1 |
>>> I recently moved my server from: |
2 |
>>> |
3 |
>>> 3.2.11-hardened Security Level (Hardened Gentoo [server]) |
4 |
>>> |
5 |
>>> to: |
6 |
>>> |
7 |
>>> 3.4.5-hardened Configuration Method (Automatic) Usage Type |
8 |
>>> (Server) Virtualization Type (None) Required Priorities |
9 |
>>> (Security) |
10 |
>>> |
11 |
>>> and http became extremely slow. Some pages that would normally |
12 |
>>> execute in 1 second would take 10 seconds or more. There is a |
13 |
>>> lot of php and perl server-side stuff so the slowdown may have |
14 |
>>> been rooted in that. I changed to Required Priorities |
15 |
>>> (Performance) and everything sped back up to normal. My laptop |
16 |
>>> was moved to the following at the same time and I didn't notice |
17 |
>>> any performance change: |
18 |
>>> |
19 |
>>> 3.4.5-hardened Configuration Method (Automatic) Usage Type |
20 |
>>> (Desktop) Virtualization Type (None) Required Priorities |
21 |
>>> (Security) |
22 |
>>> |
23 |
>>> Is this sort of behavior expected from a server? |
24 |
>>> |
25 |
>>> - Grant |
26 |
>> |
27 |
>> This may have been a false alarm. I think I've been having |
28 |
>> intermittent network problems to part of the internet. Can anyone |
29 |
>> confirm that the above config shouldn't slow down an http server? |
30 |
>> |
31 |
>> - Grant |
32 |
>> |
33 |
> |
34 |
> It's hard to make any generalisations but I have some servers with |
35 |
> similar grsec-autoconfig (server instead of desktop) and no noticable |
36 |
> slowdown (I'd say nothing more that 10%). |
37 |
> I'd recommend to use 3.5.1-r2 (testing) or 3.2.27 (stable), though. |
38 |
> |
39 |
> WKR |
40 |
> Hinnerk |
41 |
|
42 |
3.4.5 is the latest stable, right? |
43 |
|
44 |
http://packages.gentoo.org/package/sys-kernel/hardened-sources |
45 |
|
46 |
I'm using Server too. I'm using Desktop on my laptop. |
47 |
|
48 |
- Grant |