I recently tried to find out the limits of my 1&1 virtual server L. The official resourse was not very conclusive about the problems I was experiencing (out of memory errors):
https://www.ionos.de/hilfe/server-cloud-infrastructure/virtual-server-linux/administration/ressourcen-limits-der-virtual-server-user-beancounters/
The root cause was out of processes, and later I apparently ran out of iptable entries.
I finally found that "cat /proc/user_beancounters" shows all the available resources and imposed limits of the Virtuozzo virtualisation. For my quite old Ubuntu 14.04 these limits were significantly lower than what is advertised on the Link above. This may be because the virtual machine was set-up before new limits have taken effect.
The limits which are most relevant to me are:
- numproc: Max. 100 processes (each thread counts, not just processes in the UNIX sense).
- numiptent: Max. 400 iptables entries. This is usually sufficient for eveb complex firewalls but becomes a problem when using fail2ban.
In the end it was sufficient to move the ssh port away from port 2222, which was attacked a lot. The attacks on the mail ports come from a smaller set of IPs. I am currently (2019-04) using 88 of 400 iptable entries.
Keine Kommentare:
Kommentar veröffentlichen