Chris,<div><br>Actually Paytam resolved the problem, the fix was.</div><div><br>It was simply amazing.</div><div><br></div><div>Best,</div><div>Khalid</div><div><br></div><div><div>violet2:~# cat README_PLEASE</div><div>Hi There,</div>
<div><br></div><div>This is Payam, i fixed your system by modifying your nf_conntrack max setting as well as its h ash bucket size. Since you are using connection tracking via iptable, you need to</div>
<div>make sure to modify the settings else you will have issues such as the one reported =)</div><div><br></div><div>i created a payam-tune.sh file that has the 2 main commands you need</div><div>i also tuned the system slightly by making sure the proper sysctl.conf options were selected</div>
<div><br></div><div>i no longer can experience the issue you were having before</div><div>one quick way for figuring out if your system is erroring out anywhere is by using "dmsg" comm and on the command line</div>
<div><br></div><div>I also installed chkrootkit for you, in case your system was compromised. id recomend installi ng rkhunter 'apt-get install rkhunter'</div>
<div>I have also created you a test script to test your site, called wget-test.sh.</div><div><br></div><div>cheers</div><div>Payam</div><div><a href="mailto:pchychi@gmail.com">pchychi@gmail.com</a></div><div>violet2:~# cat payam_tune.sh</div>
<div># payam - pchychi</div><div><b>echo 1048576 > /proc/sys/net/ipv4/netfilter/ip_conntrack_max</b></div><div><b>modprobe ip_conntrack hashsize=1048576</b></div><div>violet2:~#</div><div><br></div><br><div class="gmail_quote">
On Thu, Sep 24, 2009 at 12:44 AM, Christopher Smith <span dir="ltr"><<a href="mailto:x@xman.org">x@xman.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div class="im">Avleen Vig wrote:<br>
> On Sep 21, 2009, at 1:02, François Battail <<a href="mailto:fb@francois.battail.name">fb@francois.battail.name</a>><br>
> wrote:<br>
><br>
>> Le dimanche 20 septembre 2009 à 22:47 -0700, Khalid Shaikh a écrit :<br>
>><br>
>>> worker_processes 32;<br>
>><br>
>> That's way too much, try to keep the number of workers sticked to the<br>
>> number of cores (eg: 4).<br>
><br>
> Surely you should have more?<br>
> Eg with 4 cores have 8 workers.<br>
><br>
> If workers block serving a request, this means you don't have CPU<br>
> sitting idle.<br>
</div>Generally no. If you are doing everything properly event driven (even<br>
more so if you shift from a polling model to an AIO model), then any<br>
time you are busy serving a request, that means your CPU isn't sitting<br>
idle. The only time it should be idle is when there literally aren't any<br>
requests/events to process (at which point extra processes isn't going<br>
to help).<br>
<br>
--Chris<br>
<br>
</blockquote></div><br></div>