Ok heres the catch.

Our whole Unix Administration have really gone ??? when we encountered this strange problem. Whoever can come up with a full solution that works, will get $50 dollars.

Scenario

A Raq4i which has all the security patches installed including all the updates from Cobalt. Other software installed includes the latest PHP, Webalizer, Neomail (newest).

Be reminded that Keepalive is Off

The problem is that when people process scripts, either perl, cgi, or PHP it becomes slow to the point where it timesout. Whether is in in a HTTPS (SSL) page (during transaction) or plainly running any form based scripts. The problem does not lie in the form based .pl or .cgi scripts. Once the person press the submit button.
The connection either timesout or takes one hell of a long time to process.

So what could be the problem? This is occuring on 2 raq4i's currently.

Anything in the error_log? Anything in /var/log/messages? Are the scripts executing properly (just double check), is their syntax correct? What's your httpd.conf like?

It's sorta hard to diagnose your exact problem from this vague description...pasting your httpd.conf (after all sensitive info has been removed, if any), etc. would help us.

I had this problem about a year ago, but I forget how I solved it. It might not even be the same problem, though -- there are so many things that could be causing what you describe.

#
# Documentation for modules is in "/home/httpd/manual/mod" in HTML format.
LoadModule env_module modules/mod_env.so
LoadModule define_module modules/mod_define.so
LoadModule config_log_module modules/mod_log_config.so
LoadModule mime_module modules/mod_mime.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule status_module modules/mod_status.so
LoadModule includes_module modules/mod_include.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule dir_module modules/mod_dir.so
LoadModule frontpage_module modules/mod_frontpage.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule asis_module modules/mod_asis.so
LoadModule imap_module modules/mod_imap.so
LoadModule action_module modules/mod_actions.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule access_module modules/mod_access.so
#LoadModule anon_auth_module modules/mod_auth_anon.so
LoadModule pam_external_auth_module modules/mod_auth_pam_external.so
LoadModule auth_module modules/mod_auth.so
#LoadModule digest_auth_module modules/mod_auth_digest.so
#LoadModule usertrack_module modules/mod_usertrack.so
LoadModule unique_id_module modules/mod_unique_id.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule casp2_module modules/mod_casp2.so

# Extra Modules
#LoadModule php_module modules/mod_php.so
#LoadModule php3_module modules/libphp3.so
LoadModule php4_module modules/libphp4.so

# because mod_perl leaks, this is included by default
#LoadModule perl_module /usr/lib/apache/libperl.so

# make sure that this gets loaded first:
LoadModule ssl_module modules/libssl.so
LoadModule php4_module lib/apache/libphp4.so

# Reconstruction of the complete module list from all available modules
# (static and shared ones) to achieve correct module execution order.
# [WHENEVER YOU CHANGE THE LOADMODULE SECTION ABOVE UPDATE THIS, TOO]
#ClearModuleList

# Extra Modules
#AddModule mod_php.c
#AddModule mod_php3.c
#AddModule mod_perl.c
#AddModule mod_casp2.c
AddModule mod_php4.c

# ServerType is either inetd, or standalone.

ServerType standalone

# If you are running from inetd, go to "ServerAdmin".

# Port: The port the standalone listens to. For ports < 1023, you will
# need httpd to be run as root initially.

Port 80

# HostnameLookups: Log the names of clients or just their IP numbers
# e.g. www.apache.org (on) or 204.62.129.132 (off)
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on.

HostnameLookups off

# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.

# User/Group: The name (or #number) of the user/group to run httpd as.
# On SCO (ODT 3) use User nouser and Group nogroup
# On HPUX you may not be able to use shared memory as nobody, and the
# suggested workaround is to create a user www and use that user.
# NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET)
# when the value of (unsigned)Group is above 60000;
# don't use Group nobody on these systems!

User httpd
Group httpd

# ServerAdmin: Your address, where problems with the server should be
# e-mailed.
ServerAdmin admin@raq4-001.cephrenhosting.com

# ServerRoot: The directory the server's config, error, and log files
# are kept in.
# NOTE! If you intend to place this on a NFS (or otherwise network)
# mounted filesystem then please read the LockFile documentation,
# you will save yourself a lot of trouble.

ServerRoot /etc/httpd

# BindAddress: You can support virtual hosts with this option. This option
# is used to tell the server which IP address to listen to. It can either
# contain "*", an IP address, or a fully qualified Internet domain name.
# See also the VirtualHost directive.

#BindAddress *

# ErrorLog: The location of the error log file. If this does not start
# with /, ServerRoot is prepended to it.

ErrorLog /var/log/httpd/error

# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.

LogLevel warn

# The following directives define some format nicknames for use with
# a CustomLog directive (see below).

LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

# The location of the access logfile (Common Logfile Format).
# If this does not start with /, ServerRoot is prepended to it.

CustomLog /var/log/httpd/access combined

# If you would like to have an agent and referer logfile uncomment the
# following directives.

#CustomLog logs/referer_log referer
#CustomLog logs/agent_log agent

# If you prefer a single logfile with access, agent and referer information
# (Combined Logfile Format) you can use the following directive.

#CustomLog logs/access_log combined

# PidFile: The file the server should log its pid to
PidFile /var/run/httpd.pid

# ScoreBoardFile: File used to store internal server process information.
# Not all architectures require this. But if yours does (you'll know because
# this file is created when you run Apache) then you *must* ensure that
# no two invocations of Apache share the same scoreboard file.
ScoreBoardFile /var/log/httpd/httpd_status

# The LockFile directive sets the path to the lockfile used when Apache
# is compiled with either USE_FCNTL_SERIALIZED_ACCEPT or
# USE_FLOCK_SERIALIZED_ACCEPT. This directive should normally be left at
# its default value. The main reason for changing it is if the logs
# directory is NFS mounted, since the lockfile MUST BE STORED ON A LOCAL
# DISK. The PID of the main server process is automatically appended to
# the filename.

#
#LockFile /var/lock/httpd.lock

# ServerName allows you to set a host name which is sent back to clients for
# your server if it's different than the one the program would get (i.e. use
# "www" instead of the host's real name).
#
# Note: You cannot just invent host names and hope they work. The name you
# define here must be a valid DNS name for your host. If you don't understand
# this, ask your network administrator.

ServerName raq4-001.cephrenhosting.com

# UseCanonicalName: (new for 1.3) With this setting turned on, whenever
# Apache needs to construct a self-referencing URL (a url that refers back
# to the server the response is coming from) it will use ServerName and
# Port to form a "canonical" name. With this setting off, Apache will
# use the hostname:port that the client supplied, when possible. This
# also affects SERVER_NAME and SERVER_PORT in CGIs.
UseCanonicalName on

# CacheNegotiatedDocs: By default, Apache sends Pragma: no-cache with each
# document that was negotiated on the basis of content. This asks proxy
# servers not to cache the document. Uncommenting the following line disables
# this behavior, and proxies will be allowed to cache the documents.

#CacheNegotiatedDocs

# Timeout: The number of seconds before receives and sends time out

Timeout 300

# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.

KeepAlive Off

# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We reccomend you leave this number high, for maximum performance.

MaxKeepAliveRequests 500

# KeepAliveTimeout: Number of seconds to wait for the next request

KeepAliveTimeout 25

# Server-pool size regulation. Rather than making you guess how many
# server processes you need, Apache dynamically adapts to the load it
# sees --- that is, it tries to maintain enough server processes to
# handle the current load, plus a few spare servers to handle transient
# load spikes (e.g., multiple simultaneous requests from a single
# Netscape browser).

# It does this by periodically checking how many servers are waiting
# for a request. If there are fewer than MinSpareServers, it creates
# a new spare. If there are more than MaxSpareServers, some of the
# spares die off. These values are probably OK for most sites ---

MinSpareServers 30
MaxSpareServers 100

# Number of servers to start --- should be a reasonable ballpark figure.

StartServers 30

# Limit on total number of servers running, i.e., limit on the number
# of clients who can simultaneously connect --- if this limit is ever
# reached, clients will be LOCKED OUT, so it should NOT BE SET TOO LOW.
# It is intended mainly as a brake to keep a runaway server from taking
# Unix with it as it spirals down...

MaxClients 512

# MaxRequestsPerChild: the number of requests each child process is
# allowed to process before the child dies.
# The child will exit so as to avoid problems after prolonged use when
# Apache (and maybe the libraries it uses) leak. On most systems, this
# isn't really needed, but a few (such as Solaris) do have notable leaks
# in the libraries.

MaxRequestsPerChild 0

# Proxy Server directives. Uncomment the following line to
# enable the proxy server:

#ProxyRequests On

# To enable the cache as well, edit and uncomment the following lines:

#CacheRoot /var/cache/httpd
#CacheSize 5
#CacheGcInterval 4
#CacheMaxExpire 24
#CacheLastModifiedFactor 0.1
#CacheDefaultExpire 1
#NoCache a_domain.com another_domain.edu joes.garage_sale.com

# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, in addition to the default. See also the VirtualHost command

Listen 80

# global ssl setup
<IfModule mod_ssl.c>
SSLSessionCache dbm:/var/log/httpd/ssl_scache
SSLSessionCacheTimeout 500
SSLMutex file:/var/log/httpd/ssl_mutex
SSLRandomSeed startup file:/dev/urandom 512
SSLRandomSeed connect builtin
# Location of a secondary signing authority certificate. Uncomment and edit
# the location if necessary if you install a secondary certificate.
#SSLCACertificateFile /etc/httpd/conf/ca-bundle
</IfModule>

# uncomment this for debugging

#
#PerlModule Apache::Status
#<Location /mod_perl/>
#SetHandler perl-script
#PerlHandler Apache::Status
#</Location>

<Perl>
use Apache::PerlSections();
use Cobalt::Ssl;

# Only a temp variable until we go the whole hog.
my (@ssl_conf,$ip,$group,$rewrite_rules,$proto,$ret);

open(HTTPD_CONF,"/etc/httpd/conf/httpd.conf") ||
die "What ? We can't read our own configuration file?: $!";

Problem Update.

It is not server configurations.

It is either one of the Cobalt Patches, updates, or is one of those 3rd party pakages offered at pkg.cobalt.com which has affected the server.

When i installed the new neomail pkg ... i had to restart the httpd.conf file so that could be the package causing problems.

Doesnt seem to be neomail.......

We have uninstalled neomail though.

Being of unsound mine I decided to upgrade from Apache 1.3.6 to 1.3.20 and a Cobalt Raq 3. Everything worked fine until apache started new servers then my machine would crawl (about an hour). The size of each instance 1.3.20 was 3-4 times bigger then with 1.3.6. So I used up my memory really quickly (128mb). Switched back to 1.3.6 and the problem went away (current provider wants $30 / month for another 128mb that why I didn't just put more memory in). So have you recompiled a larger apache today? When time permits I plan to replace this one.

Originally posted by Cephren
The problem is that when people process scripts, either perl, cgi, or PHP it becomes slow to the point where it timesout. Whether is in in a HTTPS (SSL) page (during transaction) or plainly running any form based scripts. The problem does not lie in the form based .pl or .cgi scripts. Once the person press the submit button.
The connection either timesout or takes one hell of a long time to process.
So what could be the problem? This is occuring on 2 raq4i's currently.

Try setting your MinSpareServers and MaxSpareServers like this:

MinSpareServers 5
MaxSpareServers 15
StartServers 10

Does it make a difference?

Try running the top program and then do a lot of php/cgi requests to the server (to make it slow down) - does top then display any swapping?

This would be alot easier to solve, if given access to the server... :-)

Thanks for everyone's suggestion.

The problem was not with the server but with missing PTR records.

Hi
I have exactlly the same problem, and I know that it is something about PTR, bou I am a newbie and do not know a thing about PTR:rolleyes:
How did you resolve it?:confused:
It would a grat help for me, I have this problem for 3 weeks now!:bawling:

TNX

Regard,

babak

Check out cobalt.com knowledge base, I think they have just posted that famous "updated" support FAQ about this specific problem.

The link to it is here:

http://cobalt-knowledge.sun.com/cgi-bin/kbase.cfg/php/enduser/std_adp.php?p_sid=nS7F8y9g&p_lva=&p_refno=020306-000001&p_created=1015435876&p_sp=cF9ncmlkc29ydD0mcF9yb3dfY250PTkyOSZwX3BhZ2U9MQ**&p_li=

If that dont work - and knowing Sun, the knowledge base is here:

http://cobalt-knowledge.sun.com/cgi-bin/kbase.cfg/php/enduser/std_alp.php

It was listed #2 on the list at the time of this post.....

If you still have issues, and want a walkthrough on this, PM me off list and I will help you out.


Frank Arena
Node Hosting Internet Services
http://www.nodehosting.com

thank you so much, I wil traie to resolve it by this instruction.

No problem, like I said, if you still have problems, feel free to email me off list, I will be more than happy to help.