{"id":181,"date":"2009-04-11T22:49:22","date_gmt":"2009-04-11T14:49:22","guid":{"rendered":"http:\/\/www.computersolutions.cn\/blog\/?p=181"},"modified":"2009-04-11T22:49:22","modified_gmt":"2009-04-11T14:49:22","slug":"bandwidth-and-avoiding-the-slashdotdigg-effect","status":"publish","type":"post","link":"https:\/\/www.computersolutions.cn\/blog\/2009\/04\/bandwidth-and-avoiding-the-slashdotdigg-effect\/","title":{"rendered":"Bandwidth and avoiding the slashdot\/digg effect"},"content":{"rendered":"<p>As I&#8217;ve spent the day doing some pre-emptive maintenance type stuff on our servers, I noticed that one of our servers appeared to have way slower ping times than normal from our other servers.<\/p>\n<p>Taking a closer look I also saw that the logs said it having timeout problems talking to our database server.<\/p>\n<p>A quick look at the server logs showed that the server in question was using 100% of its bandwidth for the last hour or so according to Monit.<\/p>\n<p>A quick check with ntop  (excellent web based network analysis statistics) and iftop (console based network traffic analysis) confirmed that 99.5% of the bandwidth was going to HTTP requests.<br \/>\nStrangely enough, the server wasn&#8217;t even stressed at all (I guess I&#8217;ve overspecced that one!)<\/p>\n<p><!--more-->I installed the apache2 module server-status ( a2enmod status, apache2ctl restart), and took a closer look at where the requests were going to.<\/p>\n<p>In this case, all the requests were going to a single domain, to the detriment of other clients on the same server.<\/p>\n<p>I decided to take a look at limiting the maximum bandwidth that that domain could use. I&#8217;ve used mod_bandwidth in the past for limiting apache virtual hosts, but sadly, it seems to have stopped development, so I took a look at whats currently available for apache2.<\/p>\n<p>A few minutes googling later, I decided on installing mod-cband.<\/p>\n<p>In debian, its fairly simple to install: (i&#8217;m assuming apache2 here)<\/p>\n<p><code><br \/>\napt-get install libapache2-mod-cband<br \/>\napache2ctl restart<br \/>\n<\/code><\/p>\n<p>Now I had it installed, I had to configure it.<br \/>\nA quick read of the documentation shows that it needs some additions to the apache configuration.<\/p>\n<p>I added this to my  \/etc\/apache2\/httpd.conf<\/p>\n<p><code><br \/>\nCBandScoreFlushPeriod 1<br \/>\nCBandRandomPulse On<br \/>\n<\/code><\/p>\n<p>and then went to the virtual host in question, and added this:<\/p>\n<p><code><br \/>\nCBandSpeed 1Mbps 10 200<br \/>\n<\/code><\/p>\n<p>The first number 1Mbps is how much total bandwidth the domain can use.<br \/>\nThe second number is how many requests a second the domain can use.<br \/>\nThe third number sets the maximum number of client connections to that domain.<\/p>\n<p>I restarted apache2 &#8211;  apache2ctl restart, and took a look at the excellent statistics provided by mod_cband<\/p>\n<p>http:\/\/[theserverinquestion]\/cband-status?refresh=15<\/p>\n<p>&#8230;and then tweaked the CBandSpeed numbers based on what i was seeing (the values in the example above represent the optimum for the traffic i was seeing).<\/p>\n<p>Any excess visitors over the (quite generously high) limits for that specific domain will see a 503 error, which can be customized to a page letting them know to come back later, as the server has exceeded its bandwidth limits.<\/p>\n<p>The official documentation for cband is here &#8211; <a href=\"http:\/\/cband.linux.pl\/\">http:\/\/cband.linux.pl\/<\/a>, although their website doesn&#8217;t appear to be working currently (due to DNS timeouts).<\/p>\n<p>A check of the logs showed that mod_cband was working nicely.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-182\" title=\"localhostlocaldomain-if_eth0-day\" src=\"http:\/\/www.computersolutions.cn\/blog\/wp-content\/uploads\/2009\/04\/localhostlocaldomain-if_eth0-day.png\" alt=\"localhostlocaldomain-if_eth0-day\" width=\"495\" height=\"276\" srcset=\"https:\/\/www.computersolutions.cn\/blog\/wp-content\/uploads\/2009\/04\/localhostlocaldomain-if_eth0-day.png 495w, https:\/\/www.computersolutions.cn\/blog\/wp-content\/uploads\/2009\/04\/localhostlocaldomain-if_eth0-day-300x167.png 300w\" sizes=\"auto, (max-width: 495px) 100vw, 495px\" \/><\/p>\n<p>At around 8pm we started seeing heavy traffic (the far right), which started saturating the link about an hour later.<br \/>\nOnce I&#8217;d installed mod_cband, and limited that domain, the traffic load dropped nicely.<\/p>\n<p>Note that this server also acts as a backup server, so the increase in receive traffic at midnight  is normal (the dip in the left side).<\/p>\n<p><strong>Conclusions:<\/strong><\/p>\n<p>Checking logs is a necessary evil \ud83d\ude42<\/p>\n<p>I also need to add some additional warning emails to the servers to notify me when things like this happen.<br \/>\nI already do this for some things like load, security scans, and failed logins, so its one more thing to monitor!<\/p>\n<p>I&#8217;ve taken a look at this script here &#8211; <a href=\"http:\/\/sws.dett.de\/mini\/VHost_Traffic\/\">http:\/\/sws.dett.de\/mini\/VHost_Traffic\/<\/a> and will probably implement that at some point so I can see the biggest bandwidth usage in terms of client sites on a daily \/ weekly basis, with a view to moving them to a different server, and charging appropriately (yay, money!)<\/p>\n<p>The good news is that it looks like the server in question can easily sustain slashdotting.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>As I&#8217;ve spent the day doing some pre-emptive maintenance type stuff on our servers, I noticed that one of our servers appeared to have way slower ping times than normal from our other servers. Taking a closer look I also saw that the logs said it having timeout problems talking to our database server. A [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[25],"tags":[57,56,55,58],"class_list":["post-181","post","type-post","status-publish","format-standard","hentry","category-technical-mumbo-jumbo","tag-apache2","tag-bandwidth","tag-slashdot-effect","tag-usage"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.computersolutions.cn\/blog\/wp-json\/wp\/v2\/posts\/181","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.computersolutions.cn\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.computersolutions.cn\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.computersolutions.cn\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.computersolutions.cn\/blog\/wp-json\/wp\/v2\/comments?post=181"}],"version-history":[{"count":1,"href":"https:\/\/www.computersolutions.cn\/blog\/wp-json\/wp\/v2\/posts\/181\/revisions"}],"predecessor-version":[{"id":183,"href":"https:\/\/www.computersolutions.cn\/blog\/wp-json\/wp\/v2\/posts\/181\/revisions\/183"}],"wp:attachment":[{"href":"https:\/\/www.computersolutions.cn\/blog\/wp-json\/wp\/v2\/media?parent=181"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.computersolutions.cn\/blog\/wp-json\/wp\/v2\/categories?post=181"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.computersolutions.cn\/blog\/wp-json\/wp\/v2\/tags?post=181"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}