> does freeswan involve a lot of overhead?
>
No, it's just for administration so the traffic is very minimal. I just
mentioned it in case there was a known interaction.
> LVS-NAT was rewritten for 2.4.x and doesn't have the overhead of the
> earlier implementations, so it's shouldn't be a problem.
>
Splendid news!
> if you're using top, it doesn't show all the kernel activity, but
> I'm not sure
> what the story is there. what is the load average? If you have an
> X-window on the
> director, does the mouse respond sluggishly? Does it take a real long
time
> to load and run a trivial script (eg #!/bin/bash; echo "foo")?
>
> > CPU on the test box is at about 25% and on the media server at 4%.
> >
I was using vmstat, which does show kernel CPU. The load average sits
at around zero, which is basically what I expect as there are a very
minimal set of processes running. It's hard to tell with a simple script test,
because SSH is the bottleneck there. However, I think vmstat should be correct?
> > I would therefore conclude that this is an issue with the
> director, but I'm
> > not sure what. My next guess would be to try swapping the VIA NIC for
> > another 3com one, but could it really be that bad?
>
> it's a cheap test.
Sadly not as cheap as you'd hope as I have to trundle myself along to the
hosting centre! Luckily there are two boxes with keepalived for failover, so I
can just whip one of them out without anyone noticing.
>
> I'm surprised to hear this. I don't have any suggestions sorry
>
Given that the software config should be OK, then this points me straight at
the hardware, so this is actually a great help!
Thanks,
Mark
|