Cluster members do not always respond

This forum is only for reproducible bugs with csf and lfd (i.e. not iptables problems, lack of understanding how to use a feature, etc). Posts must be accompanied with full technical details of the problem and how it can be recreated. Any posts not adhering to this, or not considered bugs, will be moved to the General Discussion (csf) forum.
Post Reply
marcele
Junior Member
Posts: 214
Joined: 17 Sep 2007, 17:02

Cluster members do not always respond

Post by marcele »

For some reason its seems that cluster members do not always respond properly when denying an IP address.

Cluster Ping (They all respond fine):

Code: Select all

csf --cping
Sent request to 10.0.0.10, replied: [PONG!]
Sent request to 10.0.0.20, replied: [PONG!]
Sent request to 10.0.0.30, replied: [PONG!]
Sent request to 10.0.0.40, replied: [PONG!]
Sent request to 10.0.0.50, replied: [PONG!]
Sent request to 10.0.0.60, replied: [PONG!]
Sent request to 10.0.0.70, replied: [PONG!]
Cluster Deny

Code: Select all

csf --cdeny XXX
Sent request to 10.0.0.10, no reply
Sent request to 10.0.0.20, no reply
Sent request to 10.0.0.30, no reply
Sent request to 10.0.0.40, no reply
Sent request to 10.0.0.50, no reply
Sent request to 10.0.0.60, replied: [Received]
Sent request to 10.0.0.70, replied: [Received]
All servers are using CSF v14.15. lfd Cluster Server processes are all running on all the cluster members:

Code: Select all

# ps aux | grep lfd
root     27098  0.6  0.0 221304 35244 ?        Ss   00:00   2:16 lfd - sleeping
csf      27208  0.0  0.0 215604 28708 ?        S    00:00   0:00 lfd TEXT messenger
root     27209  0.0  0.0 215868 28752 ?        S    00:00   0:00 lfd Cluster Server
I tried raising the CLUSTER_CHILDREN but it doesn't fix it. I also tried using the public IP addresses instead of the internal addresses but it doesn't fix it either. Running the cluster deny command multiple times and some members will respond some of the time then sometimes they won't. All cluster members are under minimal load.
pauls
Junior Member
Posts: 2
Joined: 23 Feb 2022, 18:35

Re: Cluster members do not always respond

Post by pauls »

I too have noticed this and have made some steps towards making this more performant - it may well be related to your crashing bug as well - it is to do with some of the datafiles in use by CSF/LFD and how they are locked upon a ban/unban etc

I have made some adjustments to use sqlite instead of these flat files and performance is much improved. I have contacted off-forum and will await a response regarding this.
sdarot
Junior Member
Posts: 6
Joined: 27 Sep 2018, 16:34

Re: Cluster members do not always respond

Post by sdarot »

pauls wrote: 23 Feb 2022, 18:37 I too have noticed this and have made some steps towards making this more performant - it may well be related to your crashing bug as well - it is to do with some of the datafiles in use by CSF/LFD and how they are locked upon a ban/unban etc

I have made some adjustments to use sqlite instead of these flat files and performance is much improved. I have contacted off-forum and will await a response regarding this.
May I ask how did you convert to SQLite engine?
I don't see any option related to SQLite in csf.conf
Post Reply