RE: Number of dnsserver processes?

From: Williams Jon <[email protected]>
Date: Wed, 18 Aug 1999 16:26:42 -0500

To save space, I've cut out my original comments and numbered the questions.

1) In terms of byte hit ratio, we're only running 10-15%, but we've got a
very diverse user base scattered across seven continents. We typically run
somewhere between 25 and 35% on request hit rate.

2) Ordinarily I wouldn't have gone with the EMC since the overhead of RAID
on writes is a penalty, but due to the savings from using shared systems in
the data center and the large amounts of RAM used for write caching, I find
that our disk performance is not bad at all.

3) I thought about using the sticky feature in the LD, but this is only the
top part of my kingdom. Underneath this, we've got some 20 2nd-level caches
and maybe 30 3rd-level caches. It looked as if we'd lose the load-shaping
benefits of the LD by using sticky since there are no end-users pointing at
the cache I described. For example, 35-40% of all the traffic comes from
one location, which has their own cache. With sticky on, there'd be no
period of zero activity from that 2nd-level cache, so the LD would always
send all its connections to only one 1st-level cache. To make matters a bit
more confusing, we've got a number of domestic locations which have large
pipes (i.e. DS3), so we're locating their caches on a second
high-availability cluster, which I'll describe below.

4) One huge, HUGE gotcha that I ran into with the LD was bridge looping. In
the 2nd-level monster cache, we went for maximum availability. This meant
two proxy server boxes, each with two CPUs and two power supplies which are
cross-connected to the redundant building power fed from two different city
power grids. Each cache is using disk from a differen EMC box. There is
another pair of LDs in the HA mode, and all of the networking is placed
50-50 on two seperate switches with connections between them to make the
VLANs appear as one. What ended up happening was that the wires got run
wrong, so instead of having the network looking like an H, there was a
direct path in the front of LDA-VLAN1, out the back of LDA, and on to
SwitchB-VLAN1. When someone turned spanning on from VLAN3 (a completely
different network) and pointed all the traffic to the front leg of LDA, we
suddenly had traffic from VLAN3 appearing on VLAN1, which caused a mega-huge
EIGRP storm that nearly collapsed the whole network!

I guess what I'm trying to say is that this can get very complicated, so
you'd better keep a close eye on how everything gets put together or you'll
be in a heap of hurt :-)

Jon

> -----Original Message-----
> From: Clifton Royston [SMTP:cliftonr@lava.net]
> Sent: Wednesday, August 18, 1999 2:17 PM
> To: WilliamsJon@JDCORP.deere.com
> Cc: squid-users@ircache.net
> Subject: Re: Number of dnsserver processes?
>
        1) Any guesstimate on the % bytes hit rate you're getting, with that
> amount of disk per server?
>
        2) [drool...] I really wish I could afford the EMC equipment for
our
> other servers - not sure I'd use it on a cache server, but for shared
> storage it looks very very nice.
>
        3) You might press Cisco to implement "sticky" connections (or check
if
> it's buried in their docs somewhere?) - the switches we're preparing to
> use have that as a configurable option, where they will attempt to
> consistently route sessions from a given client to the same cache
> server or load-balanced server within a time threshold you set (e.g. 5
> minutes, 15 minutes.) That would help with the problem you describe.
>
        4) Any other "gotchas" you'd care to share with us on implementing
caching
> on the grand scale?
>
Received on Wed Aug 18 1999 - 15:12:09 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:48:03 MST