JiscMail Logo
Email discussion lists for the UK Education and Research communities

Help for GRIDPP-STORAGE Archives


GRIDPP-STORAGE Archives

GRIDPP-STORAGE Archives


GRIDPP-STORAGE@JISCMAIL.AC.UK


View:

Message:

[

First

|

Previous

|

Next

|

Last

]

By Topic:

[

First

|

Previous

|

Next

|

Last

]

By Author:

[

First

|

Previous

|

Next

|

Last

]

Font:

Proportional Font

LISTSERV Archives

LISTSERV Archives

GRIDPP-STORAGE Home

GRIDPP-STORAGE Home

GRIDPP-STORAGE  July 2011

GRIDPP-STORAGE July 2011

Options

Subscribe or Unsubscribe

Subscribe or Unsubscribe

Log In

Log In

Get Password

Get Password

Subject:

Re: Iperf tests

From:

Matt Doidge <[log in to unmask]>

Reply-To:

Matt Doidge <[log in to unmask]>

Date:

Fri, 1 Jul 2011 12:13:02 +0100

Content-Type:

text/plain

Parts/Attachments:

Parts/Attachments

text/plain (106 lines)

Heya all,
My statistics are low but I have a feeling that the OX->Lancs problem
might originate within Lancaster.

I have two iperf servers:
fal-pygrid-46.lancs.ac.uk port 50001
stor007.hec.lancs.ac.uk port 50001

Corresponding to our two "pool node zones", but otherwise both are
close to identical w.r.t. hardware. fal-46 is on SL5, stor007 on
centOS5.

Some simple 1-minute iperf test results to Oxford:
stor007 -> t2se18: 2.08 GBytes   298 Mbits/sec
fal-46   -> t2se18:  63.8 MBytes  8.88 Mbits/sec
stor007 -> t2se08: 1.17 GBytes   168 Mbits/sec
fal-46   -> t2se08:  34.1 MBytes  4.74 Mbits/sec

The difference in rates between the two targets is interesting, but
the difference between the sources is astounding.

I tried to send my iperf packets down to Chris's server but the
connection was refused. I'll be poking some involved in person over
lunch at HEPSYSMAN about this!

Cheers all,
Matt
On 22 June 2011 17:27, Alessandra Forti <[log in to unmask]> wrote:
> I completely agree with you. I've been running tests for a week because FZK
> was so kind to leave their server up. And if I change configuration it will
> be still great to be able to test without bothering someone to turn on the
> server.
>
> cheers
> alessandra
>
>
> On 22/06/2011 17:09, [log in to unmask] wrote:
>>
>> I said RAL was prepared to run iperf because its probably something that
>> would be useful, just as being able to ping site servers is useful. Its all
>> well and good to start things on demand when requested, but it adds a fair
>> bit of inertia into debugging network performance problems which we have
>> seen take many months to resolve. Being able to just ping or iperf a site
>> server when you need to is useful and speeds up debugging no end.
>>
>> There are obviously issues like security exposure and bandwidth
>> consumption to consider.
>>
>> iperf does somewhat increase a site's exposure as its adding another
>> daemon that comes with its set of risks and exposures, but it is a modest,
>> unprivileged server so the exposure is relatively low compared to some of
>> the other things we have sticking through the firewall. There are no doubt
>> ways of locking things down further if necessary.
>>
>> There is also clearly a risk of hogging bandwidth - something to watch for
>> but 1Gb/s is hardly the end of the world for the Tier-1 anyway. I must admit
>> it took us some months to spot a CMS test flow of about 1Gb/s on the CMS
>> CASTOR instance.
>>
>> A personar deployment will no doubt be very useful, but sometimes you just
>> want to do a few quick tests under certain special conditions.
>>
>> On balance - although this seems to be a request from ATLAS rather than
>> WLCG it seemed worth doing and even if the payoff wasn't huge it seemed no
>> big deal. If something better comes along it will die a death and we can
>> move on to the latest and greatest.
>>
>> Regards
>> Andrew
>>
>> -----Original Message-----
>> From: GRIDPP2: Deployment and support of SRM and local storage management
>> [mailto:[log in to unmask]] On Behalf Of Mingchao Ma
>> Sent: 22 June 2011 16:39
>> To: [log in to unmask]
>> Subject: Re: Iperf tests
>>
>> Hi All,
>>
>>>> "Running open iperf-servers would be nice but perhaps not sane in an
>>>> hostile environment.
>>>
>>> Of all the services that a Tier 1 has to run and have open to
>>> the internet, they're worried about iperf? Really?
>>
>> Sorry to butt in, but I think they are taking a very sensible approach.
>> The
>> issue here is you introduce extra risk which you can avoid completely if
>> you
>> have the choice of not running the service
>>
>> Similar to we just discussed Torque issue, if the torque server does not
>> open to Internet, the exposure surface reduces significantly.
>>
>> It would be too late to start to worry about an online service after a
>> 0-day
>> vulnerability was made public.
>>
>> If you do not need it, do not install it; if you do not use it, do not run
>> it. It will save you a lot of trouble.
>>
>> Cheers,
>>
>> Mingchao
>

Top of Message | Previous Page | Permalink

JISCMail Tools


RSS Feeds and Sharing


Advanced Options


Archives

April 2014
March 2014
February 2014
January 2014
December 2013
November 2013
October 2013
September 2013
August 2013
July 2013
June 2013
May 2013
April 2013
March 2013
February 2013
January 2013
December 2012
November 2012
October 2012
September 2012
August 2012
July 2012
June 2012
May 2012
April 2012
March 2012
February 2012
January 2012
December 2011
November 2011
October 2011
September 2011
August 2011
July 2011
June 2011
May 2011
April 2011
March 2011
February 2011
January 2011
December 2010
November 2010
October 2010
September 2010
August 2010
July 2010
June 2010
May 2010
April 2010
March 2010
February 2010
January 2010
December 2009
November 2009
October 2009
September 2009
August 2009
July 2009
June 2009
May 2009
April 2009
March 2009
February 2009
January 2009
December 2008
November 2008
October 2008
September 2008
August 2008
July 2008
June 2008
May 2008
April 2008
March 2008
February 2008
January 2008
December 2007
November 2007
October 2007
September 2007
August 2007
July 2007
June 2007
May 2007
April 2007
March 2007
February 2007
January 2007
December 2006
November 2006
October 2006
September 2006
August 2006
July 2006
June 2006
May 2006
April 2006
March 2006
February 2006
January 2006
December 2005
November 2005
October 2005
September 2005
August 2005
July 2005
June 2005
May 2005
April 2005
March 2005
February 2005
January 2005
December 2004
November 2004
October 2004
September 2004
August 2004
July 2004
June 2004


WWW.JISCMAIL.AC.UK

Secured by F-Secure Anti-Virus CataList Email List Search Powered by the LISTSERV Email List Manager