Tuesday, February 28, 2012

NFS Firewall worries

We have a NFS3 share on a file server mounted as homes on our clients and we sometimes (depending on use, between several times an hour and once a week) experience short freezes that we had a really hard time pinpointing.
After some long and painful debugging i think i found the solution in this notice from our cisco firewall that corresponded directly to a freeze:

Feb 28 11:18:34 fw56 %FWSM-4-209003: Fragment database limit of 200 exceeded:  src =, dest =, proto = udp, id = 57950

It turns out this is a known problem that I was unable to google: http://www.cisco.com/en/US/docs/security/pix/pix63/system/message/pixemsgs.html#wp1053420

Hope this helps someone, it took us months to find it because we had so many valid ideas for the possible cause. I now setup some work stations to use nfs4 and some to use nfs3 over tcp. Let's see what works better.

Friday, February 17, 2012

For the gentoo crowd

The Towel Paradox

Did you ever notice, that towels suck when they don't suck? And conversely that towls don't suck if they suck?