[cod] Disapointed

Dave Whitla dave.whitla at ocean.net.au
Tue Nov 25 19:00:43 EST 2003 

MayDay,

I'm not even running the server yet - too damn busy to play games lately 
(despite hanging out for it).  However, I note a few things about your 
process list that could be improved.

I don't believe this is a resource issue, in the obvious sense (ie memory, 
cpu, disk, swap) or bandwidth of your connection - more likely in the way 
your machine is accessing that bandwidth.


On Wed, 26 Nov 2003 05:10 am, MayDay wrote:
> TOP: Sorted after Memory.
>
> All the extra services i started like udpb, codbot, uglygs, apache i tried
> to shut down aswell as server logging, still lags.
>   PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
>   857 clan      15   0  214m 109m 3084 S  0.0 21.7   2:43.96 cod_lnxded
>   346 www-data  16   0 72060 3404  69m S  0.0  0.7   0:00.00 apache
>   694 www-data  15   0 72068 3404  69m S  0.0  0.7   0:00.00 apache
turn this off - you certainly dont need it and (from the rest of this it looks 
like this might be your first linux install - not having a shot here just 
noting) your default apache settings might specify non-existent files that 
the server keeps looking for for example.

>   864 clan      15   0  5216 3380 3896 S  0.0  0.7   0:00.14 python
>   315 root      16   0 71932 3124  69m S  0.0  0.6   0:00.03 apache
>  1018 root      16   0  7152 2472 5692 S  0.0  0.5   0:00.00 smbd
>   134 root      17   0  5280 2232 3636 S  0.0  0.4   0:00.00 mount.smbfs
>  1016 root      15   0  5264 2184 3856 S  0.0  0.4   0:00.13 nmbd
what the? - never run samba on a net connected box unless you really know what 
you are doing security wise.  do you have a win2k/xp machine on the same 
subnet.  i notice really bad lag accessing smb shares on win2k/xp from my 
debian machine in the office - have you mounted an smb share here?
Either way ditch samba-server - you can keep the client and common packages 
for manual use to connect to a wintendo machine as required.
apt-get purge samba-server

>   264 root      34  19 19804 2076 2600 S  0.0  0.4   0:01.86 server_linux
>   265 root      16   0 19804 2076 2600 S  0.0  0.4   0:00.00 server_linux
>   266 root      15   0 19804 2076 2600 S  0.0  0.4   0:02.01 server_linux
>   267 root      15   0 19804 2076 2600 S  0.5  0.4   0:19.16 server_linux
>   268 root      15   0 19804 2076 2600 S  0.5  0.4   0:09.23 server_linux
>   270 root      16   0 19804 2076 2600 S  0.0  0.4   0:00.00 server_linux
>   271 root      15   0 19804 2076 2600 S  0.0  0.4   0:00.05 server_linux
>   272 root      15   0 19804 2076 2600 S  0.0  0.4   0:00.03 server_linux
>   273 root      15   0 19804 2076 2600 S  0.0  0.4   0:01.02 server_linux
what is this? - it's running as root by the way

>   244 root      15   0  3024 1964 1820 S  0.0  0.4   0:00.00 named
You dont need this - and it may be doing domain reverse-lookups depending on 
your inetd config below.  Unless you really need a DNS server use a DNS 
caching client instead.  Incidentally, if this isnt Bind9 you are asking for 
a root-kit.

>  1054 clan      17   0  6164 1892 5592 R  0.0  0.4   0:00.01 sshd
>  1052 root      17   0  6008 1780 5592 S  0.0  0.3   0:00.01 sshd
>   854 clan      22   0  3400 1628 2524 S  0.0  0.3   0:00.01 perl
>   300 root      16   0  3096 1400 2896 S  0.0  0.3   0:00.00 sshd
>  1055 clan      16   0  2576 1380 2400 S  0.0  0.3   0:00.00 bash
>   849 clan      16   0  2692 1368 2180 S  0.0  0.3   0:00.01 screen
>   863 clan      16   0  2692 1368 2180 S  0.0  0.3   0:00.00 screen
>   230 root      16   0  2232 1240 1360 S  0.0  0.2   0:00.09 klogd
>   853 clan      16   0  2684 1176 2180 S  0.0  0.2   0:00.00 screen
>  1056 clan      16   0  2076 1032 1868 R  0.0  0.2   0:00.04 top
>   236 root      16   0  2376 1028 2000 S  0.0  0.2   0:00.29 pppd
Looks like the server is also your DSL gateway

>   123 root      16   0  2088 1016 1752 S  0.0  0.2   0:00.00 dhclient
Necessary if you have a dynamically assigned Internet IP from your DSL 
provider - check the polling interval - unlikely to have anything to do with 
this though.

>   858 clan      15   0  1820 1004  592 S  0.0  0.2   0:00.93 codbot
>   850 clan      22   0  2296  984 2212 S  0.0  0.2   0:00.00 sh
>   303 root      18   0  1692  740 1524 S  0.0  0.1   0:00.00 rpc.statd
Remove this NOW.

>   311 root      16   0  1780  736 1600 S  0.0  0.1   0:00.00 cron
>   227 root      16   0  1576  628 1408 S  0.0  0.1   0:00.30 syslogd
>   308 daemon    16   0  1708  628 1544 S  0.0  0.1   0:00.00 atd
>   237 root      15   0  1584  608 1396 S  0.0  0.1   0:45.37 pptp
>   127 daemon    15   0  1740  600 1572 S  0.0  0.1   0:00.00 portmap
Remove this - it is a well known security exploit and is totally unnecessary.

>   286 root      18   0  1612  588 1432 S  0.0  0.1   0:00.00 lpd
Don't need this - potential security hole also - historically there have been 
lots of LPD exploits.

>   239 root      16   0  1568  576 1396 S  0.0  0.1   0:00.00 pptp
>   282 root      21   0  1556  536 1400 S  0.0  0.1   0:00.00 inetd
>     1 root      16   0  1516  512 1364 S  0.0  0.1   0:03.80 init
>   340 root      17   0  1516  468 1352 S  0.0  0.1   0:00.00 getty
>   341 root      17   0  1516  468 1352 S  0.0  0.1   0:00.00 getty
>   342 root      17   0  1516  468 1352 S  0.0  0.1   0:00.00 getty
>   343 root      16   0  1516  468 1352 S  0.0  0.1   0:00.00 getty
>   344 root      16   0  1516  468 1352 S  0.0  0.1   0:00.00 getty
>   345 root      16   0  1516  468 1352 S  0.0  0.1   0:00.00 getty
>   860 clan      22   0  1532  456 1364 S  0.0  0.1   0:00.00 rm
>     2 root      34  19     0    0    0 S  0.0  0.0   0:00.00 ksoftirqd/0
>     3 root       5 -10     0    0    0 S  0.0  0.0   0:00.00 events/0
>     4 root       5 -10     0    0    0 S  0.0  0.0   0:00.00 kblockd/0
>     5 root      25   0     0    0    0 S  0.0  0.0   0:00.00 pdflush
>     6 root      15   0     0    0    0 S  0.0  0.0   0:00.00 pdflush

Also PPTP could be having an impact - I don't use it myself so I can't say 
with any certainty - I have a separate box acting as router/firewall/IPSEC 
gateway because tunnelling is no good to me without encryption.  That said, 
PPTP is in the kernel (is it still marked as experimental? I'm not sure) but 
still has a performance overhead as it encapsulates and unencapsulates 
packets - and here it is tracking several virtual links - do all your clan 
connect over PPTP to this box - it will certainly reduce your player limit.

Before you waste too much time trying to trace the cause it would be best to 
remove all these unnecessary services.

Also, the linux distro isnt so important as the glibc you are using.
What debian release are you using (stable/testing/unstable) and are you using 
packages from more than 1 release?

If, after you have narrowed the field of potential causes by removing stuff, 
you still have a problem search every file in /var/log for evidence that 
something exceptional is occuring - like errors/warnings that something can't 
be found etc.

You may not get much useful help from guys with big or commercial setups 
because they most likely arent trying to do so many divergent tasks with the 
one box.

I'm sure you'll post if this is all crap - so I'll keep an eye out.  I want to 
run this server on one of my Debian servers anyway so if it's specific to the 
distro I'll be keen to help you track it down.

Dave

More information about the Cod mailing list