[313] in Info-AFS_Redistribution

home help back first fref pref prev next nref lref last post

the dangers of not using unlog

daemon@ATHENA.MIT.EDU (Wallace Colyer)
Thu Sep 19 00:11:00 1991

Date: Wed, 18 Sep 1991 23:14:12 -0400 (EDT)
From: Wallace Colyer <wally+@andrew.cmu.edu>
To: Info-AFS@transarc.com


We spent about four days trying to track down a problem on some
mail server DecStation 5000s we have.  The symptoms were that new
network connections to the machines would hang, then the machines
would degenerate until all network activity ceased.

It turned out that these machines had a special process called
guardian running which accepted connections, took a password,
authenticated, then ran a special mail client program.  The program
never unloged.

For each authenticated pag on a machine kernel memory is used to store
the token structure and a structure for each authenticated connection
to each fileserver.  So the more fileserver you talk to and the more
cells you authenticate to the quicker this memory is exhasted.  

If you do not use unlog the structure will stay around until the token
expires.

We fixed the problem by having a program wait around on the pag and
unlog after it exited.  

Programs from Transarc like ftpd and inetd do not clear tokens and can
lead to these types of problems.

This did not happen in our case until about 250 connections contacting
around 7 fileservers each.  The numbers and exact reactions seems to be
different on different system types.

In any large multiuser system with large numbers of connections you
should be sure to use unlog or you may hang your machine.

The best way to fix this would be for AFS to reap structures no longer
in use, but aparently this is a very difficult thing to do and I have
been given no indication of a reasonable fix forthcoming.  

-Wallace

home help back first fref pref prev next nref lref last post