mc68020@gilsys.UUCP (Thomas J Keller) (10/12/87)
Environment: Tandy 6000, XENIX 3.1.2 (Tandy number, MIcroSlush # 3.0),
user accounting turned on, disk write verification on.
One phoneline, 300/1200 Hayes modem, one Wyse 75 terminal
on /dev/tty05, 12Mbyte primary, 1 10Mbyte secondary, 1
15Mbyte secondaryhard disks, 2 8" DSDD floppies, 1Mbyte RAM,
1 three-port serial expansion card.
Problem: /usr/adm/wtpm growing at alarming rate (>500K/day). Manual
checking revealed a *LARGE* number (on the order of 9000) accesses
to /dev/tty02 beginning at 03:00 and continuing through 04:29,
at the rate of approximately 95-120 accesses per MINUTE! (rate
is somewhat variable, depending on what else is happening on the
system. In particular, the rate drops below 100 after 04:00, as
that is when I unbatch received news for the day) Checking
the accounting data reveals no useful information, as there are no
indiciations of any related processes at the times these accesses
are being logged by wtmp.
Query: what in the name of GHU is going on!???? Could the problem be in the
Hayes modem? If so, why would it start and stop the way it does?
Any assistance greatly appreciated.
--
Tom Keller
VOICE : + 1 707 575 9493
UUCP : {ihnp4,ames,sun,amdahl,lll-crg,pyramid}!ptsfa!gilsys!mc68020wolfgang@mgm.mit.edu (Wolfgang Rupprecht) (10/15/87)
In article <1134@gilsys.UUCP> mc68020@gilsys.UUCP (Thomas J Keller) writes: >Problem: /usr/adm/wtpm growing at alarming rate (>500K/day). Manual > checking revealed a *LARGE* number (on the order of 9000) accesses > to /dev/tty02 beginning at 03:00 and continuing through 04:29, > at the rate of approximately 95-120 accesses per MINUTE! (rate > is somewhat variable, depending on what else is happening on the > system. In particular, the rate drops below 100 after 04:00, as > that is when I unbatch received news for the day) Checking > the accounting data reveals no useful information, as there are no > indiciations of any related processes at the times these accesses > are being logged by wtmp. You didn't mentions if /dev/tty02 was a dial-in dial-out or both. I assume that it is the modem line. I can think of two things that might do this. 1) both getty and some other program are both sucking down chars from tty02, ie. if you try to dial out on a line that still has getty enabled. Neither one would do too well here. 2) if your modem is echoing stuff back to getty (which echoes something to the modem .... <repeat forever>). In either case login wouldn't be too happy with what it got. Why not solve the mystery and put a terminal on the line and watch the chars fly? (just connect up the terminal's rs232 signal-ground and recieve lines to the tty as a monitor.) -- Wolfgang Rupprecht UUCP: mirror!mit-mgm!wolfgang <add us to your host table> ARPA: wolfgang@mgm.mit.edu (IP addr 18.82.0.114)
jfh@killer.UUCP (The Beach Bum) (10/16/87)
In article <1616@bloom-beacon.MIT.EDU>, wolfgang@mgm.mit.edu (Wolfgang Rupprecht) writes: > > In article <1134@gilsys.UUCP> mc68020@gilsys.UUCP (Thomas J Keller) writes: > >Problem: /usr/adm/wtpm growing at alarming rate (>500K/day). Manual > > checking revealed a *LARGE* number (on the order of 9000) accesses > > to /dev/tty02 beginning at 03:00 and continuing through 04:29, > > at the rate of approximately 95-120 accesses per MINUTE! > > Why not solve the mystery and put a terminal on the line and watch > the chars fly? (just connect up the terminal's rs232 signal-ground > and recieve lines to the tty as a monitor.) A problem I saw once on an unconnected line was that character transmitted by the system were being recieved back, possibly changed alittle ;-), even though nothing was one the line. Hooking up a terminal made the problem go away - BUT - the guy on the other end of the wire had an AB switch and didn't like having to use only one system. The Fix? I added a 10K resistor between RxD and ground on the System end of the cable. Didn't do anything while he was using the line, and when he wasn't, the resistor pulled the line down to ground rather than letting it float. The Moral? Engineers (he was an engineer) have their heads up their butts too much of the time ... (he also happened to have wired the systems ;-) - John. -- John F. Haugh II HECI Exploration Co. Inc. UUCP: ...!ihnp4!killer!jfh 11910 Greenville Ave, Suite 600 "Don't Have an Oil Well?" Dallas, TX. 75243 " ... Then Buy One!" (214) 231-0993
rob@array.UUCP (Rob Marchand) (10/16/87)
In article <1134@gilsys.UUCP> mc68020@gilsys.UUCP (Thomas J Keller) writes: >Problem: /usr/adm/wtpm growing at alarming rate (>500K/day). Manual > checking revealed a *LARGE* number (on the order of 9000) accesses > to /dev/tty02 beginning at 03:00 and continuing through 04:29, > at the rate of approximately 95-120 accesses per MINUTE! (rate > is somewhat variable, depending on what else is happening on the It is likely caused by getty processes being spawned and quickly dying when no carrier signal is detected. I've seen this on our system when the cable was unplugged from the modem (also a hayes), which provides a Carrier Detect signal whether or not a carrier is present. Same symptoms; wtmp grows like hell, and performance drops like hell (although its no prize here anyways :-) > system. In particular, the rate drops below 100 after 04:00, as > that is when I unbatch received news for the day) Checking This probably is just a result of the load that unbatching places on the system; I would guess (I've stuck my foot in it now, why quit) that this is what is slowing the respawning of the gettys down (maybe because of news decompression?) > >Query: what in the name of GHU is going on!???? Could the problem be in the > Hayes modem? If so, why would it start and stop the way it does? > Two things; check the dip switch on the modem to ensure that it provides a carrier detect (or get a getty program that has some smarts; uugetty seems to work for us), and check to see that the serial line provides the CD signal.... > > >-- >Tom Keller Good Luck Rob M. rob@array.UUCP -- Rob Marchand UUCP: {mnetor,utzoo}!lsuc!array!rob Array Systems Computing ARPA: rob%array.UUCP@uunet.UU.NET 200-5000 Dufferin Street Phone : +1(416)736-0900 Fax: (416) 736-4715 Downsview, Ont CANADA M3H 5T5 Telex : 063666 (CNCP EOS TOR) .TO 21:ARY001