Posts Tagged Linux

SOLVED: Linux software RAID 5 too slow

Posted by Alex Amiryan in howtos on April 10th, 2009

In this article I am going to tell about my experience with Linux software RAID.
So I had a ASUS P6T motherboard which has Intel ICH10R raid controller, 3x 1 Tb SATA 2 HDDs and Intel Core i7 920 processor. So I wanted to install Fedora 10 on that machine.
After configuring RAID 5 in the BIOS I booted the Fedora 10 installation DVD to start the installation. BUT! Suddenly I saw that Anaconda see 3 separate hard drives instead of 1 RAID device. After some googleing I figured out that my motherboard don’t have real RAID controller. Instead it is fakeraid controller. It is just software raid which software is located in BIOS. So I decided to use linux software raid, because it is definitely better than the from ASUS.
So installed Fedora 10 with linux software RAID 5 with LUKS encryption. After installation machine started to work very slowly. I thought it so because of the encryption, but after some googleing I understood that the encryption can’t slow down the machine that way. The thing was when you newly create RAID 5 array it needs to build the 3rd hard drive and it take a lot of time. It took from me approximately 4 hours to finish that operation on 1 Tb hard drives. You can check the rebuild status at any time invoking one of the following commands:

# cat /proc/mdstat

or

# mdadm --detail /dev/md0

After rebuild was over and after some tunings (see tuning parameters below) I had ~90 Mb/s write and ~200 Mb/s read.

My tuning parameters was:

echo 32768 > /sys/block/md0/md/stripe_cache_size
blockdev --setra 65536 /dev/md0

, ,

2 Comments

Traffic shaping under Linux with tc and iptables

Posted by Alex Amiryan in howtos on February 16th, 2009

My aim was to make traffic shaping in our office. Internet router and development server is the same computer. Local network which consist of workstations has to have 300 kbit internet access and also full 1Gbit access to development server. Development server has to have unlimited access to internet. So we have to shape only the traffic which goes from local network to internet. My local network interface is eth1, internet interface is eth0. Local network is 192.168.0.0/255.255.255.0 and development server’s IP is 192.168.0.1.
I have read some documentation on tc and iptables and wrote this scripts.

shaper.sh

#!/bin/sh
# Delete root qdisc from eth1 in case that we execute this script for the second time
tc qdisc del dev eth1 root
# Create root qdisc
tc qdisc add dev eth1 root handle 1:0 htb default 2
# Create main class with 1 Gbit traffic
tc class add dev eth1 parent 1:0 classid 1:1 htb rate 1024mbit ceil 1024mbit
# Create class for local network with 300 Kbit traffic
tc class add dev eth1 parent 1:1 classid 1:2 htb rate 300kbit ceil 300kbit
# Create class for development server again with 1 Gbit
tc class add dev eth1 parent 1:1 classid 1:3 htb rate 1024mbit ceil 1024mbit
# Adding qdiscs to our tree leaves
tc qdisc add dev eth1 parent 1:2 sfq
tc qdisc add dev eth1 parent 1:3 sfq
# Route packets marked with 0x7 to 1:2 qdisc which is for local network
tc filter add dev eth1 parent 1:0 protocol ip prio 1 handle 7 fw flowid 1:2
# Route packets marked with 0x8 to 1:3 qdisc which is for development server
tc filter add dev eth1 parent 1:0 protocol ip prio 1 handle 8 fw flowid 1:3

And finaly we have to configure iptables to mark packets 0×7 or 0×8 acording to its source and destination

iptables_config.sh

#!/bin/sh
# Create three chains for routing
iptables -t mangle -N traffic_office
iptables -t mangle -N traffic_office_to_server
iptables -t mangle -N traffic_server
# Mark traffic from local network 0x7
iptables -t mangle -A traffic_office -j MARK --set-mark 0x7
# Mark traffic from local network to dev server 0x8
iptables -t mangle -A traffic_office_to_server -j MARK --set-mark 0x8
# Mark traffic from internet to dev server 0x8
iptables -t mangle -A traffic_server -j MARK --set-mark 0x8
# Send traffic to chain traffic_server which comes from server and not going to local network
iptables -t mangle -A POSTROUTING -s 192.168.0.1 -d ! 192.168.0.0/255.255.255.0 -j traffic_server
# Send traffic to chain traffic_server which comes from somewhere, not from local network and goes to dev server
iptables -t mangle -A POSTROUTING -s ! 192.168.0.0/255.255.255.0 -d 192.168.0.1 -j traffic_server
# Send traffic to chain traffic_office which comes not from dev server and goes to local network
iptables -t mangle -A POSTROUTING -s ! 192.168.0.1 -d 192.168.0.0/255.255.255.0 -j traffic_office
# Send traffic to chain traffic_office which comes local network and goes not to dev server
iptables -t mangle -A POSTROUTING -s 192.168.0.0/255.255.255.0 -d ! 192.168.0.1 -j traffic_office
# Send traffic to chain traffic_office_to_server which comes dev server and goes to local network
iptables -t mangle -A POSTROUTING -s 192.168.0.1 -d 192.168.0.0/255.255.255.0 -j traffic_office_to_server
# Send traffic to chain traffic_office_to_server which comes local network and goes to dev server
iptables -t mangle -A POSTROUTING -s 192.168.0.0/255.255.255.0 -d 192.168.0.1 -j traffic_office_to_server

, , , , , ,

4 Comments