Server works slowly

D

Dark

Verified User
Joined
Sep 15, 2008
Messages
35
Hello.
My server works too slowly.
I think that it is a DDOS attack.
Connection speed is about 100 mbps.
My services:

directadmin (pid 36674 36541 36540 36539 36172 1163 )
dovecot (pid 36162 )
exim (pid 36696 36695 36693 36692 36691 36679 36678 36675 36673 36670 36659 36658 36651 36650 36649 36562 )
httpd (pid 36671 36665 )
mysqld (pid 34963 )
named (pid 35115 34993 34981 )
proftpd (pid 35036 )
sshd (pid 34273 1091 )
 
i have same problem 4months ago.

that was DDOS Attack.

I install a Script for this attack also install 2 firewall.
 
Can you ssh into your server and run top? If so please post that and include the first 5 running processes.
 
Here is my processes:
Code: 
last pid: 38377;  load averages: 26.96, 32.62, 37.10                                  up 0+07:31:31  16:47:39
248 processes: 15 running, 194 sleeping, 39 lock
CPU states:  1.5% user,  0.0% nice, 97.4% system,  1.1% interrupt,  0.0% idle
Mem: 519M Active, 235M Inact, 178M Wired, 30M Cache, 110M Buf, 27M Free
Swap: 2048M Total, 2048M Free

  PID USERNAME   THR PRI NICE   SIZE    RES STATE    TIME   WCPU COMMAND
32117 root         1 131    0  5360K  2828K *vnode   2:19  4.44% dataskq
11155 root         1 128    0 27076K 23800K *vnode  29:31  3.47% dataskq
35322 root         1 127    0  4444K  1904K *vnode   0:49  3.42% dataskq
27731 root         1 127    0  7348K  4808K RUN      3:29  3.37% dataskq
29945 root         1 123    0  8472K  5936K *vnode   2:20  3.17% dataskq
22708 root         1 125    0  7952K  4720K *vnode   6:44  2.98% dataskq
24378 root         1 126    0  7784K  4552K *vnode   5:41  2.98% dataskq
31144 root         1 125    0  5512K  2980K *vnode   2:53  2.98% dataskq
10726 root         1 124    0 30052K 26780K RUN     35:00  2.88% dataskq
23139 root         1 122    0 10828K  7600K *vnode   5:22  2.88% dataskq
30606 root         1 124    0  5412K  2872K *vnode   2:33  2.83% dataskq
33005 root         1 126    0  4752K  2220K *vnode   1:49  2.83% dataskq
36172 root         1 122    0  4168K  1104K RUN      0:34  2.83% directadmin
33615 root         1 126    0  4556K  2016K *vnode   1:22  2.78% dataskq
28380 root         1 122    0  6068K  3528K *vnode   3:19  2.73% dataskq
 9431 root         1 120    0 30052K 26716K *vnode  45:24  2.69% dataskq
11598 root         1 122    0 24200K 20920K *vnode  24:09  2.69% dataskq
27012 root         1 123    0  6640K  4100K *vnode   4:34  2.64% dataskq
 9875 root         1 122    0 30052K 26780K *vnode  39:40  2.54% dataskq
16844 root         1 120    0 17556K 14272K *vnode   9:42  2.39% dataskq
14883 root         1 120    0 15616K 12328K *vnode  13:03  2.29% dataskq
17494 root         1 119    0 12704K  9416K *vnode  10:49  2.29% dataskq
19317 root         1 118    0 13904K 10680K *vnode   8:22  2.25% dataskq
26142 root         1 119    0 11868K  8640K *vnode   3:38  2.25% dataskq
13080 root         1 118    0 19844K 16560K *vnode  15:00  2.20% dataskq
13674 root         1 120    0 18420K 15136K *vnode  13:33  2.20% dataskq
21477 root         1 119    0  9860K  6632K *vnode   6:51  2.15% dataskq
10294 root         1 119    0 30052K 26780K *vnode  35:33  2.05% dataskq
20762 root         1 119    0 11932K  8704K *vnode   7:31  2.05% dataskq
 
dataskg is the DirectAdmin Task Queue.

vnode - internal representation of a file or directory.

You could try
Code: 
killall dataskg
to quickly kill all those runaway processes but I'm not sure how DA will react to that.
 
I killed that process. Now my server works fine :)
Why dataskq loads my system?
 
New log
Code: 
  PID USERNAME   THR PRI NICE   SIZE    RES STATE    TIME   WCPU COMMAND
59444 root         1 132    0 30052K 27888K RUN      2:58 98.20% dataskq
59589 admin        1  97    0 19492K 14320K select   0:00  6.00% php
  441 _pflogd      1 -58    0  1632K  1060K bpf      1:41  0.00% pflogd
34963 mysql        5  20    0 45500K 26708K kserel   0:36  0.00% mysqld
34981 bind         1  96    0  4672K  3620K select   0:01  0.00% named
 1105 root         1   8    0  1412K   976K nanslp   0:01  0.00% cron
46341 apache       1  96    0 44564K 26856K select   0:01  0.00% httpd
40050 root         1   8    0 41748K 18096K nanslp   0:01  0.00% httpd
48520 root         1  96    0  2544K  1768K RUN      0:01  0.00% top
46840 apache       1  96    0 43776K 26036K select   0:00  0.00% httpd
47219 apache       1  20    0 43656K 25748K lockf    0:00  0.00% httpd
47509 apache       1   4    0 43500K 25452K kqread   0:00  0.00% httpd
48146 root         1   8    0  4168K  1776K wait     0:00  0.00% directadmin
47217 apache       1  20    0 43504K 25468K lockf    0:00  0.00% httpd
47433 apache       1  20    0 43628K 25072K lockf    0:00  0.00% httpd
36162 root         1   4    0  1504K  1124K kqread   0:00  0.00% dovecot
47459 apache       1  20    0 43492K 24164K lockf    0:00  0.00% httpd

something wrong with dataskq
Who knows how to fix that?
 
Look through the directadmin logs and see if you notice anything.
 
Kill that instance of dataskq; it'll start up again within a minute; if it keeps happening then check the file it's reading to see what it's trying to do.

Jeff
 
I found out where the problem was.
I enabled pop_disk_usage_cache=1
And added that line to crontab:
Code: 
*/15 * * * * root echo "action=cache&type=popquota" >> /usr/local/directadmin/data/task.queue
Now I disabled that feature and removed cronjob.
But page "E-Mail Accounts" doesnt work..
It writes:

Code: 
Your connection has timed out

Details

Consider disabling the Pop Disk Usage Count or
use a Pop Disk Usage Cache
 
Yes I checked.
It works fine now.
I think it's DirectAdmin's bug.
 
You must log in or register to reply here.
Back
Top