Archive for the 'FreeBSD tips' Category

Centos, FreeBSD, Gentoo, Suse or Fedora

Auto Date Tuesday, August 19th, 2008

Many folks ask us what is the best platform/OS for web hosting platform? Is it Centos, FreeBSD, Gentoo, Suse or Fedora. While, Centos, FreeBSD, Fedora is more common in USA, SUSE beats deployment statistics in Europe - Germany. Finding Suse and Gento from USA dedicated server companies is somewhat tricky. I am of course not speaking about virtual private servers.

I don’t like much Fedora either because of quick end-of-life (EOF) for updates and upgrading usually costs money, requires downtime and somewhat complex for novice users. So we have rounded down to Centos Linux or FreeBSD. Very good, let’s continue.

FreeBSD is powerful BSD oriented operating system, very reliable, secure (of course if you update it as all other OS) and scalable. Centos is a Redhat Enterprise whitebox clone that is reliable and easy to keep updated due to YUM interface. Much longer EOF comparing to Fedora makes it a much better choice.

While I am more oriented towards Linux - Centos would be my choice of the best OS from the list above, however if you are BSD savvy user - more Unix oriented, go for FreeBSD - it’s powerful, IO-fast, high performance box you could count on.

Auto Comments No Comments     Auto Posts Posted by Linux in FreeBSD tips, Linux servers         Auto Top

Linux Syn cookies performance and memory

Auto Date Tuesday, September 25th, 2007

We have been playing around with Linux syn cookies to test out the performance and we have came to the following conclusions.

It’s always good to detect SYN floods and then turn on SYN cookies to better use the CPU power - so the SYN flood must be detected and sysctl SYN cookie value set to 1 in the real time. If you have Syn cookies turned on you server CPU and Network stack will be slightly affected, however, no RAM usage will increase in case of SYN flood. The kernel does not allocate the TCP buffers unless there is a positive reply to ACK/SYN packet.
So if you have a dual core box with 1GB RAM and good enough connectivity, you can leave Syn Cookies enabled without much of the performance loss, even if you get quite decent legitimate traffic.

Sysctl Syn cookie protection for Linux can be activated in real time, by:
sysctl -w net.ipv4.tcp_syncookies=1

You can also increase Syn backlog, to let’s say 1536:
sysctl -w net.ipv4.tcp_max_syn_backlog=1536

For FreeBSD you can tune TCP queue length by issuing:
sysctl -w kern.ipc.somaxconn=1024

Auto Comments No Comments     Auto Posts Posted by Linux in FreeBSD tips, Linux tips         Auto Top