Why is litespeed admin panel so slow or even timed out?

Discussion in 'General' started by mks, Mar 15, 2012.

  1. mks

    mks New Member

    I have a 2-core litespeed license, mysql is not running on this server.

    It just says "Connecting to 'my server ip' in the status bar of the web browser and gives a timed out error. It happens about 50% of the time. My website is also loading very slow, about 5 seconds to load, sometimes up to 20 seconds to load.

    The website also communicates with other websites that I own, I often get "can't connect to 'my domain'" errors which is using Perl LWP. I even get timed out errors from IMAP when sending emails via squirrelmail (PHP).

    This is a 12 core server so the load should still be fine. But even if the website is loading slow due to high traffic, why is litespeed admin panel loading so slow also?

    [​IMG]
  2. webizen

    webizen New Member

    check console or dmesg and see if full with "nf_conntrack: table full, dropping packet".
  3. mks

    mks New Member

    I didn't find nf_conntrack, I found ip_conntrack. It was set to 65536 and after setting to 131072 I don't have problem loading that now. Does that mean that before I set it higher, a lot of users were getting timed out and cannot connect?
  4. webizen

    webizen New Member

    correct. your conntrack table was full and no more connection can be accepted. a possible dos attack. monitor ip_conntrack_count and make sure it well below the max.
  5. mks

    mks New Member

    My website loads a lot faster now. It is around 70000 connections average, is this a concern?
  6. webizen

    webizen New Member

    Usually it is syn attacks cause the conntrack table full unless you have a very hot site. In your case, it is likely syn attacks since there aren't that many connections go to lsws. enable syncookies (sysctl parameter) to alleviate it.
  7. mks

    mks New Member

    Do these values look normal or is there SYN attack?

    Code:
    netstat -tuna | grep :80 | grep SYN_RECV | wc -l
    264

    Code:
    wc -l /proc/net/ip_conntrack
    62439
  8. webizen

    webizen New Member

    the # of http used connections is less than 500 according to your real time stats, you need to find out what are those connections taking up conntrack table.
  9. Mr_Parham

    Mr_Parham Member

    can you tell me how to find that =/
  10. webizen

    webizen New Member

    do 'dmesg' from command line shell (ssh). see if you get message like 'table full, dropping packet' in the tail end of screen output.
  11. Mr_Parham

    Mr_Parham Member

Share This Page