Looking for troubleshooting tips.
paul.halliday at gmail.com
Wed Oct 21 14:58:35 UTC 2009
I use Freebsd as the base for my network monitoring sensors. These
machines run a netflow probe, act as a netflow collector and spool
full content data from a snort process FIFO that is bound to a span
port. During peak hours this can be 100MB saturated, its connected to
a GB intel NIC on the box (there is a separate uplink).
In the background numerous little scripts run to produce summary data.
The basic template for these systems has been the same for the past 4
years and things have worked great. Recently, one of these machines
started to become a little laggy and I can't seem to identify the
This system has always seen a lot of packet loss, I expect this though
as it is a busy site but this has never affected its performance. Can
an overloaded NIC cause serious performance issues like those I am
This is a recent top:
last pid: 98870; load averages: 1.54, 1.41, 1.31 up 1+01:57:10 11:50:24
142 processes: 2 running, 139 sleeping, 1 zombie
CPU states: 30.9% user, 0.0% nice, 15.0% system, 1.7% interrupt, 52.4% idle
Mem: 450M Active, 328M Inact, 168M Wired, 33M Cache, 110M Buf, 3700K Free
Swap: 2048M Total, 5112K Used, 2043M Free
7.0-RELEASE FreeBSD 7.0-RELEASE #0: Sun Feb 24 19:59:52 UTC 2008
To be honest, I don't know which counters are important. Is there
anything specific I should be concentrating on to determine the cause?
More information about the freebsd-questions