That's only a guess, though. To me more certain, I'd want to know a bit more about the tests, such as ...
1. Does physically disconnecting from the LAN the host that you forward port 25 to affect system performance? What about port 80 (if it is a different host)? Are you running any peer-to-peer apps that might be consuming a lot of bandwidth? (And BTW, how many hosts are on the LAN?)
2. You wrote that:
"Any" is one of those terms that sounds like is says more than it does. Put this way, it doesn't actually describe any test; instead, it offers your interpretation of an undescribed test. What was the actual test you did to reach this conclusion? Did you really test EVERY host you have (and how many is that?), each in its normal configuration? Or did you just test 3 or 4 different hosts?1) Any standalone machine, plugged directly into the ZyXEL cable modem and configured with the correct static IP address and netmask, gets full bandwidth and brisk ping times.
3. You wrote:
5) As soon as the 2nd NIC was working properly so that the box was actually acting as a router/firewall, the network bandwidth and pings went to hell.
... and ...
From these descriptions, I can't really tell if your test involved connecting the firewall to the LAN or not. My guess assumes that you are describing something that happens only when the LAN is actually connected to the firewall. If I'm wrong ... if you just mean that the 2 NICs are working, but the internal one is not physically connected to anything, then my guess is bad.It appears only to happen when there are actually two functioning NICs in the box and it is actually working as a router/firewall.
4. What traffic levels is the router reporting that it handles? (Calculate this by running "ip -s link" twice, a minute apart, and seeing how much the total traffic changes by. There may be better ways, but that is one that works reliably.) If my guess is right, the load will show as high on both interfaces. If it is high on the external interface only, then the problem is somewhere in the router's configuration ... might it be running some service you forgot to mention? Do the logs show any unusual pattersn of DENYs or REJECTs?
5. Finally, you wrote:
From this, I believe that you did nothing to the *router* that caused it. But what about the rest of the LAN? Did you make any changes on the mail server or the Web server?I want to emphasize that this problem started spontaneously
At 08:00 PM 11/20/02 -0800, James K. Wiggs wrote:
Folks, I apologize if this is a FAQ, but my net connection is so slow now that I can't effectively search the web for information. I have a Road Runner Commercial Cable account in the Tampa Bay area; I upgraded to the commercial in late September after having the residential service for about 2 years. For that entire time, I'd been using the same box as my firewall/router, a 486/66 w/32M and a pair of SMC Ultra NICs. The software was originally Eigerstein and later Dachstein and worked perfectly the entire time. So, about 2 weeks ago the network performance totally went to hell in a handbasket. Ping times, even to RR internal network machines, are now in the 1600-2000 ms time range. Packet loss is very high, bandwidth is almost nonexistent. In an effort to solve the problem, after RR had been out many times and made multiple hardware repair efforts, I upgraded the software to Bering RC4. The situation ias it stands, is this: 1) Any standalone machine, plugged directly into the ZyXEL cable modem and configured with the correct static IP address and netmask, gets full bandwidth and brisk ping times. 2) The original router/firewall gets miniscule bandwidth and slow pings, whether booted from Dachstein or Bering. 3) A different machine, configured with a 3Com 905TX and a NetGear FA311 and booted from Bering RC4, *also* gets lousy bandwidth and slow pings. 4) That machine, booted before the proper driver was installed to get the FA311 card working, got fast pings and good bandwidth (the 3Com is the external interface). 5) As soon as the 2nd NIC was working properly so that the box was actually acting as a router/firewall, the network bandwidth and pings went to hell. All of this suggests that the problem is in iptables or in Shorewall, but I can find no discussion of this problem in web searches or DejaNews. I have done little to this Bering configuration beyond configuring the static stuff in the networking setup. I did install ntpdate and opened up port 123 as a result. I've got the box acting as a DHCP server for the internal network and have opened up 67 & 68 internally for that. Ports 80, 25, and 22 are being forwarded to internal machines for web, email, and SSH access. Oh, yes: the dnscache package has been configured and the appropriate ports opened up internally and externally for that. The box is doing NAT for the entire internal network, of course. I can upload the iptables/shorewall setup if necessary, but this really is a fairly vanilla setup. Can anyone suggest what could be causing this problem? Is it a known problem with Bering or Shorewall? The net connection is slowing down so badly now that I have to cut this short. I want to emphasize that this problem started spontaneously and now persists regardless of whether I boot from the new Bering floppy or the old Dachstein floppy. It appears only to happen when there are actually two functioning NICs in the box and it is actually working as a router/firewall. There was a period of about 4 days, from last Thursday afternoon until Tuesday morning, when the old 486 box with the Bering floppy worked properly. I will try to follow up on this tomorrow from a faster access point.
-- -------------------------------------------"Never tell me the odds!"-------- Ray Olszewski -- Han Solo Palo Alto, California, USA [EMAIL PROTECTED] ------------------------------------------------------------------------------- ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
