Networking :: Slow Outbound - Fast Outbound Cross Country Connection
Jun 2, 2011
I'm having an issue where a server in CA (1000/full) and in VA (100/full) have very lopsided data transfer.
CA -> VA with iperf shows ~20Mbps
VA -> CA with iperf shows ~93Mbps
If we change the CA server to 100/FULL, transfer speed is 93Mbps both ways.
Some tuning was done to TCP window scaling parameters, but it won't correct the issue, just improve the CA -> VA numbers to what is listed above. I will say, turning TCP window scaling OFF will lower the transfer speed both ways to < 20Mbps.
The only clue I have when looking at wireshark dumps is that the window scale going OUT would never go past 10240 (scale is 8, so 2^8 x 40bytes). In the opposite direction, the window size will go above 3MB (scaled).
It is not a bandwidth problem as iperf with UDP shows 93Mbps both ways. Local transfers (CA 1000/full to CA 100/full) show full speed both ways, so I feel it is strictly related to TCP window scaling.
RedHat 5 64-bit on both sides. Any ideas why it won't scale above 10240?
View 7 Replies
ADVERTISEMENT
Jul 24, 2011
I'm sending files to a remote server by way of FTP via a PHP script. With the firewall turned on these files are getting to the remote server with 0kb and the remote server is timing out before all the files are received. When the firewall is turned off the all files are received in tact. There are no outbound rules set in the iptables, looking for ideas on what to check next.
View 4 Replies
View Related
Feb 4, 2011
I've ben punding myhead on this issue. I've setup a new postifx server on rhel5. After editing the needed entries, i can't seem to send any outbound mails to yahoo or any other domains.My postconf -n is as follows:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
[code]...
View 2 Replies
View Related
Mar 14, 2011
Looking at the output of netstat, I'm not seeing a definitive way to tell which torrent connections are clients reaching in to my machine vs my machine reaching out to the world. Is there a clear way to determine which is which?
View 1 Replies
View Related
Oct 19, 2009
I'm having a problem that seems to plague a lot of people judging from my research on the web. I have a hosting provider that limits the number of incoming connections to the shared host to 50 per IP.
I have a single IP for outbound connections and I use Squid as a proxy server.
Lately I've tripped across the 50 connection limit frequently - and that's with only 1 user. It seems the problem is related to the performance you can get out of a desktop these days. Its not impossible to have several browsers open with several connections to different sites on the same server - and boom - locked out!
So it occurred to me that there must be some way to limit the number of outbound connections in the kernel - but I've not found it. I did find that Microsoft had been limiting the number of outbound connections in XP to 10 to address the virus problem, and I've found countless hosting complaints and dialog on the subject with no easy solution.
So my question is simply, does anyone know how to limit the number of OUTBOUND connections to a single IP in the kernel?
View 2 Replies
View Related
Aug 17, 2010
Is there a way to configure my interface to promisc mode and also make it not capture the "transmitted" packets. ?I mean, i want the interface in Promisc mode but only for inbound traffic.If there isnt any using ifconfig, can it be by configuring eth0 to promisc using ifconfig , and filtering outbound traffic from being captured using sockets or something ?
View 4 Replies
View Related
Jan 17, 2011
I have problem on VPS running opensuse. When I enable firewall outbound connections stop working. I have tried everything I know (not much when it comes to firewall (iptables)) but could not solve this.
Here is my ifconfig:
Code:
I used xxx.xxx.xxx.xxx to hide real address.
View 2 Replies
View Related
May 19, 2010
I've read up some of the posts on this forum, but can't seem to find an answer. I have a web service within an Apache Tomcat instance installed on a Redhat linux server. I only have shell access to the server, and need to monitor outbound network traffic from my web service. Is there a unix command that will allow me to monitor all outbound traffic? I'm thinking fiddler, but a unix version? I've heard of things like ntop and iptraf, but I don't think those will help me in this instance.
View 2 Replies
View Related
May 7, 2010
My wireless seems to be fast for a good 30secs then bang takes good while to load the next page almost as if it's disconnecting and then reconnecting/scanning reconnecting. Why cant it stay connected. I have WAP PSK security here is my network setting please let me know if I should change any of them:(side not is there a way to fix this problem occuring so frequently it says on the wiki that it should only occur once in a whilce https:[url].....
View 2 Replies
View Related
Jan 22, 2011
I have a strange problem that I cannot diagnose -- slow wifi. About two or three weeks ago, I noticed that my wifi began to slow down dramatically. The problem is the same on my ubuntu laptop and my ipad. But when I connect directly to the router with a network cable, my connection is fine. So it is definitely a problem with the wifi signal itself.
What I have done so far:
(1) I checked all of the MAC addresses connected to my wifi. I identified my tivo box, laptop, and ipad. Nothing else.
(2) I used [I]wifi analyzer[I] on my android phone and selected an unused wifi channel (channel 8).
(3) I changed the username/password on my wifi signal. I also changed the password for my router's admin privileges.
(4) I restarted my router and computer.
None of this helped.
I am using a Netgear WGR614 wireless router.
View 3 Replies
View Related
Dec 8, 2009
I need to log outbound (server -> remote) ssh traffic, but am unsure of the best way to do this.
I added this to iptables, but nothing is being written to the logs when I ssh from the server to another system.
iptables -A OUTPUT -m state --state NEW -j LOG --log-uid iptables-save
View 2 Replies
View Related
Nov 7, 2010
I have internal-only email server that has internal BIND9 running. Thought it only has its IP address defined in /etc/resolv.conf, it is still resolving outside addresses.
View 2 Replies
View Related
May 26, 2010
I have just built an internal postfix server for sending mail only, it's not accessible outside our network. I will be sending from our domain, Rewriting the from field to abc.com is turned on in the postfix config. A friend is telling me this will not work as they will do reverse lookups on our domain. What does this mean? Obviously the domain the email is sent from is a valid domain. If they do a lookup from the IP the mail came from it would be global crossing, our internet provider? These outbound emails are critical client reports, I want to make sure they are not seen as spam.
View 1 Replies
View Related
Nov 21, 2010
(centos 5.5 86*64 with cpanel) I am trying to set up a php script.
The script requires an outbound connection to project honeypot and when I go to the honeypot.php on my server I get an error asking if outbound connections are disabled.
They could be...I am not sure where to check, I have checked csf and outbound tcp is allowed on port 80, but I am not sure if I should be looking somewhere else.
Obviously I dont want to make the server insecure, so I am wondering how I can allow this outbound connection.
View 2 Replies
View Related
Jul 22, 2011
Is there a way I can count inbound/outbound mails for a particular user? I'm using sendmail as MTA and dovecot for POP3.
View 1 Replies
View Related
Aug 24, 2010
I wish to prevent some programs from "phoning home", and to allow other programs to access only specific web servers.Is there any way to interactively allow or decline outbound communication from individual programs on Ubuntu?
View 4 Replies
View Related
Mar 14, 2010
My setup is local install so I don't expect it to receive emails from the internet.However I do expect it to be able send messages to the internet, but it doesn't seem like it. I have tried setting up on FreeBSD before and it was able to do so but I wasn't involved in the setting of the machine though. I was just tasked to setup Horde
View 3 Replies
View Related
Feb 28, 2011
I want to prevent code from making http connections to other, specific hosts. My understanding is this can be done in /etc/hosts.deny. What would that look like?
View 5 Replies
View Related
Apr 15, 2011
I understand the difference between Reject vs Drop for incoming traffic, but are there any differences between reject and drop for Outbound Traffic? Are there reasons to pick one over the other or are they functionally identical when talking about Outbound traffic?
View 6 Replies
View Related
Jul 23, 2011
What should I do to keep important files on my computer from being uploaded to the internet? Don't I need an outbound firewall to prevent this?
What causes my computer to send an outbound request to the internet that would result in files being uploaded from my computer onto the internet? I'm afraid to put anything of importance (like reports that I've written for work) onto a computer with internet access because I don't want them to be uploaded to the internet. I wouldn't upload them on purpose obviously, but I'm afraid it would happen without my knowledge because I don't know what I'm doing.
View 4 Replies
View Related
May 25, 2011
Tried google and searching this forum to no avail. Under Fedora 14, there is an selinux policy which blocks sshd from making outbound connections on port 80 or 443. This can occur when a client box tries to tunnel through the ssh connection for encrypted access to the web.
While I did manage to allow this happen by creating a permissive domain for sshd with this command:
Code:
The preferred way would be to allow sshd to make connection on other ports with a similar command that does not seem to work:
Code:
Is this the correct way of allowing an outbound port connection for the sshd daemon?
View 2 Replies
View Related
Dec 18, 2010
Using Windows, I always set a Restrictive firewall policy with a third party firewall. But I also had all ports set to Stealth, something that appears to not offer any security benefits (as I've learned from reading Ubuntu forums). I'd like to learn about best security practices (under Ubuntu) for outgoing firewall protection. I will be using the built-in Ubuntu firewall that is configured via Firestarter. Outgoing filtering offers privacy as well as security benefits. But I thought I needed my ports stealthed to be safe too, so I'm open to learning new things.
I wanted to start a poll to find out how many folks use permissive/restrictive, but no polls allowed here apparently.Could Ubuntu users knowledgeable about firewalls enlighten me on whether I should go Outbound-Restrictive and what applications I will need to allow so Ubuntu "housekeeping" is not affected negatively? I basically just use the internet for software updates, web-surfing and e-mail. One question I have is whether there is something comparable in Ubuntu to Window's "DNS Client" service? I always disabled Window's "DNS Client" and forced each application to request port 53 DNS lookups itself.I only had to allow four programs to accomplish all internet traffic that I engage in. I set all other programs/applications to be either Blocked or to have to Ask for an outgoing connection as needed.Here is my former Windows XP setup:
svchost.exe: allow UDP for ports 53, 67, 68, 123 (time) and TCP for ports 80, 443
Avast: allow UDP for port 53 and TCP for port 80
firefox: allow UDP for port 53 and TCP for ports 80, 443
IE: allow UDP for port 53 and TCP for ports 80, 443
View 9 Replies
View Related
Mar 15, 2010
This is the current setup that we have: We have approx 20 clients who pay us to send out a type of e-mail called an E-Blast to their customers. We currently are using 5 Microsoft Windows Virtual Servers to do this. The problem is that those machines are starting to break down. There are times that it will take Microsoft Windows approx 9-10 hours to complete 1 job. This is way too long. We want to move away from Microsoft Windows for this particular type of job as it seems there are more customers who are wanting to use this type of advertising.
It seems that using a Linux Server "Command Line or Shell" environment would be the best way to go as there is no GUI like Windows. Since there is just text...that is something that would/should process very, very quickly.
I am in the process of setting up a new SMTP outbound mail server. This is the current software & configuration (what is installed on this new machine):
All of the customer data (Names, E-Mail Addresses, etc that these e-mails are going to) are currently loaded in a Microsoft SQL Database.
My machine that I am using is plugged into the DMZ. I have 1 ip address for the 1 network card. I have also added/bound 4 more ip addresses to that network card.
I have configured Postfix for Multiple IP Addresses.
I can, from the command line, send successful test e-mails and receive them in my personal account.
As far as I know everything is setup correctly. I can and will post requested information so that it can be verified that everything is setup correctly.
Here are a couple of my questions:
Ensure that I have my Network / Interfaces file and my Postfix's Master.cf/Main.cf files setup correctly?
How can I setup this server to be an Outbound SMTP server and get it to use all 5 of the IP Addresses to send these e-mails quickly?
What can I use to check and ensure that this server is in fact sending out emails on all 5 IP
Addresses (I heard that there is a program named "Postal" that may help in determing this).
View 3 Replies
View Related
Mar 23, 2010
Like the title, that is my problem. I'm using cable modem with 3mbps. It is Linksys Docsis, wired networking. When I download a file using ubuntu 9.10, my latency time (ping time) sky rocketed to 2000ms average, while in XP none of this happens; I tried to download the same file from the same website. In ubuntu 9.10 my network setup will be, well... nothing. I'm using DHCP automatic detection. Same thing in XP.
I don't want to go back and forward using XP for the internet. Funny thing though, none of this happens while I first started ubuntu 9.10. I didn't configure anything with networking. It is the way it is from the beginning. The only thing I tried was ubuntuone. But that like months ago, and the problem I have with slow internet connection only appear this March.
View 9 Replies
View Related
Aug 11, 2010
I am using ubuntu 10.04 on an iMac 7.1. What do the following log entries mean? I recently had a "sbin/init infected" alarm with chkrootkit (or rkhunter, I forget which) and reinstalled, and I thought I was rid of the problem, whatever it was (could have been a kernel panic), but now the checksecurity setuid stuff reappeared (the checksecurity.log only appears in the log file viewer after resetting it with gconftool-2 --recursive-unset /apps/gnome-system-log, which seems suspicious; why is the log hidden by default?); also there are "outbound" messages that I don't understand. I have another ubuntu install on another Mac which seems to be unaffected (and also has checksecurity installed; I just ran it manually and also got setuid stuff, but there is no "outbound" and ufw.log is empty). I can't really think I have a rootkit (I don't notice any effects except these anomalous logfiles, and my browsing habits don't include sleazy websites). And what exactly are bound sockets? There is a lot of information about sockets on the net but it's all rather technical. I continue to look of course. I ran chkrootkit and rkhunter again, and they read clean (if I can trust them).
Is it possible that the trouble is related to the Mac's BIOS emulation? (Apple does not seem to take security very seriously; Snow Leopard does not even ask for a password for Software Update - I asked my premium reseller and he confirmed it. I should not be surprised to find out that the iMac's BIOS emulation is unsafe. I'll need to get a real computer). The MacBook Pro 5.1 has a newer firmware (for instance, it will boot ubuntu from external disks which the iMac will not), and as I said that install seems to be unaffected (The setuid stuff is probably normal, but I'm not sure the "outbound" messages are). I use grub legacy, which seems to install to the Mac's EFI partition as /dev/sda (GParted shows 18.1 MB of 200MB used on both computers with ubuntu on them, whereas an HFS+ disk without ubuntu, or with GRUB in a partition, will show 3.09 MB used).
Does it make sense to reconfigure checksecurity to check for setuid changes daily (change CHECK_WEEKLY="SETUID" in /etc/checksecurity.conf to CHECK_DAILY="SETUID")?
checksecurity.log:
messages (part):
There also was a lot of terminal output similar to the iMac's which I forgot to save, and when I ran checksecurity again it was blank. (Incidentally, the list of setuid programs on Mac OS is a lot longer)
View 3 Replies
View Related
Feb 12, 2010
I'm using wlan and I'm behind a NAT firewall. Downloading with BitTorrent can reach speeds of 1,5MB/s, but browsing is incredibly slow. Chromium/Firefox seems to hang forever on "connecting.." or "waiting for". Sometimes pressing the reload button will speed it up. I have two Ubuntu boxes and they are the same way.
I don't get it, if downloading is so fast, how can browsing be so slow. Yes I have disabled ipv6 in grub and in Firefox, don't know how to do it in Chromium. Have 64-bit Ubuntu. Cnet wlan card using rt61pci module.
View 9 Replies
View Related
Jul 30, 2010
I want to connect my laptop and desktop using ethernet cards and cross-over cable, but I don't konw how to properly configure such connection.
View 6 Replies
View Related
Jul 16, 2011
I'm using Vuze clients and torrents are very slow while in uTorrent under Windows 7 they're very fast. How can I fix it?
View 1 Replies
View Related
Jan 10, 2010
I've got a Laptop with wireless broadband connection which needs to be connected to a desktop machine so that the internet connection could be shared. Both has got Ubuntu 9.1. I don't have a router or a switch. I just need direct connection with a cross over cable.
View 5 Replies
View Related
May 26, 2009
My computer takes a while to connect to my Linksys N router.
It used to connect in a snap of your finger automatically.
Now it does not.
Yes I have tried manual configuration, and double checking the password, ssid, protocols, and security type.
WPA2 personal is the security type.
There are maybe 4 different ways I know how to connect. The most annoying thing is when this box pops up saying to type in a password for the network connection.. and keeps popping up even when everything is right.
All I need is a reliable, easy, and automatic program to connect me to the internet, maybe even before I log into my system.
Linux Ubuntu 8.04 LTS Desktop Edition is my system. Brilliant system.
View 4 Replies
View Related