Article delegate-en/3955 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]

Newsgroups: mail-lists.delegate-en

[DeleGate-En] delegated reload very slow most of time.
15 Apr 2008 01:17:55 GMT "David Wang" <pomhqbdyi-rra4sduwc3zr.ml@ml.delegate.org>


Hi Yutaka,

 

Our version is 9.1.1, we are using it as proxy to access our http/https
server with permitted list. Each time when we add an IP address of our
clients into that permitted list file (most are IP address, few is
hostname), and reload/restart delegated, most time it takes several minutes,
sometimes more than 10 minutes to finish. I checked the log file, it seems
most time cost on gethostbyaddr, {R} SOA got for each IP address or
hostname. The details are below,

 

The command is

$DELEGATED -P443 SERVER=https +=${DGROOT}/etc/delegate_https.cfg

And the config file delegate_https.cfg is:

DGPATH=/var/spool/delegate-nobody/etc:+

+=common.cfg

STLS=fcl

REMITTABLE=https

 

MOUNT=/twsi http://xxx.xxx.xxx.xxx:8080/index.html
host=-hostname.firstwave.com.au

MOUNT=/twsi/ http://xxx.xxx.xxx.xxx:8080/index.html
host=-hostname.firstwave.com.au

MOUNT=/twsi/* http://xxx.xxx.xxx.xxx:8080/* host=-hostname.firstwave.com.au

 

PERMIT=https:{127.0.0.1:8080}:+=permitted_ clients.cfg

PERMIT=https:{xxx.xxx.xxx.xxx:8080}:+=permitted_ clients.cfg

permitted_clients.cfg is our permitted access list file, which contains our
clients IP address or hostname (more than 95% are IP address). The log file
../log/443 is:

04/15 10:30:35.01 [17430] 0+0: configuring default RESOLV ...

04/15 10:30:35.01 [17430] 0+0: ... SYS: hostname.firstwave.com.au ->
123.123.123.123

04/15 10:30:35.01 [17430] 0+0: ... DNS: 123.123.123.123 ->
hostname.firstwave.com.au

04/15 10:30:35.01 [17430] 0+0: ... DNS available

04/15 10:30:35.01 [17430] 0+0: ... NIS not available (no default domain)

04/15 10:30:35.01 [17430] 0+0: ... export RES_ORDER=CFD

04/15 10:30:35.01 [17430] 0+0: export RESOLV=cache,file,dns (set by default)

04/15 10:30:35.01 [17430] 0+0: --INITIALIZATION START: 9.1.1 on
Linux/2.6.9-22.ELsmp--

04/15 10:30:35.01 [17430] 0+0: BINSHELL=/bin/sh

04/15 10:30:35.01 [17430] 0+0: scan STLS and FILTERS before beDaemon()...

04/15 10:30:35.01 [17430] 0+0: STLS -> CMAP="sslway:FCL:starttls"

04/15 10:30:35.01 [17430] 0+0: --- [z] 9B0C400 libz.so

04/15 10:30:35.01 [17430] 0+0: ---- [z] loaded 7 syms, unknown=0, already=0

04/15 10:30:35.01 [17430] 0+0: #### gzip/gunzip = dynamically linked

04/15 10:30:35.01 [17430] 0+0: --- [ssl] 9B0C788 libssl.so

04/15 10:30:35.01 [17430] 0+0: ---- [ssl] loaded 89 syms, unknown=0,
already=0

04/15 10:30:35.02 [17430] 0+0: ## SSLway ## 0.003041 connected/accepted

04/15 10:30:35.02 [17430] 0+0: ## SSLway initialized ctx #100000000 0 X

04/15 10:30:35.02 [17431] 0+0: -- Fork(daemon): 17430 -> 17431

04/15 10:30:35.02 [17431] 0+0: server_open(delegate,:443,listen=20)

04/15 10:30:35.02 [17431] 0+0: server_open(delegate,:443) BOUND

04/15 10:30:35.02 [17431] 0+0: DGROOT=/var/spool/delegate-nobody^M

04/15 10:30:35.02 [17431] 0+0: <DeleGate/9.1.1> [17431] -P443 READY^M

04/15 10:30:35.02 [17431] 0+0: PORT= 443/9 (1,187)

04/15 10:30:35.02 [17431] 0+0: OWNER=nobody/nobody =>
OWNER=nobody/nobody(nobody/nobody)

04/15 10:30:35.02 [17431] 0+0: STLS -> CMAP="sslway:FCL:starttls"

04/15 10:30:35.02 [17431] 0+0: REMITTABLE = https

04/15 10:30:35.08 [17431] 0+0: {R} SOA got
[13.101.150.in-addr.arpa][ns2.on.net][hostmaster.adelaide.on.net] 2008031200
7200 1800 25

92000 86400

04/15 10:30:35.12 [17431] 0+0: {R} SOA got
[241.167.59.in-addr.arpa][ns2.on.net][hostmaster.internode.on.net]
2007121800 7200 1800 2

500000 0000X

04/15 10:30:37.13 [17431] 0+0: {R} [246.124.45.203.in-addr.arpa.]*1 q=1,a=0,
s=1,r=0 (2s)

04/15 10:30:39.14 [17431] 0+0: {R} SOA got
[124.45.203.in-addr.arpa][dns0.telstra.net][hostmaster.telstra.net]
2008031900 10800 3600

 7200000 0000X

04/15 10:30:39.14 [17431] 0+0: gethostbyaddr(203.45.124.246) unknown[4.02s]
recv[202.12.141.236](108) Q[246.124.45.203.in-addr.arpa]

 ID=7/7 AA=0 RD=1 RA=1 RCODE=3 ans,ns,add=0,1,0

04/15 10:30:41.15 [17431] 0+0: {R} [10.124.45.203.in-addr.arpa.]*1 q=1,a=0,
s=1,r=0 (2s)

04/15 10:30:41.27 [17431] 0+0: gethostbyaddr(203.45.124.10) unknown[2.13s]
recv[202.12.141.236](107) Q[10.124.45.203.in-addr.arpa] I

D=8/8 AA=0 RD=1 RA=1 RCODE=3 ans,ns,add=0,1,0

..

04/15 10:34:35.76 [17431] 0+0: {R} [132.220.228.165.in-addr.arpa.]*1
q=1,a=0, s=1,r=0 (2s)

04/15 10:34:39.76 [17431] 0+0: {R} [228.69.135.149.in-addr.arpa.]*1 q=1,a=0,
s=1,r=0 (2s)

04/15 10:34:41.81 [17431] 0+0: ADMIN=waveadmin@firstwave..au
protocol=https(specialist)

04/15 10:34:41.81 [17431] 0+0: WORKDIR=/var/spool/delegate-nobody/work/443

..

Could you please tell me how to fix it so as to reload the permitted access
list file more quickly?

 

Looking forward to hearing from you.

 

Kind Regards,

David



  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V