Debian Configuration :: Bad Bandwidth Management Behind SSH Tunnel
Mar 2, 2016
We have an Apache Subversion (http) server for hosting our codes, and, for the 3 next month, we are behind a DSL connection (max upload 100 kB/s).
When a remote co-worker try to download a new fresh copy of our projects on his computer directly over http, the transfer goes fine : with a bandwidth monitor (gnome-system-monitor or bwm-ng) we can see that the server is trying to send ~95kB/s and the connection remains usable for others task in parallel (just a bit slower, which is normal).
But : when the remote co-worker is connected through SSH to this server, and uses tunneling to communicate with Apache Subversion, the server is sending more than 200kB/s : the connection is not usable for other tasks during the transfer as with ~102kB/s actually transferred through the DSL Line, it's completely congested and more than fifty percents of the packets are lost.
I think that I understand why : TCP/IP auto-detects the max amount of successfully transmitted bytes per second, and try not send more than this maximum value.
When the Apache server is connected to the local instance of openssh-server through localhost, packets are transmitted successfully between them. Only after, openssh-server try to send it to the client (and should retry if it's not successfull) but during that time, Apache is already giving the next one... giving this saturation effect (Apache is not aware of the saturation, or at least, not enough)
View 3 Replies
ADVERTISEMENT
Oct 25, 2015
Unfortunately I have followed a misleading guide to set ssh and scp in order not to supply password everytime and...I messed up my ssh/scp settings as it does not work anymore.Well, in my attempt:
I moved to
Code: Select allcd ~/.ssh
then I created a rsa key
Code: Select allssh-keygen -t rsa
without giving any passphrase.Then
Code: Select allcat id_rsa.pub >> authorized_keys
chmod 600 authorized_keys
Then I tried tunnelling and...it didn't work. So, ok, I tried to recover previous settings erasing all the items in the folder ~/ .ssh/. After I tried copying a file with the "usual" command that used to work before (i.e. scp file user-id@server) and...I've found out it does not work anymore!
I get this error message:
ssh_exchange_identification: Connection closed by remote host
View 5 Replies
View Related
Feb 17, 2010
I am getting this error when I try to bring up IPSec Tunnel.Starting connection with command /usr/sbin/ipsec auto --up 'paycode-to-vivacom' ..
104 "paycode-to-vivacom" #7: STATE_MAIN_I1: initiate
003 "paycode-to-vivacom" #7: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106
003 "paycode-to-vivacom" #7: ignoring Vendor ID payload [FRAGMENTATION c0000000]
[code]....
View 3 Replies
View Related
Dec 12, 2010
I installed the PPTP Client [URL] and can successfully connect to my VPN (creates interface ppp0). The problem is, I'm trying to tunnel all of my traffic on my system through the connection. I've seen conflicting howtos and scripts including pptpclient's documentation (the ip-up and ip-down scripts don't work). How does one simply (even if I type it manually) tunnel the traffic?
System Info:
OS: Debian Squeeze, Kernel 2.6.32-5-686
GUI: Gnome (standard one from netisnt unstable install)
Main interface: eth1
PPTP interface: ppp0
View 1 Replies
View Related
Apr 23, 2011
My Debian server is used by people to set up ssh-tunnels for use as a local proxy ( on their remote machines).Since only the tunnel is setup, and no shell is used, I can't use "who" to see which users have an active ssh-tunnel on my server, but I would like to have an idea about who is active etc. I think I should be able to determine this from the auth.log file, but then I would have to use some script to determine what connection is still active. Is there an easy way to see what users have active ssh-tunnels on my Debian server at any given moment?
View 3 Replies
View Related
Feb 18, 2011
I currently run openVPN on my Debian box that provides secure ipv4 routing from my laptop to my VPS in a different country (and from there the internet via this box). This works fine. However, id like to sort out ipv6 through this VPN as well as IPV4 and not overly sure how to do it. The remote server itself has native ipv6 configured on device eth0 and it works (ping6, traceroutes all fine,incoming to web servers etc) nicely on dual stack.
How would i go about modifying the config (both client and server if needed) to enable openVPN to act as a tunnel broker to enable the laptop to use the ipv6 through the server as well as the old v4? (the internet connection laptop end will not/does not have native ipv6 from the ISP. Currently im using he-net tunnel broker but id like to run myself through my existing openVPN). VPN config details: Its using UDP, port 1194, creates a TUN interface, redirect-gateway etc and the rest is normal config. Edit:- if it matters the clients are all running windows so i cant use sh scripts to set up stuff client end.
View 1 Replies
View Related
Sep 25, 2010
I am Network Administrator in a Degree College managing around 2500 Comps. My ISP has terminated its Internet link (15 Mbps) to our Linux Server (Installed 2 NIC) from where Internet connection is extended to rest of the machines in network. I am supposed to send different bandwidth to different departments say 5 Mbps to Hostel, 2 Mbps to Staff room etc. I am new to linux and don't know anything about Bandwidth Management in linux.
View 2 Replies
View Related
Jun 17, 2011
I wanted to implement a server for a small network, but am a bit in-experienced. The server that I want to use should be able to do load-balancing (two connections) and also act as firewall/proxy. And also it should be able to do some bandwidth management. The network that its going to serve has two parts. One part of the network should be served, say during day time,and the other during night time. The one that is going to be served at night-time should not have access to internet during day-time, but should have access to, say local mirror-server. I am a bit confused what software/hardware to use. I am planing to use EndianFirewall, but since I don't have experience, don't know if it can do all that I need (?).
View 1 Replies
View Related
Jan 4, 2010
In my household a number of people use the internet. Up to a maximum of 3 wired connections and 2 wireless connections at its peak, all connection through my D-LINK G604T router. The problem is, when one person is downloading or watching ..... or whatever, the others using the internet suffer. I've spent hours configuring QoS on my router, and long story short, no matter how I configure it, it just simply does not work. QoS in no way shape or form limits connection speed (which it says it should). Anyway.
I have a spare computer under my desk, and I'd like to know if I could set this up with a (free) linux distro that limits bandwidth speed per connection. For example, of the 1500 kb/ps (about) my modem pulls, is there a way to limit that to 768 or 512 per connection? so person A can still download, person B can still watch ....., and person C can still play counterstrike with a latency under 100. This would solve many, many arguments in my house I am *fairly* good with computers, but if the distro came with documentation and a GUI that would be awesome.
* TL;DR: *
Is there a linux distro I can load on a spare computer that limits bandwidth per connection, wireless or otherwise, with good documentation?
Failing that is there firmware I can use for my modem (dlink g604t) that would do the same?
Failing that do you know of any good hitmen that would solve my family arguments, ahem, permanently?
View 6 Replies
View Related
Feb 28, 2010
How to set download limit using SQUID? I want to specify the download limit for a particular list in MB. Is it possible to limit bandwith for some group of machines in network?
View 1 Replies
View Related
Jan 1, 2011
i wanted to do bandwidth management/traffic shaping on my Internet link(have two internet connections), but i have some questions to ask: I want to know how could i for example filter some traffics using tc and iptables (e.g Peer-to-Peer,IM,Download Managers,Flash videos..) i can do filtering for known services like http,ssh,... but since these applications doesn't use one port, i am confused a little bit. I also want to do some bandwidth allocations (based on protocol) thats why i need filtering.
The other question is that currently i am using tc for bandwidth allocation and iptables for marking packets to send to these classes, am i doing it right? I mean it does work, but is it better to use for example "U32" filters for filtering? P.S: i tried to use ClearOS in gateway mode, but it doesn't have bandwidth allocation functionality. Does anyone know if i could do bandwidth allocation in ClearOS/Endian.
View 1 Replies
View Related
Nov 29, 2010
I am trying to do some bandwidth management testing, so I have developed a small script for doing so. When I try to run it it gives the error <error> RTNETLINK answers: invalid argument</error>. I have searched the net, and so far they say it has to do something with the kernel support.
the script:
<code>
tc qdisc add dev eth1 root handle 1: htb
tc class add dev eth1 parent 1: classid 1:1 htb rate 2mbit ceil 2mbit
tc class add dev eth1 parent 1:1 classid 1:10 htb rate 600kbit ceil 2mbit prio 2
tc class add dev eth1 parent 1:1 classid 1:20 htb rate 1400kbit ceil 2mbit
tc class add dev eth1 parent 1:20 classid 20:100 htb rate 700kbit ceil 2mbit prio 0 #when running this command it gives the error
tc class add dev eth1 parent 1:20 classid 20:200 htb rate 700kbit ceil 2mbit pro 1
</code>
I am running this script on a virtual machine that has ubuntu 9.04 installed.
View 1 Replies
View Related
Apr 30, 2010
I setup a server with vmware esxi 4. I installed opensuse 11.2 and I have successfully setup an internet gateway and I manually configured (static) my client IP. My question is, is there any software or commands that I could use to manage the bandwidth usage for each client? eg. only 5Mbps for 192.168.1.5, 10Mbps for 192.168.1.10, etc
View 3 Replies
View Related
Feb 28, 2010
How to set download limit using SQUID? I want to specify the download limit for a particular list in MB. Is it possible to limit bandwith for some group of machines in network?
View 6 Replies
View Related
Feb 19, 2010
I am trying to figure out where the harddisk power management can be found in Squeeze. Before it was in the scripts under /etc/acpi, but in Squeeze it's not. I'd like to be able to change the hdparm -B value from 128 to 200 when using battery.
View 3 Replies
View Related
Jan 1, 2011
I disable that from the gnome power management utility screen go black after 10 minute. It's very annoying since I cannot watch a movie in that way!
View 6 Replies
View Related
Jun 26, 2011
I'm looking for opensource central management software to manage squeeze workstations.
View 4 Replies
View Related
May 6, 2011
I've got problem with configuration of 6to4 tunnel. I do it like they do here using iproute2 HTML Code: [URL] And still I can't ping ipv6.google.com: I' ve got Destination unreachable: Address unreachable
View 1 Replies
View Related
Feb 23, 2010
I am a Linux noob (running Ubuntu 9.10) and not even an advanced Win. user. However, my switch to Linux was for simplicity, stability, fewer crashes,and the open-source software philosophy. However, Ubuntu hasn't been what I am hoping for. While Scientific Linux and Vector seem like good second choices, they don't seem to have the community/enthusiasm that Slackware has. However everything I read is all about "dependency management" w/r/t Slackware. Is this really a big problem? As a newbie, how will I deal with it? I am willing to learn but realize that I am starting from scratch.
View 14 Replies
View Related
Nov 18, 2010
I created a the class like this for shaping the packets with a specified bandwidth rate.....
tc qdisc del dev eth0 root
tc qdisc add dev eth0 root handle 1: htb default 15
tc class add dev eth0 parent 1:0 classid 1:1 htb rate 750kbit ceil 750kbit
tc class add dev eth0 parent 1:1 classid 1:3 htb rate 600kbit ceil 750kbit prio 0
For Our Requirement:-
I dont want to specify the bandwidth rate strictly like this rate750kbit ceil 750kbit,based on whatever speed is coming which should allocate the bandwidth rate for particular class...I need one application for finding the upcoming bandwidth & Is any other method is there for specify the bandwidth rate in a classes.
View 1 Replies
View Related
Jan 25, 2010
I'm using Debian Lenny and I want to tunnel rtorrent only through a OpenVPN tunnel. I have a tunnel running, the config file looks like this:
client
dev tun
proto udp
remote openvpn.xxx.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
[Code]...
My idea is that I could run a sockd proxy internally that redirects traffic to the openvpn tunnel. I could use the *nix "proxifier" application "tsocks" to make it possible for rtorrent to connect through that proxy (as rtorrent doesn't support proxies). I have trouble configuring sockd as my IP inside the VPN changes every time I connect. This is a config file someone said would help:[URl].. As my IP changes at each connect I don't know what to put in that config file. I have no control over the host side config file.
View 1 Replies
View Related
Dec 10, 2010
I've recently upgraded my broadband from a 1Mbps to a 10Mpbs from the same ISP. As such there is no change of hardware.Tried downloading a Linux iso from my laptop and is getting a very good download speed. However, noticed that when I am downloading the iso, all the bandwidth is taken up by the download. Even my browser is unable to refresh or load a new webpage. Boot into Win7 (same laptop) and the webpage is ABLE to load. Tried the same in my netbook (openSUSE) and the webpage is ABLE to load. Tried the same in my Debian desktop and the same problem returns, while downloading files (iso or video) all the bandwidth is taken by the download. Browser unable to refresh. Computer connected to the same wireless network is also deprived of the bandwidth. So the bandwidth (from the wireless router) is totally taken up by the downloading Debian laptop or desktop.
View 13 Replies
View Related
Dec 9, 2010
I've recently upgraded my broadband from a 1Mbps to a 10Mpbs from the same ISP. As such there is no change of hardware. Tried downloading a Linux iso from my laptop and is getting a very good download speed. However, noticed that when I am downloading the iso, all the bandwidth is taken up by the download. Even my browser is unable to refresh or load a new webpage. Boot into Win7 (same laptop) and the webpage is able to load. Tried the same in my netbook (openSUSE) and the webpage is ABLE to load.
Tried the same in my Debian desktop and the same problem returns, while downloading files (iso or video) all the bandwidth is taken by the download. Browser unable to refresh. Computer connected to the same wireless network is also deprived of the bandwidth. So the bandwidth (from the wireless router) is totally taken up by the downloading Debian laptop or desktop. Is there something in Debian that I've need to configure?
View 3 Replies
View Related
Sep 26, 2010
I have a fast server running Debian 5 (I tried to upgrade and everything broke.
So I'll stay with Lenny):
Core 2 Duo
4Gb RAM
RAID 0
100mbit
When I use the -X command and try and run applications to my desktop, it is VERY slow. Firefox takes 20 seconds+ just for a right-click menu to appear. It is completely unusable because of this speed. And this is after a clean install of Debian 5.
I've tried on multiple clients (Windows and OS X) and it is always slow! Even though both computers and connections are fast. My home connection is 100mbit too....
So the problem is not bandwidth or resources, the problem must be with the server/software? Any ideas why tunneling X11 applications are so slow? Is there an alternative X11 software I could use on the server?
1 thread in FTP to this server gives 10MB/s (100mbit). So X11 should be fast? And btw, I'm tunneling through SSH.
Can figure out why it is so slow?
View 4 Replies
View Related
Jun 17, 2009
Can squid do 'fair bandwidth sharing' ? What i mean is, if there is 1 user online on a 4mg line, that user will be using the entire 4mg line speed, and if there are 2 users online, each user will have 2mg line speed, and so on. I have squid cache set up already, but i just need to know how bandwidth distribution/sharing can be handled Can squid also be used to limit/disconnect users after they have used up their allotted bandwidth? [I have a mikrotik router connected to the adsl (for wireless users)]
View 1 Replies
View Related
Jun 7, 2010
I just wanted to use a network bandwidth usage monitoring application. Scenario: I am using an EV-DO based USB broadband modem with a limited GB plan. For additional data usage they charge per MB. Currently I use either wvdial (mostly) or pon to start the connection. So if there is any network monitoring application which could log time used and data used for the session, it would be great. Actually debian has too many different network monitoring applications, But I am not sure which one suits well for this purpose.
View 5 Replies
View Related
May 27, 2009
We have a sipmle office network set up that we also use use to connect to the internet, however of late the number of users has increased thus slowing internet access. Bandwidth upgrade is not an option thus i have to do bandwidth shaping on our linux router. The question is how do set the squid configs to allow certain IP's range a certain percentage bandwidtheg 60% and furthe divide the rest. Alternatively how can allow certain IPs to have higher bandwidth access.
View 1 Replies
View Related
Feb 22, 2010
I installed Debian Lenny on a Desktop computer for my wife, and am looking for an application to manage her photos.Specifically, what I'm looking for is a way to graphically display a file of thumbnails that reside in a specific folder and allow me to rearrange the order of them them as I see fit. The altered file would then be written back to the hard drive to be viewed with any photo viewer.
View 8 Replies
View Related
Feb 9, 2011
Ubuntu has been very good for us, fast, small foot print, But just yesterday it decided not to boot up. It gets to the login screen, and shows a warning... "Install problem, the Gnome power management configuration installed incorrectly, contact your administrator" What can I do to free this up?
View 1 Replies
View Related
Sep 10, 2010
How do we perform offline patch management with Debian? This isn't a question about which tools to use on Debian to load the patch once it is on a CD and transferred to said offline computer via sneaker net. More, how do I keep said offline (or strictly firewalled) computer in synch?
Pardon me while I make a comparison to Solaris. I am in no way stating Solaris is better. It just happens to be my baseline of experience.In Solaris, I can download Cluster Patch Updates (CPU). So if I build a Solaris box with a CD that is a year or more old, I can download the latest CPU and get the box patched up to date, and from that point on sneaker-net patches as they appear.
View 2 Replies
View Related
