For a few days I had a client whose main NetWare server would practically hang every afternoon for about 1/2 hour(The server did this for a few days... I didn't have the client for a few days). It was the craziest thing until I saw what was actually happening...
This server is one of those small biz servers that does practically everything. File, print, GroupWise, FTP, routing, BorderManager Reverse Proxy, iFolder... get the idea?
When the server was misbehaving, I happened to look at the BorderManager screen and saw that is was going nuts... hundreds of requests per second. Shutdown BorderManager and activity returned to normal, start it up and within a minute we'd be back in the thick of it.
Now, this was by no means a "standard install". In order to secure the system (there's a fair bit of organizational paranoia and an inordinate amount of money - not for IT - considering there's only 25 users) with no real budget we had setup BorderManager reverse proxy for a web server they had inside the network. We also configured it for GroupWise webaccess which ran on the same server as BorderManager (but a different IP). Of course, this affected ALL web services on that IP including... wait for it.... iFolder.
It just so happened that the SQL server would do a regular database dump every afternoon into... you guessed it... an iFolder. This wasn't a problem until we added the BorderManager proxy. Suddenly, we had an 800MB file being transferred accross a 1Gbps link to BorderManager, then being retransmitted (again at 1Gbps) to another IP on the same NIC. In essence this file upload was trying to transmit itself 3 times over (1 - SQL to BM, 2 - BM to Apache (send), 3 - BM to Apache (receive)).
Essentially a DoS on myself.
Posts
No comments:
Post a Comment