More on WordPress
Mark has suggested another mapping:
map /wptest**/ /wptest*/index.php
exec+ /wptest/**.php* (cgi-bin:[000000]phpwasd.exe)/wptest/*.php* ods=5
and that works – for the basic action; though for completeness, I had to add
pass /wptest/000000/* /wptest/* ods=5 search=none dir=noaccess
pass /wptest/* /wptest/* ods=5 search=none dir=noaccess
to be sure images and stylesheets are loaded as well.
But first, I had to set things up so I could use the all-important WATCH facility: make sure I had to login, and could access the required files. The fast way was to copy the setup of Diana. Once that was done, I could find out what would happen now.
This new mapping does the trick – for a part. The normal user page comes up nicely, without a problem, and it is possible to login. But once the “login” button is hit, the process stops abruptly; WATCH output shows that there is insufficient core to extend “PATH” in the admin page (/wptest/wp-admin/indecx.php). This is weird, since the maximum amount of available memory for the PHP processor is 128M, set in PHP.INI….So it could be a matter of another process parameter: too little virtual memory. But pagefilequota is set to 500.000 for HTTP$NOBODY – the user under which the PHPWASD executable runs.
But when the URL of the admin page is next executed – and a new PHPWASD image is started – nothing is wrong: it simply comes on screen, a new post can be added, and followed by a few extra’s.
So it looks it works – until there is the io-error again – caused, in examination, by the same problem: there are 512 channels open…
Some further examination revealed that, if you wait long enough, the open cahnnels are closed at some point, but if you enter the next command too quick, the PHP engine gets to work without closing open channels….
What could be caused by parameter max-execution-time in PHP.INI: this has been extended from 30 to 120 seconds, otherwise the user page would not show because of exhaustion of execution time, as I found out when testing with SWS.
This has been added in the correspondence in the WASD mailing list; the raw data is available in a Windows .zip file on request by mailing list subscribers: these files may be rejected when sent as an attachement, for instance when received on a gmail account….
There is something more that’s wrong, but that is within the application: Some references in the tinymce environment are plain wrong and so some javascript files cannot be located and so some buttons don’t work. But since the link is set within WordPress, it seems more of a WordPress issue than PHP….(though these may be related!) Perhaps this is one of the things that is repaired in 3.5.1?
25-Feb-2013
New router installed
This weekend there was an opportunity to install the Vigor router in stead of the Fritzbox; since IPTV was now working on the Fritzbox, I was able to prepare a number of installations to handle IPTV on the Vigor. This traffic is in a separate, tagged VLAN, and the easy solution is bridging it to a LAN port, and since it is another network, into a separate LAN. That solution tunred out to work, for a running configuration, but how that will work if the TV-receiver needs to restart remains to be seen; the configuration is probably not the best.
IPv6 doesn’t initialize either, but since the prefix is known and fixed, it can be defined as a static address; however, I followed the Draytek advice and it makes no dfference….
So the Fritzbox remains available, in case I need to re-initialize the receivers….
Another issue with installation is that the Netgear GB-switch I had in mind – split VLANs – does not work properly. It seems to work, but after some time, connections are lost. So I re-installed the old 100Mb box in stead – it simply works…..
WordPress issues – continued
Did some deeper investigation on the problems; I created an audit log for both SWS and WASD and found a difference in handling. Posted the outcome to the WASD mailing list, after which Mark installed Wrodpress and MySQL to investigate; however, he used a different mapping than he proposed, and that one seems to work, except for ACCVIO’s. But he didn’t get the redirections that I found – which were, in retrospect, not really unexpectible; for some reason, a 301-status triggered a full reparse of the code – up the four times until the last one runs into resource exhaustion…
There is something going on in the WordPress code that triggers a 301-status to be returned – and false! – when the command to the server is a REDIRECT – as is shown in the WATCH output that Mark included.
The next step in this investigation is changing the mapping – and find out what causes ACCVIO, which is a completely different matter.
11-Feb-2013
Vigor and IPTV
Last friday I received the hardware to receive TV over IP for each TV, I now have a Motorola Setupbox, that will receive it’s software over the network. Different from the previous ISP, these are to be connected to the router. The signal is relayed in a different VLAN, not to be mixed with Internet traffic (so IPTV is not mixed with “normal” internet traffic) and VoIP – each of them travel in their own VLAN. So I had already setup the Vigor router to have this VLAN bridged to a particular port and separate LAN, and the switch to be used locally has been devided as well. Because of this separate VLAN, it is addressed separatedly. I hooked up the Fritz!Box onto that LAN, as I am told it contains specific software to faciliate the Motorola boxes, connected one of the bocxes to the Fritz!Box and had it boot.
It didn’t work as expected.
First of all, the receiver tries to connect to the network, but if found a DHCP service, which shouldn’t be there. Hoeverer, this separate LAN doesn’t have one , I deliberately disabled this service. Nevertheless, the receiver complaints about a DHCP-service on the “home LAN”. Obviously, there is one, but it resides on the LAN on which the normal internet traffic runs – and due to the setup, this IPTV-LAN should not locate it!
I did some experiments in setup in both the Vigor and the Fritz!box and at some point, the Motorola bootloader didn’t locate this DHCP service, and started loading software, and when that was done, I could watch television – but just the basics: no HD as I was expecting. It might have been too early 🙂
So that was one set working, so I saved both configurations and tried the second one.
Alas: the very same problem occurred: it ran onto a service similar to DHCP. The first one however, seemed to have been basically prepared, did no longe complain, started to load screens and data but it did not complete – it seemed to wait, and wait, and wait …for an answer that didn’t come. In the end, I decided to install the Fritz!Box for the time being, since it had already been set up to forward all internet traffic, so my experiments would not block any TV activity. Retesting will have to be done on moments that watching TV is no priority….
However, there now is one advantage: It could well be that changing the address of the LAN on which IPTV is to be served, will do the trick to pass IPTV through the Vigor: Since both Motorola boxes have now been initialized, I know their address and their default gateway – and that should be the address of this LAN interface. Probably – it is to be determined shortly.
Another thing: I also have a facility to use a fixed prefix so that all services will eb available over IPv6; and since this is a fixed one as well, it is likely that I can set this fixed in the Vigor router, bypassing the prefix-delegation problem. It is no problem either to have this router function as the DHCPv6 server in the home LAN, but that remains to be tested on OpenVMS. It might be that this server is not yet available….
Worst case, the Fritz!Box has to remain the main entrance, in that case I want all traffic but IPTV be passed to the Vigor. It is possible to bridge the normal IP traffic only – including IPv6 – and leave VoIP on the fritz!Box as well.
So this story is “To be continued”
02-Feb-2013
Maintenance
No suprises.
PMAS statistics for January
Total messages : 4578 = 100.0 o/o
DNS Blacklisted : 677 = 14.7 o/o (Files: 31)
Relay attempts : 155 = 3.3 o/o (Files: 31)
Accepted by PMAS : 3746 = 81.8 o/o (Files: 31)
Handled by explicit rule
Rejected : 3101 = 82.7 o/o (processed), 67.7 o/o (all)
Accepted : 304 = 8.1 o/o (processed), 6.6 o/o (all)
Handled by content
Discarded : 87 = 2.3 o/o (processed), 1.9 o/o (all)
Quarantained : 203 = 5.4 o/o (processed), 4.4 o/o (all)
Delivered : 51 = 1.3 o/o (processed), 1.1 o/o (all)
Just that on 01-Jan-2013, there have been 146 relay attempts where From: and To: were al the same, but the sender address was different. I guess the sender and recipient addresses have been forged; “test@live.com” would reside on one domain, not a bunch of seemingly random addresses :), every 5 – 6 minutes all day long…
Since it is a new year, all 2012 data have been consolidated.
New ISP connection works, but…
I started with a Fritz!Box 3790 that was delivered by the ISP, but that does not have facilities to block addresses or networks, nor does it log the connections made, both incoming and outgoing.
But it does set up both an IPv4 and IPv6 connection.
The disadvantages however outweigh the advantages, so I bought a Draytek Vigor 2920Vn – the successor of the previously used Vigor 2910VGi – which doesn’t support IPv6.
Connecting the box to the ISP was no problem at all, as far as IPv4 is involved, but the IPv6 connection is not created, though I have set up the router according the requirements: DHCPv6_PD. But where the Fritz!box doen’t need anything special, the Draytek requests a IAID – Identity Authentication ID. Like the standard puts it: “A number, specified by the client, that must be consistent for this connection”.
Interpreted as : I can set up that number, and it can be any, as long as it is used each time the connection should be set up”. That raises a question: What number – if any – has been specified by the Fritz!Box and where does it come from? I did save the configuration, and it is a readable file; however, it doesn’t mention anything like such an ID.
I have contacted Draytek support, the only thing still to try: change the MAC address the the one of the Fritz!Box – but I doubt that would be the solution since, IFAIK, IPv6 doesn’t use these hardware addresses for assigning IP addresses (what use would an IAID have). But it’s worth a try….
Another possibility is to switch down the connection – including the modem- for at least one hour, preferably longer. Who knows it would trigger the DCHPv6 server to allow a new IAID.
I could also try to figure out what the Fritz!Box is generating, it could well be it uses it’s MAC address to create an IAID. Since this address cannot be changed in that router (at least, I didn’t see a possibility to do that) it could well be that this is the base fro the ID to request an IPv6 prefix. I’ll have to ask the manufacturer…
Apart from this: the telephone connection works, the explanation of the ISP site on this matter is very clear and easy to follow – better than the IPv6 figures – which is VERY BASIC indeed. After I followed the instructions, the phones worked. For the moment only outgoing, because the numbers are not yeat assigned since they have been de-activated by the previous ISP when the connection was dropped – by mistake. Next Monday, all should work as intended, incoming as well.
Two more weeks (!) before IPTV is present.
Don’t ask me why these two actions cannot be done in parallel. It’s the administration at the ISP that can handle one request at a time.
WASD + PHP + WordPress
On the testbed, there is a problem with WordPress under WASD. On the main system (Diana), this parameter is 4 times as high, and I’m still using an older version that doesn’t redirect as much as the newer one. So I never ran into the problem. Nor does UMA – the biggest WASD user in the world, where a lot of PHP code is handled by a few permanent worker processes – including WordPress. Why don’t they have this problem ???
It’s not a matter of mapping, I got that right with some advise from Mark Daniel, but for some reason, the workerprocess that runs PHPWASD (the wrapper around PHPSHR) stops because of an IO error on a file – that has been opened several times before. I already found out that system parameter CHANNELCNT may play a role here, because at that moment, the process has 512 channels open – the default value – and channel 513 will fail. SWS however doesn’t have this problem, and I think I know why: WordPress replies with status 301 several times (Redirected) and the worker process, running MOD_PHP (SWS’s wrapper around PHPSHR), will either end, or clear it’s environment, freeing all channels; de redirection is then passed to either the same, or another process (and that is what I have observed), so there will never be an accumulation of open channels. WASD on the other hand, will pass the REDIRECT to the worker process that returned the 301-status – with all channels still open (since the process wasn’t stopped) – and the new request will not re-initiate (closing all open channels), nor re-use channels already open. Instead, it will start from scratch, leaving open channels as they are – which in the end will lead to exhaustion of CHANNELCNT.
This is however, still more speculation that proven. I still have to prove it, the problem however is that these processes will die after some time, so there is too little time to dig into the process…I did have a course on crash dump analysis a few years ago, so that shouldn’t be too much of a problem. But 6 years – without regular exercise – requires a refreshment of knowledge, and I knew I had the documentation somewhere….But I found it, and know I’m able to look into the process – hopefully.
UMA would look on their systems why it doesn’t happen there – but I didn’t hear from them since they had other, urgent matters on their hands….