You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Ronan <r....@qub.ac.uk> on 2004/11/30 13:28:35 UTC
New Hardware
Hey list,
I am in the quite sureal situation of being given a blank cheque by my
boss to buy 2 new servers for SA. They were so impressed with the
upgrade to v3 + SURIBLS et al that when i said that our current setup
was hitting load max they found some cash for me... :D
We are in a university environment with over 100,000 mails daily.
What Im currently looking at is either 2 Sun v150s or 2 dual-opterons
probably with a gig each, and the standard 80+gigs.
Which one will be better suited to SA? I know SA is more cpu/ram than
disk IO so im leaning more toward the AMD approach. The reason there are
2 machines of each is because im gonna implement fail over using
heartbeat. Does it make a difference the Solaris / Linux route? Will SA
benefit from the dual processor option? Any other factors I should consider?
many thanks as always
ronan
--
Regards
Ronan McGlue
==============
Analyst/Programmer
Information Services
Queens University Belfast
BT7 1NN
Re: New Hardware
Posted by Bob Proulx <bo...@proulx.com>.
Ronan wrote:
> What Im currently looking at is either 2 Sun v150s or 2
> dual-opterons probably with a gig each, and the standard 80+gigs.
> Which one will be better suited to SA? I know SA is more cpu/ram
> than disk IO so im leaning more toward the AMD approach.
I would recommend going with Linux on AMD. That still leaves you with
the decision as to whether to run them 32-bit or 64-bit, your choice.
I have a mix and both work well.
> Will SA benefit from the dual processor option?
I definitely recommend the dual processor configuration. It gives
significant performance advantage for the price. Most of my work
machines are dual processors. It is a proven value.
> The reason there are 2 machines of each is because im gonna
> implement fail over using heartbeat.
If you want to play with that then have fun. But I don't think you
really need it for this implementation.
Create a DNS name with multiple A records pointing to the different IP
addresses. DNS round robin will keep both machine active closely
enough. If one machine is down the remote agents will fall-back to
the one that is up. This is a very common technique. Most
importantly almost any admin can understand it and it is pretty bullet
proof. No special knowledge or tools required. This is important so
that you can go on vacation.
You really do need the two machines though. That provides redundancy.
You can turn one off while the other handles the load. Two machines
in any critical role is the minimum.
> Does it make a difference the Solaris / Linux route?
That would be hard to quantify without becoming subjective. Okay,
let's be subjective. I feel that GNU/Linux has more potential to
continue improving into the future. With the hardware under
discussion there are many options available. Your choices are large.
Your options flexible.
Bob
Re: New Hardware
Posted by Per Jessen <pe...@computer.org>.
Per Jessen wrote:
> Depending on your setup, you can probably do without heartbeat. Why not just
> have simple 50/50 load-sharing? We have a 64-node SA cluster working like
> this - only individual servers such as the master node run in an HA setup.
Forgot to say - these are all dual-processor nodes, for SA this is without doubt
the best price/performance. Depending on the application, dual-processor nodes
don't always work well, but in this case it's straight forward.
--
Per Jessen, Zurich
Let your spam stop here -- http://www.spamchek.com
Re: New Hardware
Posted by Per Jessen <pe...@computer.org>.
Ronan wrote:
> Which one will be better suited to SA? I know SA is more cpu/ram than
> disk IO so im leaning more toward the AMD approach. The reason there are
> 2 machines of each is because im gonna implement fail over using
> heartbeat.
Depending on your setup, you can probably do without heartbeat. Why not just
have simple 50/50 load-sharing? We have a 64-node SA cluster working like this
- only individual servers such as the master node run in an HA setup.
--
Per Jessen, Zurich
Let your spam stop here -- http://www.spamchek.com
Re: New Hardware
Posted by Nix <ni...@esperi.org.uk>.
On Wed, 1 Dec 2004, Jeff Chan muttered drunkenly:
> On Wednesday, December 1, 2004, 8:17:14 AM, Ronan Ronan wrote:
>> how do i check whether SA is using
>> the locally stored file or whether is still querying the surbl.org DNS?
>> Is there an easy way if your not a bind / DNS guru?
>
> A dig may tell what name server it thinks it's using.
dig explicitly doesn't use the libc resolver library :(
`dnstracer', among other tools, should tell you (look at the first line
in the output).
--
`The sword we forged has turned upon us
Only now, at the end of all things do we see
The lamp-bearer dies; only the lamp burns on.'
Re: New Hardware
Posted by Jeff Chan <je...@surbl.org>.
On Wednesday, December 1, 2004, 8:17:14 AM, Ronan Ronan wrote:
> how do i check whether SA is using
> the locally stored file or whether is still querying the surbl.org DNS?
> Is there an easy way if your not a bind / DNS guru?
A dig may tell what name server it thinks it's using.
Jeff C.
--
Jeff Chan
mailto:jeffc@surbl.org
http://www.surbl.org/
Re: New Hardware
Posted by Ronan <r....@qub.ac.uk>.
Martin Hepworth wrote:
>
> Ronan wrote:
> <snip>
>
>> Ok well I hounded or DNS guys to finally put multi.surbls.org into the
>> dns(as a master), watched him HUP named and then....
>>
>> should i notice a difference??
>> im still getting 10+ seconds scantime on some messages..
>> how do i tell if its working?
well granted i shot a message off too soon to the list, it does appear
to be just the big messages... but how do i check whether SA is using
the locally stored file or whether is still querying the surbl.org DNS?
Is there an easy way if your not a bind / DNS guru?
>>
>
> message size issues???
>
> if you can trap one of the longer scanning emails, you should be able to
> run it through the scanner by doing
>
> spamassassin -D file
>
> and get some indication of where it's slow..
>
> --
> Martin Hepworth
> Snr Systems Administrator
> Solid State Logic
> Tel: +44 (0)1865 842300
>
>
>
>
> **********************************************************************
>
> This email and any files transmitted with it are confidential and
> intended solely for the use of the individual or entity to whom they
> are addressed. If you have received this email in error please notify
> the system manager.
>
> This footnote confirms that this email message has been swept
> for the presence of computer viruses and is believed to be clean.
>
> **********************************************************************
>
--
Regards
Ronan McGlue
==============
Analyst/Programmer
Information Services
Queens University Belfast
BT7 1NN
Re: New Hardware
Posted by Martin Hepworth <ma...@solid-state-logic.com>.
Ronan wrote:
<snip>
> Ok well I hounded or DNS guys to finally put multi.surbls.org into the
> dns(as a master), watched him HUP named and then....
>
> should i notice a difference??
> im still getting 10+ seconds scantime on some messages..
> how do i tell if its working?
>
message size issues???
if you can trap one of the longer scanning emails, you should be able to
run it through the scanner by doing
spamassassin -D file
and get some indication of where it's slow..
--
Martin Hepworth
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
This footnote confirms that this email message has been swept
for the presence of computer viruses and is believed to be clean.
**********************************************************************
Re: New Hardware
Posted by Ronan <r....@qub.ac.uk>.
Rick Beebe wrote:
> Ronan wrote:
>
>>>> Hey list,
>>>> I am in the quite sureal situation of being given a blank
>>>> cheque by my boss to buy 2 new servers for SA. They were so
>>>> impressed with the upgrade to v3 + SURIBLS et al that when i said
>>>> that our current setup was hitting load max they found some cash for
>>>> me... :D
>>>
>>>
>>>> We are in a university environment with over 100,000 mails daily.
>>>
>>>
>>>> What Im currently looking at is either 2 Sun v150s or 2
>>>> dual-opterons probably with a gig each, and the standard 80+gigs.
>
>
> I'm using a single HP DL380 with four 3Ghz Xeons and 4 gigs of RAM
> running Linux (Suse 9.0). It easily handles 150,000 messages a day with
> plenty of room for growth. For redundancy I have the SA setup mirrored
> on another machine (which is normally doing something else). In case the
> primary fails I'll simply have the backup machine alias the IP address.
> At this point I don't need the load balancing of two active machines.
>
>>> BTW were you able to get your local mirroring of the SURBL zones
>>> working well?
Ok well I hounded or DNS guys to finally put multi.surbls.org into the
dns(as a master), watched him HUP named and then....
should i notice a difference??
im still getting 10+ seconds scantime on some messages..
how do i tell if its working?
>>
>>
>> Im a systems guy so im still waiting on my network co-horts to get
>> back to me. They want to see how the load of the bind files works out
>> before they venture into rbldnsd, i dont have an account on our DNS so
>> I'll have to make a case for it to be installed on the DNS otherwise I
>> could just setup a local machine and have the DNS point to it...
>
>
> I put the SURBL zones right on the SA machine. It's running bind and
> rbldns. No changes to our DNS servers needed and it's easier for me to
> make sure updates are happening.
>
--
Regards
Ronan McGlue
==============
Analyst/Programmer
Information Services
Queens University Belfast
BT7 1NN
Re: New Hardware
Posted by Rick Beebe <ri...@yale.edu>.
Ronan wrote:
>>> Hey list,
>>> I am in the quite sureal situation of being given a blank
>>> cheque by my boss to buy 2 new servers for SA. They were so impressed
>>> with the upgrade to v3 + SURIBLS et al that when i said that our
>>> current setup was hitting load max they found some cash for me... :D
>>
>>> We are in a university environment with over 100,000 mails daily.
>>
>>> What Im currently looking at is either 2 Sun v150s or 2 dual-opterons
>>> probably with a gig each, and the standard 80+gigs.
I'm using a single HP DL380 with four 3Ghz Xeons and 4 gigs of RAM
running Linux (Suse 9.0). It easily handles 150,000 messages a day with
plenty of room for growth. For redundancy I have the SA setup mirrored
on another machine (which is normally doing something else). In case the
primary fails I'll simply have the backup machine alias the IP address.
At this point I don't need the load balancing of two active machines.
>> BTW were you able to get your local mirroring of the SURBL zones
>> working well?
>
> Im a systems guy so im still waiting on my network co-horts to get back
> to me. They want to see how the load of the bind files works out before
> they venture into rbldnsd, i dont have an account on our DNS so I'll
> have to make a case for it to be installed on the DNS otherwise I could
> just setup a local machine and have the DNS point to it...
I put the SURBL zones right on the SA machine. It's running bind and
rbldns. No changes to our DNS servers needed and it's easier for me to
make sure updates are happening.
--
_______________________________________________________________________
Rick Beebe (203) 785-6416
Manager, Systems & Network Engineering FAX: (203) 785-3481
ITS-Med Production Systems Richard.Beebe@yale.edu
Yale University School of Medicine
Suite 124, 100 Church Street South http://its.med.yale.edu
New Haven, CT 06519
_______________________________________________________________________
Re: New Hardware
Posted by Ronan <r....@qub.ac.uk>.
Jeff Chan wrote:
> On Tuesday, November 30, 2004, 4:28:35 AM, Ronan Ronan wrote:
>
>>Hey list,
>> I am in the quite sureal situation of being given a blank cheque by my
>>boss to buy 2 new servers for SA. They were so impressed with the
>>upgrade to v3 + SURIBLS et al that when i said that our current setup
>>was hitting load max they found some cash for me... :D
>
>
>>We are in a university environment with over 100,000 mails daily.
>
>
>>What Im currently looking at is either 2 Sun v150s or 2 dual-opterons
>>probably with a gig each, and the standard 80+gigs.
>>Which one will be better suited to SA? I know SA is more cpu/ram than
>>disk IO so im leaning more toward the AMD approach. The reason there are
>>2 machines of each is because im gonna implement fail over using
>>heartbeat. Does it make a difference the Solaris / Linux route? Will SA
>>benefit from the dual processor option? Any other factors I should consider?
>
>
> In general, I'd recommend Linux on AMD. Unix type operating
> systems often benefit from multiprocessing, especially recent
> Linux/BSD/etc kernels that have deeper support for multiple
> processors built in.
yeah thats what i was thinking
I'm sure other folks have some more ideas.
>
> BTW were you able to get your local mirroring of the SURBL zones
> working well?
Im a systems guy so im still waiting on my network co-horts to get back
to me. They want to see how the load of the bind files works out before
they venture into rbldnsd, i dont have an account on our DNS so I'll
have to make a case for it to be installed on the DNS otherwise I could
just setup a local machine and have the DNS point to it...
I'm looking forward to it though as it should take a load off our
mailhubs until the new systems arrive (2mnths+)
ronan
>
> Jeff C.
--
Regards
Ronan McGlue
==============
Analyst/Programmer
Information Services
Queens University Belfast
BT7 1NN
Re: New Hardware
Posted by jay <ja...@dp-design.com>.
You might also look at Solaris X86. I've just brought up such a box,
and am impressed with the performance relative to Linux on the same box.
jay
Jeff Chan wrote:
>On Tuesday, November 30, 2004, 4:28:35 AM, Ronan Ronan wrote:
>
>
>>Hey list,
>> I am in the quite sureal situation of being given a blank cheque by my
>>boss to buy 2 new servers for SA. They were so impressed with the
>>upgrade to v3 + SURIBLS et al that when i said that our current setup
>>was hitting load max they found some cash for me... :D
>>
>>
>
>
>
>>We are in a university environment with over 100,000 mails daily.
>>
>>
>
>
>
>>What Im currently looking at is either 2 Sun v150s or 2 dual-opterons
>>probably with a gig each, and the standard 80+gigs.
>>Which one will be better suited to SA? I know SA is more cpu/ram than
>>disk IO so im leaning more toward the AMD approach. The reason there are
>>2 machines of each is because im gonna implement fail over using
>>heartbeat. Does it make a difference the Solaris / Linux route? Will SA
>>benefit from the dual processor option? Any other factors I should consider?
>>
>>
>
>In general, I'd recommend Linux on AMD. Unix type operating
>systems often benefit from multiprocessing, especially recent
>Linux/BSD/etc kernels that have deeper support for multiple
>processors built in. I'm sure other folks have some more ideas.
>
>BTW were you able to get your local mirroring of the SURBL zones
>working well?
>
>Jeff C.
>
>
Re: New Hardware
Posted by Jeff Chan <je...@surbl.org>.
On Tuesday, November 30, 2004, 4:28:35 AM, Ronan Ronan wrote:
> Hey list,
> I am in the quite sureal situation of being given a blank cheque by my
> boss to buy 2 new servers for SA. They were so impressed with the
> upgrade to v3 + SURIBLS et al that when i said that our current setup
> was hitting load max they found some cash for me... :D
> We are in a university environment with over 100,000 mails daily.
> What Im currently looking at is either 2 Sun v150s or 2 dual-opterons
> probably with a gig each, and the standard 80+gigs.
> Which one will be better suited to SA? I know SA is more cpu/ram than
> disk IO so im leaning more toward the AMD approach. The reason there are
> 2 machines of each is because im gonna implement fail over using
> heartbeat. Does it make a difference the Solaris / Linux route? Will SA
> benefit from the dual processor option? Any other factors I should consider?
In general, I'd recommend Linux on AMD. Unix type operating
systems often benefit from multiprocessing, especially recent
Linux/BSD/etc kernels that have deeper support for multiple
processors built in. I'm sure other folks have some more ideas.
BTW were you able to get your local mirroring of the SURBL zones
working well?
Jeff C.
--
Jeff Chan
mailto:jeffc@surbl.org
http://www.surbl.org/
Re: New Hardware
Posted by Martin Hepworth <ma...@solid-state-logic.com>.
Ronan
I'd go for dual opteron V20z if you want to stick with sun kit.
Will outperform the Sparc based stuff.
no need to heart-beat, just have the two machines on same MX value and
DNS will load balance for you.
Would be interesting to see how Solaris 10 compares with Linux in this
environment - you'd have to test both to see they cope.
--
Martin Hepworth
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300
Ronan wrote:
> Hey list,
> I am in the quite sureal situation of being given a blank cheque by
> my boss to buy 2 new servers for SA. They were so impressed with the
> upgrade to v3 + SURIBLS et al that when i said that our current setup
> was hitting load max they found some cash for me... :D
>
> We are in a university environment with over 100,000 mails daily.
>
> What Im currently looking at is either 2 Sun v150s or 2 dual-opterons
> probably with a gig each, and the standard 80+gigs.
> Which one will be better suited to SA? I know SA is more cpu/ram than
> disk IO so im leaning more toward the AMD approach. The reason there are
> 2 machines of each is because im gonna implement fail over using
> heartbeat. Does it make a difference the Solaris / Linux route? Will SA
> benefit from the dual processor option? Any other factors I should
> consider?
>
> many thanks as always
>
> ronan
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
This footnote confirms that this email message has been swept
for the presence of computer viruses and is believed to be clean.
**********************************************************************