[prev in list] [next in list] [prev in thread] [next in thread]
List: novalug
Subject: [novalug] Weird speed issues
From: Geoff Silver <geoff () uslinux ! net>
Date: 2004-03-27 3:39:45
Message-ID: Pine.LNX.4.44.0403262238290.13438-100000 () mail ! uslinux ! net
[Download RAW message or body]
Hi all,
I've been having some bizarre speed issues recently, and I'm hoping
someone might have some ideas. Here's the setup:
* wireless lan with an Engenius AP3
* wireless lan is behind a Linux iptables (Debian) firewall
* there is a DMZ and wired LAN on two different firewall interfaces
* the firewall has a crossover cable from the "WAN" NIC to a Cisco 1600
router
LAN
|
WLAN --- FW --- Cisco 1600 Router --- Internet
|
DMZ
Here's the weird part:
* DMZ-to-internet transfers are full speed (150KB/sec+)
* LAN-to-internet transfers are full speed
* firewall-to-internet transfers are full speed
* WLAN-to-DMZ, WLAN-to-firewall, and WLAN-to-LAN are full speed
* WLAN-to-internet results in major speed issues (fluctuates between 3 and
25KB/sec max)
I didn't think it would help (and it didn't), but I tried the following
anyway:
* Bounced firewall
* Bounced router
* swapped firewall-to-router cable
* bounced laptop on the WLAN, tried an Orinoco and Linksys PCMCIA card
under Linux and Windows 98
* totally disabled the firewall (except IP NAT outbound only)
* swapped in my spare Cisco 1600 router
I checked the firewall just to make sure, and I don't have any traffic
shaping going on at all. I installed SQUID on my firewall and added a
firewall rule for transparent HTTP proxying and performance went from
25KB/sec to 145KB/sec.
output of ifconfig seems normal on the firewall *except* on my WAN NIC I
see:
RX packets:952630 errors:7570 dropped:7570 overruns:0 frame:14190
TX packets:844252 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
7570 errors. That seems strange. The error counter goes up slowly during
big downloads, but I don't see it move much otherwise. When I check the
router, I see:
120269 packets output, 75179847 bytes, 0 underruns
828 output errors, 1666 collisions, 1 interface resets
0 babbles, 822 late collision, 224 deferred
6 lost carrier, 0 no carrier
So the cisco seems to generate some output errors on the Ethernet port,
though the Serial port seems fine. I really thought this was a FUBARed
router, but I'm running on my backup router and seeing the same issue.
Again, I swapped crossover cables and I'm seeing the same thing.
I'm getting kind of desperate here. My next ideas are to swap the NIC in
the firewall and replace the CAT5 from the demarc to my router, but
neither of those seem like the problem. Particularly strange is that my
firewall will push the full T1 from the DMZ or LAN across the router, but
not the wireless LAN... But the wireless lan can transfer 500KB/sec from
the DMZ, LAN, and firewall itself.
I can provide pretty much anything that might help (firewall rules,
routes, arp tables, router configs, etc). Does ANYONE have an idea WTF is
going on. 10 years of IT experience and I'm stumped. Thanks.
--
Geoff Silver <geoff at uslinux dot net>
"If Bill Gates had a nickel for every time Windows crashed...
Oh wait, he does"
_______________________________________________
novalug mailing list
novalug@tux.org
http://www.tux.org/mailman/listinfo/novalug
for subscribe/unsubscribe see web page
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic