Slow network performance in Solaris 7
Simon Stewart
websites (Apache 1.3.17 and PHP 4, upgraded very recently to Apache
1.3.19, mod_perl and PHP4) and runs an SSH2 daemon, amongst its
services.
The problem is that network performance is medium at the best of times
and unworkable at worst. The machine hovers between a load of 0.5 and
4-5 (at extreme times) but even when it's not busy bad performance can
be observed. This isn't just a slow HTTP connection, but also SSH, so
I doubt it's because mod_perl and mod_php are fighting (and, in any
case, this problem existed before I installed mod_perl)
A traceroute indicates that the Sun box sometimes takes well over
100ms to respond, as opposed to 30-50ms for intermediate hops, so I
don't think it's the network either (although there are some choke
points that I've picked up on)
Does anyone out there have any ideas about how to find out the root
cause of the problem and/or how to fix it? Has anyone else seen this
sort of behaviour?
If you reply to the list, could you please CC it to my mail address as
well? It would be appreciated.
Regards and TIA,
Simon Stewart
Casper Berris - System Installation Engineer
news:3abb72cc....@news.theplanet.co.uk...
Hi,
What kind of connection is the E450 using? Is it connected via ethernet? If
so,
100Mb full-duplex or 10Mb half-duplex.
Maybe the hme interface is bounching between 10 and 100 Mb.
You can force the hme-interface to work at 100Mb full-duplex/half-duplex or
10Mb full-duplex/halfduplex. Now follow a document from sunsolve.sun.com:
How to force the HME card to work at 100mb (full-duplex).
If the auto negotiate does not work, then the 100-MB full-duplex mode
can be forced to run at 100-MB, Full-Duplex using the following:
Please try (if using /etc/rc2.d/S99...)
ndd -set /dev/hme instance 0
ndd -set /dev/hme adv_100T4_cap 0
ndd -set /dev/hme adv_100fdx_cap 1
ndd -set /dev/hme adv_100hdx_cap 0
ndd -set /dev/hme adv_10fdx_cap 0
ndd -set /dev/hme adv_10hdx_cap 0
ndd -set /dev/hme adv_autoneg_cap 0
or (if using /etc/system)
set hme:hme_adv_autoneg_cap=0
set hme:hme_adv_100T4_cap=0
set hme:hme_adv_100fdx_cap=1
set hme:hme_adv_100hdx_cap=0
set hme:hme_adv_10fdx_cap=0
set hme:hme_adv_10hdx_cap=0
Note that the order does make a difference.
The link is re-negotiated when the interface is
ifconfig'ed up or when ndd ndd adv_autoneg_cap command is executed.
======
How to force the HME card to work at 10mb (full-duplex).
The section "10FDX" includes how to force the HME card to work at 10 MB
(full-duplex). You can either put the commands in the /etc/system file
or in a startup script -- i.e. /etc/rc2.d/S99hme_config. Another way
is to make the changes from the command line -- using the "ndd" command
using
the syntax below. But it is better to put the commands in /etc/system or a
startup script to preserve the environment accross reboots.
10FDX only
/etc/system
set hme:hme_adv_autoneg_cap=0
set hme:hme_adv_100T4_cap=0
set hme:hme_adv_100fdx_cap=0
set hme:hme_adv_100hdx_cap=0
set hme:hme_adv_10fdx_cap=1
set hme:hme_adv_10hdx_cap=0
ndd commands
ndd -set /dev/hme instance 0
ndd -set /dev/hme adv_100T4_cap 0
ndd -set /dev/hme adv_100fdx_cap 0
ndd -set /dev/hme adv_100hdx_cap 0
ndd -set /dev/hme adv_10fdx_cap 1
ndd -set /dev/hme adv_10hdx_cap 0
ndd -set /dev/hme adv_autoneg_cap 0
=======
Is the hme interface running at 10BaseT or 100BaseT
How do you tell if the hme interface is actually linked up at 10 Mbps or 100
Mbps?
Answer:
# ndd -get /dev/hme link_status
# ndd -get /dev/hme link_speed
# ndd -get /dev/hme link_mode
link_status (read only)
0 for Link Down
1 for Link up
link_speed (read only)
0 for 10 Mbps
1 for 100 Mbps
link_mode (read only)
0 for Half-Duplex mode
1 for Full-Duplex mode
=======
--
=============================
Casper Berris
E-mail home: casper...@home.nl
E-mail work: casper...@sun.com
=============================
Time flies when your having Sun!!!
=============================
Simon Stewart
Engineer" <Casper...@home.nl> wrote:
>"Simon Stewart" <sste...@cr-online.co.uk> schreef in bericht
>news:3abb72cc....@news.theplanet.co.uk...
>> I am currently looking after a Sun E450 running Solaris 7.
>>
>> The problem is that network performance is medium at the best of times
>> and unworkable at worst.
<snip>
>> A traceroute indicates that the Sun box sometimes takes well over
>> 100ms to respond, as opposed to 30-50ms for intermediate hops, so I
>> don't think it's the network either (although there are some choke
>> points that I've picked up on)
<snip>
>
>Hi,
>
>What kind of connection is the E450 using? Is it connected via ethernet? If
The connection is an ethernet connection at a remote hosting facility.
I would imagine that it's a full 100Mbs connection, but I don't really
have any means of proving it unless they respond to my messages :(
Because of this, I want to be suitably paranoid about changing
configs.
>so,
>100Mb full-duplex or 10Mb half-duplex.
>Maybe the hme interface is bounching between 10 and 100 Mb.
>You can force the hme-interface to work at 100Mb full-duplex/half-duplex or
>10Mb full-duplex/halfduplex. Now follow a document from sunsolve.sun.com:
Thanks for the information. On Monday I'll see if I can't get hold of
one of the hosting company's engineers and see if I can get some more
details. If it turns out that everything *should* be fine, I'll
attempt to make the interface run at 100Mb/s FD.
Regards,
Simon
[jtwis.com]
online.co.uk says...
> On Fri, 23 Mar 2001 19:30:58 GMT, "Casper Berris - System Installation
> Engineer" <Casper...@home.nl> wrote:
>
> >"Simon Stewart" <sste...@cr-online.co.uk> schreef in bericht
> >news:3abb72cc....@news.theplanet.co.uk...
CC'd by mail.
The output of "netstat -in" will give you invaluable information. Also,
try using the lockstat command to see if your hme (or other) card is
overloaded:
lockstat sleep 30 > /tmp/out
Remember that network performance can be caused by a Sun box being
overloaded, but also (gasp) a bad network configuration. Make sure they
don't have 30 servers connected to one 10 Mbps Ethernet port.
--
Sun/Solaris consulting at:
http://www.jtwis.com
Simon Stewart
>In article <3abba622....@news.theplanet.co.uk>, sstewart@cr-
>online.co.uk says...
>> On Fri, 23 Mar 2001 19:30:58 GMT, "Casper Berris - System Installation
>> Engineer" <Casper...@home.nl> wrote:
>>
>> >"Simon Stewart" <sste...@cr-online.co.uk> schreef in bericht
>> >news:3abb72cc....@news.theplanet.co.uk...
>
>CC'd by mail.
Thank you.
>The output of "netstat -in" will give you invaluable information. Also,
>try using the lockstat command to see if your hme (or other) card is
>overloaded:
>lockstat sleep 30 > /tmp/out
I'd inherited this Sun box, so it's still a little new to me. I'd
known about the netstat command, but the lockstat was new to me.
>Remember that network performance can be caused by a Sun box being
>overloaded, but also (gasp) a bad network configuration. Make sure they
>don't have 30 servers connected to one 10 Mbps Ethernet port.
I suspect quite strongly that the problem is caused by the ethernet
interface being a little misconfigured (from previous posts and
emails) All I need to do now is to find out the speed of the switch
that sits in front of my machine (it's a long story, available over
email if anyone is that interested --- it's not strictly relevant) and
how many other machines are plugged into it before I do any major
changes.
I don't think that the problem is the Sun box being overloaded, since
bad network performance is seen even at low loads (0.5, for example)
Regards,
Simon
Simon Stewart
Engineer" <Casper...@home.nl> wrote:
>"Simon Stewart" <sste...@cr-online.co.uk> schreef in bericht
>news:3abb72cc....@news.theplanet.co.uk...
>> I am currently looking after a Sun E450 running Solaris 7. It hosts 7
>> websites (Apache 1.3.17 and PHP 4, upgraded very recently to Apache
>> 1.3.19, mod_perl and PHP4) and runs an SSH2 daemon, amongst its
>> services.
>>
>> The problem is that network performance is medium at the best of times
>> and unworkable at worst.
<snip>
>What kind of connection is the E450 using? Is it connected via ethernet? If
>so,
>100Mb full-duplex or 10Mb half-duplex.
I've been told by our hosting company that it's sitting in front of a
100Mb/s switch.
<snip>
>The link is re-negotiated when the interface is
>ifconfig'ed up or when ndd ndd adv_autoneg_cap command is executed.
<snip>
I take it that using ifconfig will cause the setting from /etc/system
to be used, whilst "ndd ndd adv_autoneg_cap" will cause the settings
that I've entered using the ndd command to be used....
However:
# ndd ndd \?
couldn't push module 'ndd', No such device or address
suggests that the ndd command from the Sun docs won't work. So how do
I force the settings to change without adding entries into
/etc/system? Running an at job to force the interface to the higher
speed causes the machine to become unreachable until a second at job
drops the speed down to 10Mb/s HD --- perhaps I need to restart inetd?
Regards,
Simon Stewart
Lon Stowell
>
>I take it that using ifconfig will cause the setting from /etc/system
>to be used, whilst "ndd ndd adv_autoneg_cap" will cause the settings
>that I've entered using the ndd command to be used....
/etc/system is only effective at boot.
>
>However:
>
># ndd ndd \?
>couldn't push module 'ndd', No such device or address
try ndd /dev/hme
If you have multiple ones, you will need to set the
instance number for each interface.
>
>suggests that the ndd command from the Sun docs won't work. So how do
>I force the settings to change without adding entries into
>/etc/system? Running an at job to force the interface to the higher
>speed causes the machine to become unreachable until a second at job
>drops the speed down to 10Mb/s HD --- perhaps I need to restart inetd?
No. you've nailed it as the inevitable ethernet half/fast
duplex issue.
Rule Number 1.
Sun's do not autonegotiate with Cisco's. At least not
never, ever, that I've observed.
Rule Number 2.
You cannot have autonegotation at one end of the cable
and manual configuration at the other. Well ok you
CAN but only if one end is [ manual 100 half ] as the
auto end WILL go half duplex at 100Mbit unless auto
is enabled at both ends AND works. See Rule Number 1
for why this is rarely a good idea.
If you have another Solaris box, an Ultra/5 or faster will
pretty much saturate the link using a mkfile write at
100Mbit. If it doesn't you almost always have a half-fast
duplex connection at one or more points in the network.
Set your hme to 100 full, no auto. Set the switch port
to 100 Full, no auto.
Now you need to worry about what is on the other end of
the LAN. Some PC NIC's, particularly those by Intel
manage to autonegotiate very well. Some others don't.
A half-fast duplex connection anywhere in the LAN connection
will kill performance.
If you see "collisions" in netstat on your NIC, or in the
show port at the switch, that end is in half duplex.
Simon Stewart
wrote:
>Simon Stewart <sste...@cr-online.co.uk> wrote:
>>
<snip>
>>However:
>>
>># ndd ndd \?
>>couldn't push module 'ndd', No such device or address
>
> try ndd /dev/hme
After having a poke about, this is what I did. The point was that the
Sun docs were suggesting that I use "ndd ndd \?" instead, which
doesn't work.
<snip>
> Rule Number 1.
>
> Sun's do not autonegotiate with Cisco's. At least not
> never, ever, that I've observed.
Ahhh... this is the root of the problem! I don't have any control over
the switch (other than the fact that I can ask our hosting company to
make changes to its config) so setting it to 100Mb/s no auto is a bit
tricky.
I have shoved the speed of the Sun'd NIC up to 10Mb/s full duplex, and
SSH sessions and HTTP conenctions are far snappier.
Many thanks to all of you who've helped me!
Simon
Casper H.S. Dik - Network Security Engineer
sste...@cr-online.co.uk (Simon Stewart) writes:
>After having a poke about, this is what I did. The point was that the
>Sun docs were suggesting that I use "ndd ndd \?" instead, which
>doesn't work.
Could you please point to the documents suggesting the above?
>> Sun's do not autonegotiate with Cisco's. At least not
>> never, ever, that I've observed.
>Ahhh... this is the root of the problem! I don't have any control over
>the switch (other than the fact that I can ask our hosting company to
>make changes to its config) so setting it to 100Mb/s no auto is a bit
>tricky.
I have seen no probolem swith auto negaotiation with Cisco equipment,
as long as you update the firmware of the Cisco switches to a recent
version if you have older equipment.
Also make sure that you don't run a really old OS release w/ unpatched
hme drivers.
I strongly suggest to enable auto negotiation as often as you can; most
times I get to hunt down network performance problems it's a switched
fixed to 100/full and a Sun set to auto (which falls back to 100/half).
If one side doesn't negotiate, the other side can't know anything other
than the wirespeed (10 or 100).
Now, a typical indication of probem is that hte Sun will be 100/half and
complain about "late" collisions. Late collisions are "cannot happen"
events. In normal ether parlance it means that your yellow hose is
too long; for switched networks it indicates that a half-duplex
system receives packets while sending from a full-duplex system.
Autonegotation works most of the time and it is usually worthwhile upgrading
switch firmware to get it to work; fixing it gets you into a spiralling
maintenance nightmare.
Casper
--
Expressed in this posting are my opinions. They are in no way related
to opinions held by my employer, Sun Microsystems.
Statements on Sun products included here are not gospel and may
be fiction rather than truth.
John D Groenveld
Lon Stowell <lsto...@dnai.com> wrote:
> Rule Number 1.
>
> Sun's do not autonegotiate with Cisco's. At least not
> never, ever, that I've observed.
>
> Rule Number 2.
>
> You cannot have autonegotation at one end of the cable
> and manual configuration at the other. Well ok you
Rule number 1 should read
Cisco switches default to locked 100Mb/FDX
Rule number 2 should be appended with
If your local net nazi won't change the default from locked to
auto-negotiate then you should get another net nazi.
Cisco switches and Sun's auto negotiate fine to 100Mb/FDX when
both systems are properly configured and the wiring is up to spec.
John
groe...@acm.org
John Ekins
> Cisco switches default to locked 100Mb/FDX
This is simply not the case. Cisco auto-negotation is more often wrong
than right, so it should never be trusted. It's not just Suns that
experience this. It includes Linux and FreeBSD machines too.
> Rule number 2 should be appended with
> If your local net nazi won't change the default from locked to
> auto-negotiate then you should get another net nazi.
Easier said than done.
> Cisco switches and Sun's auto negotiate fine to 100Mb/FDX when
> both systems are properly configured and the wiring is up to spec.
I always manually configure these settings on machines and the switch
ports they are plugged into. If that's what you refer to as "properly
configured" I agree.
> John
> groe...@acm.org
John.