Since yesterday I have a problem in a node with 3 appliance MWG 7.2 in balancing with F5. We had a Filesystem usage on /opt exceeds selected limit (96% / 90%) and the system utilization is very high and hard disk is close to saturation.
I notice that we've a lot of request per second (espiacially in first of the 3 appliance), we have just deleted the older standardproxy_access.log in order to restore the right amount of available disk space. Now we have around 800 request per second for each of the 3 appliances and got a standardprosy_access.log of 100Mb every 10 minutes!!!
Any suggestion???? Someone can tell me what is it happening??
I've attached a tcpdump, feedback and sample of log
Thanks a lot!!!
We have similar situation few weeks ago.
One of our users visit some site, that frequently updates (few requests per second) so logs will grow very faster.
ps. MWG version 6 have much more free space (have another partitions) and such situation never happens.
I think you need to change setting for rotation and pushing logs.Message was edited by: apellepa on 1/25/13 3:08:05 PM EET
I wouldnt post any of this data to the community, create a support case and upload it there.
If you have an SR #, please let me know and I can take a look.
yes sure, first I'd want to attach this information but then I release that it was better to do not share it.
The SR is <3-2713175271>.
IMHO, MWG 7.x has a ridiculously sub-optimal disk partitioning schema.
I am in the process of repartitioning all of our MWG systems so that they have a saner disk partitioning confiiguration. No doubt unsanctionad/unsupported by McAfee, but I don't have the time/energy to deal with things like subversion checkouts eating my file systems and the generic idiocy of the current disk schema.
Feel free to PM me if info about re-partitioning interests you. NOTE: I do not guarantee that any of my suggestions/recommendations will not result in sub-optimal results -- informaton suppied will be just that -- information, not recommendation.
This issue is related to a client machine gone wild. It's making tons of requests and generating a large volume of logs. So modifying the disk partitions would only mask the issue.
I do sympathize with the current disk partitioning schema being too small, I believe that should change in future versions (don't ask me when though). As such, I definitly would not recommend resizing the partitions.