Hi, I don''t know what''s happened suddenly to my firewall. I see no sign of device trouble, nothing very telling in my logs. All of a sudden my data transfer rate has dropped drastically, but this is only for servers behind the firewall. I''ve rebooted the servers, rebooted the firewall, rebooted network switch. For data transfer testing, I run sftp to the server shorewall is running on. And I get very fast transfers as expected. However if I attempt sftp to any server behind shorewall (in the loc network) then I get ridiculous 10KB/s. This just happened suddenly and I have not been able to figure this out. On the shorewall server, I look at the eth devices and I look at /var/log/messages and I don''t see any evidence of problems. I''m not seeing any sort of driver or kernel errors logged. What could be "blocking" the transfer? How could I properly diagnose this? I''m really lost at what could be happening here. I appreciate any help. Thank you Ricardo ------------------------------------------------------------------------------ Cloud Services Checklist: Pricing and Packaging Optimization This white paper is intended to serve as a reference, checklist and point of discussion for anyone considering optimizing the pricing and packaging model of a cloud services business. Read Now! http://www.accelacomm.com/jaw/sfnl/114/51491232/
One other piece of information... This "blockage" seems to be only for download (from server to internet). I tried sftp tests uploading data (from internet to server) and the transfer is fast as expected. But try to download and we''re back down to ridiculously low data rates. :-( At Monday, 12-05-2011 on 23:52 "Ricardo Kleemann" wrote: Hi, I don''t know what''s happened suddenly to my firewall. I see no sign of device trouble, nothing very telling in my logs. All of a sudden my data transfer rate has dropped drastically, but this is only for servers behind the firewall. I''ve rebooted the servers, rebooted the firewall, rebooted network switch. For data transfer testing, I run sftp to the server shorewall is running on. And I get very fast transfers as expected. However if I attempt sftp to any server behind shorewall (in the loc network) then I get ridiculous 10KB/s. This just happened suddenly and I have not been able to figure this out. On the shorewall server, I look at the eth devices and I look at /var/log/messages and I don''t see any evidence of problems. I''m not seeing any sort of driver or kernel errors logged. What could be "blocking" the transfer? How could I properly diagnose this? I''m really lost at what could be happening here. I appreciate any help. Thank you Ricardo ------------------------------------------------------------------------------ Cloud Services Checklist: Pricing and Packaging Optimization This white paper is intended to serve as a reference, checklist and point of discussion for anyone considering optimizing the pricing and packaging model of a cloud services business. Read Now! http://www.accelacomm.com/jaw/sfnl/114/51491232/
Interesting problem. Here are some things you might like to check (beyond what you''ve already done). 1. Try SFTP from different servers behind the firewall. It may be something as simple as a bum network card on one of your servers. (although I would have thought your logs would have shown that) 2. Run Wireshark (or something similar) to listen in to the network traffic during the transfer. You might get clues to the actual transmission, or see some other disruptive traffic. 3. Watch the blinken lights and see if the network is congested, or just something wrong with the transmission rate. 4. Verify that you don''t have an IP conflict (2 devices with the same IP) fighting for control. Good luck!> One other piece of information... > > This "blockage" seems to be only for download (from server to > internet). > > I tried sftp tests uploading data (from internet to server) and the > transfer is fast as expected. But try to download and we''re back down > to ridiculously low data rates. > > :-( > > At Monday, 12-05-2011 on 23:52 "Ricardo Kleemann" wrote: > > Hi, > > I don''t know what''s happened suddenly to my firewall. > > I see no sign of device trouble, nothing very telling in my logs. All > of a sudden my data transfer rate has dropped drastically, but this is > only for servers behind the firewall. > > I''ve rebooted the servers, rebooted the firewall, rebooted network > switch. > > For data transfer testing, I run sftp to the server shorewall is > running on. And I get very fast transfers as expected. > > However if I attempt sftp to any server behind shorewall (in the loc > network) then I get ridiculous 10KB/s. This just happened suddenly and > I have not been able to figure this out. > > On the shorewall server, I look at the eth devices and I look at > /var/log/messages and I don''t see any evidence of problems. I''m not > seeing any sort of driver or kernel errors logged. > > What could be "blocking" the transfer? How could I properly diagnose > this? > > I''m really lost at what could be happening here. > > I appreciate any help. > > Thank you > Ricardo > > > ------------------------------------------------------------------------------ > Cloud Services Checklist: Pricing and Packaging Optimization > This white paper is intended to serve as a reference, checklist and point > of > discussion for anyone considering optimizing the pricing and packaging > model > of a cloud services business. Read Now! > http://www.accelacomm.com/jaw/sfnl/114/51491232/_______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users >-- Casey Bralla Chief Nerd in Residence The NerdWorld Organisation ------------------------------------------------------------------------------ Cloud Services Checklist: Pricing and Packaging Optimization This white paper is intended to serve as a reference, checklist and point of discussion for anyone considering optimizing the pricing and packaging model of a cloud services business. Read Now! http://www.accelacomm.com/jaw/sfnl/114/51491232/
Thank you for your suggestions.
First, just want to point out this is not shorewall-related, I
apologize for being off-topic.
I ran additional tests with shorewall turned off and I get the same
results.
Anyway, the same behavior I saw over the internet, I see in the
internal network.
I can transfer data from firewall to servers ("upload") very fast.
But the other way around, from servers to firewall, is horribly slow.
Transferring data between the servers (so it goes through the "loc"
network switch) is very fast both ways, so I can rule out network
problems between the servers.
So it''s really narrowed down to only the communication between the
firewall and servers - and only in one direction. This is very
strange. I''m going to replace the network cable just to see if that
makes a difference.
At Tuesday, 12-06-2011 on 8:31 "Casey Bralla" wrote:
Interesting problem. Here are some things you might like to check
(beyond
what you''ve already done).
1. Try SFTP from different servers behind the firewall. It may be
something as simple as a bum network card on one of your servers.
(although I would have thought your logs would have shown that)
2. Run Wireshark (or something similar) to listen in to the network
traffic during the transfer. You might get clues to the actual
transmission, or see some other disruptive traffic.
3. Watch the blinken lights and see if the network is congested, or
just
something wrong with the transmission rate.
4. Verify that you don''t have an IP conflict (2 devices with the same
IP)
fighting for control.
Good luck!
> One other piece of information...
>
> This "blockage" seems to be only for download (from server to
> internet).
>
> I tried sftp tests uploading data (from internet to server) and the
> transfer is fast as expected. But try to download and we''re back
down> to ridiculously low data rates.
>
> :-(
>
> At Monday, 12-05-2011 on 23:52 "Ricardo Kleemann" wrote:
>
> Hi,
>
> I don''t know what''s happened suddenly to my firewall.
>
> I see no sign of device trouble, nothing very telling in my logs.
All> of a sudden my data transfer rate has dropped drastically, but this
is> only for servers behind the firewall.
>
> I''ve rebooted the servers, rebooted the firewall, rebooted network
> switch.
>
> For data transfer testing, I run sftp to the server shorewall is
> running on. And I get very fast transfers as expected.
>
> However if I attempt sftp to any server behind shorewall (in the
loc> network) then I get ridiculous 10KB/s. This just happened suddenly
and> I have not been able to figure this out.
>
> On the shorewall server, I look at the eth devices and I look at
> /var/log/messages and I don''t see any evidence of problems.
I''m not
> seeing any sort of driver or kernel errors logged.
>
> What could be "blocking" the transfer? How could I properly
diagnose> this?
>
> I''m really lost at what could be happening here.
>
> I appreciate any help.
>
> Thank you
> Ricardo
>
>
>
------------------------------------------------------------------------------> Cloud Services Checklist: Pricing and Packaging Optimization
> This white paper is intended to serve as a reference, checklist and
point> of
> discussion for anyone considering optimizing the pricing and
packaging> model
> of a cloud services business. Read Now!
>
http://www.accelacomm.com/jaw/sfnl/114/51491232/_______________________________________________> Shorewall-users mailing list
> Shorewall-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>
--
Casey Bralla
Chief Nerd in Residence
The NerdWorld Organisation
------------------------------------------------------------------------------
Cloud Services Checklist: Pricing and Packaging Optimization
This white paper is intended to serve as a reference, checklist and
point of
discussion for anyone considering optimizing the pricing and
packaging model
of a cloud services business. Read Now!
http://www.accelacomm.com/jaw/sfnl/114/51491232/
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
------------------------------------------------------------------------------
Cloud Services Checklist: Pricing and Packaging Optimization
This white paper is intended to serve as a reference, checklist and point of
discussion for anyone considering optimizing the pricing and packaging model
of a cloud services business. Read Now!
http://www.accelacomm.com/jaw/sfnl/114/51491232/
Are you using CentOS 6? On 12/6/2011 8:31 AM, Casey Bralla wrote:> Interesting problem. Here are some things you might like to check (beyond > what you''ve already done). > > 1. Try SFTP from different servers behind the firewall. It may be > something as simple as a bum network card on one of your servers. > (although I would have thought your logs would have shown that) > > 2. Run Wireshark (or something similar) to listen in to the network > traffic during the transfer. You might get clues to the actual > transmission, or see some other disruptive traffic. > > 3. Watch the blinken lights and see if the network is congested, or just > something wrong with the transmission rate. > > 4. Verify that you don''t have an IP conflict (2 devices with the same IP) > fighting for control. > > > Good luck! > > > >> One other piece of information... >> >> This "blockage" seems to be only for download (from server to >> internet). >> >> I tried sftp tests uploading data (from internet to server) and the >> transfer is fast as expected. But try to download and we''re back down >> to ridiculously low data rates. >> >> :-( >> >> At Monday, 12-05-2011 on 23:52 "Ricardo Kleemann" wrote: >> >> Hi, >> >> I don''t know what''s happened suddenly to my firewall. >> >> I see no sign of device trouble, nothing very telling in my logs. All >> of a sudden my data transfer rate has dropped drastically, but this is >> only for servers behind the firewall. >> >> I''ve rebooted the servers, rebooted the firewall, rebooted network >> switch. >> >> For data transfer testing, I run sftp to the server shorewall is >> running on. And I get very fast transfers as expected. >> >> However if I attempt sftp to any server behind shorewall (in the loc >> network) then I get ridiculous 10KB/s. This just happened suddenly and >> I have not been able to figure this out. >> >> On the shorewall server, I look at the eth devices and I look at >> /var/log/messages and I don''t see any evidence of problems. I''m not >> seeing any sort of driver or kernel errors logged. >> >> What could be "blocking" the transfer? How could I properly diagnose >> this? >> >> I''m really lost at what could be happening here. >> >> I appreciate any help. >> >> Thank you >> Ricardo >> >> >> ------------------------------------------------------------------------------ >> Cloud Services Checklist: Pricing and Packaging Optimization >> This white paper is intended to serve as a reference, checklist and point >> of >> discussion for anyone considering optimizing the pricing and packaging >> model >> of a cloud services business. Read Now! >> http://www.accelacomm.com/jaw/sfnl/114/51491232/_______________________________________________ >> Shorewall-users mailing list >> Shorewall-users@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/shorewall-users >> >------------------------------------------------------------------------------ Learn Windows Azure Live! Tuesday, Dec 13, 2011 Microsoft is holding a special Learn Windows Azure training event for developers. It will provide a great way to learn Windows Azure and what it provides. You can attend the event by watching it streamed LIVE online. Learn more at http://p.sf.net/sfu/ms-windowsazure