now shipping, and which currently
> > supports 1,000,000 concurrent connections.
> 
> I guess quite a lot of people are at it right now, the prime
> one is NetScaler. If I'm not wrong, they brag about a million
> connections or so, on a box that's running FreeBSD 2.x ...
> inside sources informed me that they rewrote the entire kernel,
> and are now finding it difficult to proceed ... (anybody from
> NetScaler please correct me)

Rewriting a 2.x kernel for this type of thing is insane;
the DOS vulnerabilities and other bugs alone must be
completely swamping them...

Their 3200 only has 1G of RAM; you could _barely_ fit the
TCP state for 1,000,000 connections into just 1G of RAM,
and have a tiny amount left over for buffers, drivers,
the rest of your kernel, etc..  I can't believe that their
3100 (only 512M of RAM) could do it, just based on what I
know from the structure sizes needed for the state.  You
can fool some of the people, but you can't fool Stevens...


> Without killing me, could you tell if it was userland code
> that maxed the connections (with all the file descriptors),
> or just a socket structure based server that you ran ? I
> guess with fds, you end up storing more information for
> nothing, one each per socket structure.

Once you do one, the other is easy. But I'm not telling
you anything you shouldn't have already surmised from the
Heisenbug I fixed a while back.


> > [ ... tuning ... ] People
> > have been pushing on this pretty hard lately, since there
> > was a recent benchmark debate the turned out to be nothing
> > more than bad tuning and a poor application architecture
> > match to the OS.
> 
> I did follow that discussion, and my conclusion is that it is
> probably wise to leave it to users to do what they think is
> right :-)

It's a barrier to entry for the OS; I would like my
skills to have the highest posible market value, and
knocking down such barriers helps.  Just because it's very
hard does not necessarily mean it shouldn't be done.

There is a Linux project page that wants to tackle
successfully handling 10,000 simultaneous connections;
I'm two orders of magnitude over that now.

It's all a question of what you have set yourself up
to believe is "amazingly hard".  If you believe it,
it becomes true for you, and you hit the wall.


> > PS: You're ex-IBM, right?  I think I remember you from a
> > Linux FS project mailing list a while back... Me too... IBM
> > bought the startup I worked at about two years ago.
> 
> Right, but how do you know I'm from IBM ? BTW the FS project
> was my degree project in the university.

I'm an FS geek from way back; I saw something on your
Linux Distributed File System when I was keeping tabs
on XFS, GFS, and SAN stuff.  Altavista is great, if
you can think like it does... and the people you look
up have done talks/papers/postings/mailing lists.

-- Terry

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3B307373.74C7316A>