The Joys of Fat Traffic

April 12, 2006 by Eric Richardson

Now that we're running our email on a server where we pay for bandwidth, I've realized I need to become a lot more conscious of how people use email. There's no excuse for busting up our 95th percentile just because someone's downloading or sending attachments.

This morning I saw a couple periods of pretty constant traffic into and out of the server, and judging by how the server bandwidth graphs correspond to the interface stats on the router, it seems that it's pretty much all traffic from the office. It's not a lot of users; just "fat" traffic from a few of them (attachments, perhaps).

Complicating matters is that the tools I would normally use to check out network conditions are all on Linux, and here at work it's all Macs. — Continue Reading...

Never a Clean Transition

April 10, 2006 by Eric Richardson

We're moving email service here at the office, from ISP hosted mail to our colocated server. Friday I set up the new accounts and around 5:30 or so I switched MX to point to the new address.

That meant that I knew all weekend there were going to be issues when I walked in the door today.

It's a fact of life: you move services between disparate hosts and something's not going to work right.

In my case I found two issues:

I'm using qpsmtpd as my SMTP server, and all my test messages had been small. Because of that, I didn't know my spool dir was set up incorrectly and was unwritable by the mail daemon.
courier-imap defaults to setting MAXPERIP to 4 connections per IP address. When everyone fired up email this morning errors started popping up and nothing showed in the logs. Once I figured out what was up (though really I didn't... pcg quessed it) it was an easy change.

So after a bit of a hairy morning I think everything's running smooth now.

Fun with OS X and the Firewall

April 04, 2006 by Eric Richardson

As I mentioned that I would a few days ago, I moved our office network from a little Netgear DSL router to letting the Xserve do NAT and firewall.

That went ok, but I was really frustrated by the process of using Apple's firewall configuration through the Server Admin. Fundamentally my issue was that Apple's utility wants to deal in rules defined by IP spaces, and that's just not proper. When dealing with a router type host, it seems clear to me that you need to define your rules based on interfaces. While it's possible to do this in the Advanced settings, that's not at all easy to figure out (in fact I think it would be easier for anyone using that to simply write their own rules). — Continue Reading...

su: who are you?

March 31, 2006 by Eric Richardson

I'm still getting the NAT stuff set up on the xserve, and haven't even touched traffic shaping yet, but I was pretty amazed by how I managed to break things in the process of setting up a stateful firewall on OS X.

Apparently if you forget to allow connections via localhost, OS X sort of loses it. And I mean this to the extent that when logged in as admin, you no longer have an identity. su asks you who you are.

I guess I hadn't considered the ramifications of directory authentication, even when you're not doing remote stuff.

atprintd likes CPUs

March 31, 2006 by Eric Richardson

Here at the office we have a dual 2.3gig G5 XServe 1U as sort of the office file server. It's a shame, really, because literally all it's been doing has been just that: acting as network storage.

I've gotten fed up with the crappy little Netgear router that's running NAT, so I'm finally going to give the Xserve a little more responsibility and let it do NAT, DHCP and some traffic shaping.

The one thing that scares me a little, though, is that the server also has a couple printers connected to it and these seem to give it some periodic stability issues. For instance, I ssh'ed in just now, ran top and saw:

PID COMMAND      %CPU   TIME   #TH #PRTS
 82 atprintd    54.4%  120 hrs   1    15
 81 atprintd    54.2%  120 hrs   1    15
 80 atprintd    53.3%  120 hrs   1    15

So basically a dual-G5 is sitting at a load average of 3 running printer spools. Yuck. Googling for atprintd doesn't give me a whole lot on where to look for this one.

CUPS on Apple has in my experience been no more fun than CUPS on Linux. There I ditched CUPS for lprng.

Eric Richardson lives in Atlanta, Georgia, where he works on payments infrastructure for Cash App.

Past lives involved streaming audio for Southern California Public Radio, running a hyperlocal news site for Downtown Los Angeles, working on custom mapping code, and writing Perl at the Jet Propulsion Labratory.

Previously on this date...

2009
Fizziness Quotient
Subconsciously, I think we've all gotten used to a certain range for how much a standard soda fizzes when dispensed from a fountain. You leave a certain...
2004
everybody's talking about firefox
There's a good article on Mozilla in today's LA Times. It's been amazing to see the positive press that has accompanied the release of Firefox...
zap zap flash
When I was a lot younger someone brought me a broken fax machine once to see if I could fix it. Needless to say, I couldn't... What did I know about...
2002
mmmm... more papery goodness
Now it's 3:30. I've got four full pages, and have written about the first two points on my outline (of four). I'm still not sure what'...
mmmm... papery goodness
So it's 12:45 and I've got two pages. I've managed to find my source in the course reader, so I've got that obligation taken care of....
1999
Toy Story 2
I went and saw Toy Story 2 last night. I was amazed. I mean, put aside the fact that the animation was the best ever and that the whole thing was computer...