Date: Wed, 20 Jun 2001 02:57:07 -0700 From: Terry Lambert <tlambert2@mindspring.com> To: "Ashutosh S. Rajekar" <asr@softhome.net> Cc: Matt Dillon <dillon@earth.backplane.com>, freebsd-hackers@FreeBSD.ORG Subject: Re: max kernel memory Message-ID: <3B307373.74C7316A@mindspring.com> References: <Pine.LNX.4.21.0106201405001.1509-100000@vangogh.indranetworks.com>
next in thread | previous in thread | raw e-mail | index | archive | help
"Ashutosh S. Rajekar" wrote: > > I guess we beat you to the punch... > > > > We have a product which is now shipping, and which currently > > supports 1,000,000 concurrent connections. > > I guess quite a lot of people are at it right now, the prime > one is NetScaler. If I'm not wrong, they brag about a million > connections or so, on a box that's running FreeBSD 2.x ... > inside sources informed me that they rewrote the entire kernel, > and are now finding it difficult to proceed ... (anybody from > NetScaler please correct me) Rewriting a 2.x kernel for this type of thing is insane; the DOS vulnerabilities and other bugs alone must be completely swamping them... Their 3200 only has 1G of RAM; you could _barely_ fit the TCP state for 1,000,000 connections into just 1G of RAM, and have a tiny amount left over for buffers, drivers, the rest of your kernel, etc.. I can't believe that their 3100 (only 512M of RAM) could do it, just based on what I know from the structure sizes needed for the state. You can fool some of the people, but you can't fool Stevens... > Without killing me, could you tell if it was userland code > that maxed the connections (with all the file descriptors), > or just a socket structure based server that you ran ? I > guess with fds, you end up storing more information for > nothing, one each per socket structure. Once you do one, the other is easy. But I'm not telling you anything you shouldn't have already surmised from the Heisenbug I fixed a while back. > > [ ... tuning ... ] People > > have been pushing on this pretty hard lately, since there > > was a recent benchmark debate the turned out to be nothing > > more than bad tuning and a poor application architecture > > match to the OS. > > I did follow that discussion, and my conclusion is that it is > probably wise to leave it to users to do what they think is > right :-) It's a barrier to entry for the OS; I would like my skills to have the highest posible market value, and knocking down such barriers helps. Just because it's very hard does not necessarily mean it shouldn't be done. There is a Linux project page that wants to tackle successfully handling 10,000 simultaneous connections; I'm two orders of magnitude over that now. It's all a question of what you have set yourself up to believe is "amazingly hard". If you believe it, it becomes true for you, and you hit the wall. > > PS: You're ex-IBM, right? I think I remember you from a > > Linux FS project mailing list a while back... Me too... IBM > > bought the startup I worked at about two years ago. > > Right, but how do you know I'm from IBM ? BTW the FS project > was my degree project in the university. I'm an FS geek from way back; I saw something on your Linux Distributed File System when I was keeping tabs on XFS, GFS, and SAN stuff. Altavista is great, if you can think like it does... and the people you look up have done talks/papers/postings/mailing lists. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3B307373.74C7316A>