new keyserver

Hello!

I'm planning to set up a new public keyserver. I have some questions
before starting.

I downloaded/compiled/installed sks from Savannah. The dump download, and
db build is done.

What is the resource requirements a keyserver. As I see the db is now
~5.5G. It is not problem up to ~10G permament and ~20G temporary.

But I don't know anything about the CPU and bandwith requirements. I have
to know some data about before I start the server.

The server is located at Hungary, connected to the HBONE
(National Academic Backbone Network). The site connection will be upgraded
to 1 Gbit/s in this year. (But the server only have a FastEthernet
interface).

What is the administration way the set up the synchron peers?

---
By(t)e & 73! dx de Boti & (hg4lgn, ex:hg8lgn)
A member of HuLUG                     http://www.cab.u-szeged.hu/local/linux


_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel

On Thu, Feb 09, 2006 at 10:22:01AM +0100, Botka Istvan wrote:
> What is the resource requirements a keyserver. As I see the db is now
> ~5.5G. It is not problem up to ~10G permament and ~20G temporary.

It's around 7GB at my place - probably heavily depends on SleepycatDB
version. With log autoremove option I have these sizes for each of
directories:

 6.8G   .
 5.7G   KDB
 103M   PTree

> But I don't know anything about the CPU and bandwith requirements. I have to
> know some data about before I start the server.

During the years I have seen SKS use very little CPU, but memory is
another issue. SKS itself is very modest with usage [except when doing
pbuild/build/clean], but through DB_CONFIG you can increase memory usage
[around 130MB RSS at my place] and get some additional performance. My
configuration is as follows:

$ cat DB_CONFIG
set_cachesize 0 100000000 10
set_flags DB_LOG_AUTOREMOVE
set_lg_max 10485760
set_lg_bsize 2097152
set_lg_regionmax 262144

> The server is located at Hungary, connected to the HBONE (National Academic
> Backbone Network). The site connection will be upgraded to 1 Gbit/s in this
> year. (But the server only have a FastEthernet interface).

I believe that should suffice. Generally more peers will cause more
traffic - yet our SKS server never showed on network reports as seriuous
bandwidth eater.

> What is the administration way the set up the synchron peers?

You e-mail here and get people to reply to you with their SKS peers. Each
of you should put each other in their membership file and that's it.

--
NAME:Dinko.kreator.Korunic          NOTE:Standard.disclaimer.applies
URL:http://dkorunic.net    IRC:kre    ICQ:16965294    PGP:0xea160d0b


_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel

On Thu, 9 Feb 2006, Botka Istvan wrote:

over the last 3 weeks, pgp.srv.ualberta.ca has done about 20MB/day

===========================================================================
load averages:  0.74,  0.50,  0.26                                     02:41:12
29 processes:  28 idle, 1 on processor
CPU states:  0.2% user,  0.0% nice,  0.9% system,  0.3% interrupt, 98.6% idle
Memory: Real: 42M/131M act/tot  Free: 873M  Swap: 0K/1025M used/tot

   PID USERNAME PRI NICE  SIZE   RES STATE    WAIT     TIME    CPU COMMAND
23230 sks        2    0 5836K   31M sleep    netio    0:03  0.10% sks
30989 sks        2    0 2048K 2896K sleep    netio    0:00  0.00% sks
===========================================================================

i'm running on a dell PE1750, i think. 2.6GHz P4, 1GB mem.


> The server is located at Hungary, connected to the HBONE (National Academic
> Backbone Network). The site connection will be upgraded to 1 Gbit/s in this
> year. (But the server only have a FastEthernet interface).
>
> What is the administration way the set up the synchron peers?

Ask people on the list to add your server to their membership files
and when they do, add them to your membership file.

--
Chris Kuethe, GCIA: Secure Systems Specialist - U of A AICT
       office: 157 General Services Bldg.    +1.780.492.8135
               chris.kuethe@[pyxis.cns.]ualberta.ca

      GDB has a 'break' feature; why doesn't it have 'fix' too?


_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel

On Thu, Feb 09, 2006 at 10:22:01AM +0100, Botka Istvan wrote:
> What is the resource requirements a keyserver. As I see the db is now
> ~5.5G. It is not problem up to ~10G permament and ~20G temporary.

$ du -shc /var/lib/sks/*
5.7G    /var/lib/sks/DB
94M     /var/lib/sks/PTree
24M     /var/lib/sks/core
2.9G    /var/lib/sks/dump
12K     /var/lib/sks/www
8.6G    total

> But I don't know anything about the CPU and bandwith requirements. I have
> to know some data about before I start the server.

I was running keyserver.gurski.org on a dual PII-400 for the longest
time.  If you hardware's that modest, I suggest going with the fast
build option for the DB unless you have a LOT of time on your hands.
Network bandwidth never seemed to be much.

--
Michael A. Gurski (opt. [first].)[last]@pobox.com  http://www.pobox.com/~[last]
1024R/39B5BADD PGP: 34 93 A9 94 B1 59 48 B7  17 57 1E 4E 62 56 45 70
1024D/1166213E GPG: 628F 37A4 62AF 1475 45DB  AD81 ADC9 E606 1166 213E
4096R/C0B4F04B GPG: 5B3E 75D7 43CF CF34 4042  7788 1DCE B5EE C0B4 F04B
Views expressed by the host do not reflect the staff, management or sponsors.

It's amazing what one has to believe to believe in gun control:

  That women are just as intelligent and capable as men, but
  gunmaker's advertisements aimed at women are "preying on their
  fears."

(excerpted from
http://keepandbeararms.com/information/XcIBViewItem.asp?ID=174 by
Michael Z. Williamson)

_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel

On Thu, Feb 09, 2006 at 11:15:40AM -0500, Michael Gurski wrote:
> I was running keyserver.gurski.org on a dual PII-400 for the longest
> time.  If you hardware's that modest, I suggest going with the fast
> build option for the DB unless you have a LOT of time on your hands.

Actually, I've recently been moving SKS service around I haven't been able
to do a build at all. Pbuild works, merge works too - but build always
complained after first PGP keydump it has parsed and had stopped with
fatal error.

I resorted to merge and manual clean [rm PTree/meta; ./sks clean] and it
seems working fine since then. Anyway, the merge process on all PGP
keydumps lasts usually ~1 day.

--
NAME:Dinko.kreator.Korunic          NOTE:Standard.disclaimer.applies
URL:http://dkorunic.net    IRC:kre    ICQ:16965294    PGP:0xea160d0b


_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Botka Istvan írta:
> The server is located at Hungary, connected to the HBONE (National
> Academic Backbone Network). The site connection will be upgraded to 1
> Gbit/s in this year. (But the server only have a FastEthernet interface).

It is up and running.

> What is the administration way the set up the synchron peers?

I am ready to set up more peers. Does anybody interest it?

- ---
By(t)e & 73! dx de Boti & (hg4lgn, ex:hg8lgn)    A member of HuLUG
               http://www.cab.u-szeged.hu/local/linux


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFD66zk/tXV/9/AqmYRAvCDAKCUkpWwRz8RyZQ30V904YvYvIA+0QCfSYPY
t1ywzeZJWzIgg8MbBJo+lQI=
=w3oD
-----END PGP SIGNATURE-----


_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

BOTKA Istvan írta:

> I am ready to set up more peers. Does anybody interest it?

ps: keyserver.duf.hu the server is 11370

- ---
By(t)e & 73! dx de Boti & (hg4lgn, ex:hg8lgn) A member of HuLUG
            http://www.cab.u-szeged.hu/local/linux
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFD7aW1/tXV/9/AqmYRAlKSAJoDAtWpuZy3dVqj9Dllo4Th8wgHbgCgvLk6
Xft7L+go5T2brbrM50N7WwM=
=Nwgo
-----END PGP SIGNATURE-----


_______________________________________________
Sks-devel mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/sks-devel