Bart Schaefer wrote:
>
> On 9/10/07, John R Pierce <[EMAIL PROTECTED]> wrote:
> > wireshark can process and display packet capture files from
> tcpdump -w
> >
> > capture a few megabytes of packets on the appropriate
> interface of the
> > firewall, then transfer them to a workstation with
> Wi
Bart Schaefer napsal(a):
> We're having a spike right now. Doesn't look much different, though:
>
> # wc -l /proc/net/ip_conntrack
> 17141 /proc/net/ip_conntrack
> # fgrep -cv UNRE /proc/net/ip_conntrack
> 1310
What are the upstream link parameters (type, up, down, ...), what's the
ping on gat
Scripting in sed for 20+ years? Masochist! :-)
Geoff
Sent from my BlackBerry wireless handheld.
-Original Message-
From: "Bart Schaefer" <[EMAIL PROTECTED]>
Date: Mon, 10 Sep 2007 20:48:21
To:"CentOS mailing list"
Subject: Re: [CentOS] Performance of Cent
On 9/10/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> If you feel like learning sed ;)
I suspect I've been scripting sed since you were about 7 years old.
:-) I don't think even recent GNU sed is going to handle tcpdump
output very well.
___
CentOS
on, 10 Sep 2007 19:26:51
To:"CentOS mailing list"
Subject: Re: [CentOS] Performance of CentOS as a NAT gateway
On 9/10/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> How about putting the file contents on pastebin and posting the link?
Unfortunately there's customer
On 9/10/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> How about putting the file contents on pastebin and posting the link?
Unfortunately there's customer data in there that I'm not at liberty
to make public.
___
CentOS mailing list
CentOS@centos.or
How about putting the file contents on pastebin and posting the link?
Geoff
Sent from my BlackBerry wireless handheld.
-Original Message-
From: "Bart Schaefer" <[EMAIL PROTECTED]>
Date: Mon, 10 Sep 2007 18:31:31
To:"CentOS mailing list"
Subject: Re: [CentOS]
On 9/10/07, John R Pierce <[EMAIL PROTECTED]> wrote:
> wireshark can process and display packet capture files from tcpdump -w
>
> capture a few megabytes of packets on the appropriate interface of the
> firewall, then transfer them to a workstation with Wireshark for analysis.
OK, I've got some ou
Bart Schaefer wrote:
On 9/10/07, Bart Schaefer <[EMAIL PROTECTED]> wrote:
On 9/10/07, Guy Boisvert <[EMAIL PROTECTED]> wrote:
On top of that, i'd say that a PC, with whatever processor you could
put, is able to service a certain amount of interrupts / second.
# cat /proc/interru
On 9/10/07, Bart Schaefer <[EMAIL PROTECTED]> wrote:
> On 9/10/07, Guy Boisvert <[EMAIL PROTECTED]> wrote:
> > On top of that, i'd say that a PC, with whatever processor you could
> > put, is able to service a certain amount of interrupts / second.
>
> # cat /proc/interrupts
Ok, so obviously just
ntOS mailing list"
Subject: RE: [CentOS] Performance of CentOS as a NAT gateway
Bart Schaefer wrote:
>
> On 9/9/07, Barry Brimer <[EMAIL PROTECTED]> wrote:
> > Maybe it is time for some kernel networking tuning.
>
> After doing a bit of research:
>
> http:/
Bart Schaefer wrote:
Or are you saying that LAN-to-LAN traffic maxs out at 10Mbps, it is
a little vague.
LAN-to-gateway traffic (e.g., a test FTP of a large file from the
gateway to a machine on one of the LANs) begins to degrade as the
LAN-to-internet traffic increases. That's not surprising
Bart Schaefer wrote:
>
> On 9/9/07, Barry Brimer <[EMAIL PROTECTED]> wrote:
> > Maybe it is time for some kernel networking tuning.
>
> After doing a bit of research:
>
> http://www.acc.umu.se/~maswan/linux-netperf.txt
> http://wwwx.cs.unc.edu/~sparkst/howto/network_tuning.php
> http://proj.sune
On 9/9/07, Barry Brimer <[EMAIL PROTECTED]> wrote:
> Maybe it is time for some kernel networking tuning.
After doing a bit of research:
http://www.acc.umu.se/~maswan/linux-netperf.txt
http://wwwx.cs.unc.edu/~sparkst/howto/network_tuning.php
http://proj.sunet.se/E2E/tcptune.html
http://www.linuxgu
http://www.vyatta.com/download/ - runs on plain old PC hardware and
it's touted as being a Cisco beater.
--
Toby Bluhm
Midwest Instruments Inc.
30825 Aurora Road Suite 100
Solon Ohio 44139
440-424-2250
___
CentOS mailing list
CentOS@centos.org
htt
On 9/10/07, Guy Boisvert <[EMAIL PROTECTED]> wrote:
> On top of that, i'd say that a PC, with whatever processor you could
> put, is able to service a certain amount of interrupts / second.
# cat /proc/interrupts
CPU0 CPU1
0: 35564628 1398173774IO-APIC-edge timer
1:
Guy Boisvert wrote:
>
> On top of that, i'd say that a PC, with whatever processor you could
> put, is able to service a certain amount of interrupts / second.
[Snip...]
> Somebody mentioned pfSense. I use it and there is an option that can
> boost the performance: Using device polling instead
Bart Schaefer wrote:
> On 9/9/07, David Hrbác( <[EMAIL PROTECTED]> wrote:
>> how many connections are on the router (/proc/net/ip_conntrack) ?
>
> This is way off-peak time for us (middle of Sunday night PDT) so I
> suspect looking at this right now is not very useful, but:
>
> # cat /proc/net/ip
On 9/9/07, David Hrbác( <[EMAIL PROTECTED]> wrote:
> Bart Schaefer napsal(a):
> > This is way off-peak time for us (middle of Sunday night PDT) so I
> > suspect looking at this right now is not very useful, but:
>
> Please do report during peak and net issue time.
We're having a spike right now.
Bart Schaefer napsal(a):
> This is way off-peak time for us (middle of Sunday night PDT) so I
> suspect looking at this right now is not very useful, but:
Well, it's really way-off now. I dare to say it's conntrack anyway. If
there are client behind NAT using P2P... then 1 client can have
thousand
On 9/9/07, David Hrbác( <[EMAIL PROTECTED]> wrote:
> how many connections are on the router (/proc/net/ip_conntrack) ?
This is way off-peak time for us (middle of Sunday night PDT) so I
suspect looking at this right now is not very useful, but:
# cat /proc/net/ip_conntrack | wc -l
15140
# cat /
Bart Schaefer napsal(a):
> I can't find any recent statistics for Linux NAT performance, but the
> older stuff I can find (e.g. 50k packets/sec for a P3-450Mhz) seems to
> indicate that the gateway should easily be up to the task of handling
> the NAT traffic. Am I wrong about this? Is there any
You has said that box makes only routing functions, so... it's not a
CentOS related item, but maybe you should to consider to purchase and
learn to manage a pfSense appliance[1]. It's simply wonderful.
http://www.pfsense.com/
--
Thanks,
Jordi Espasa Clofent
On 9/9/07, Barry Brimer <[EMAIL PROTECTED]> wrote:
> Maybe it is time for some kernel networking tuning.
>
> Add the following lines to /etc/sysctl.conf
Thanks, will try. Question: Why does ip_local_port_range matter?
___
CentOS mailing list
CentOS@cen
LAN-to-gateway traffic (e.g., a test FTP of a large file from the
gateway to a machine on one of the LANs) begins to degrade as the
LAN-to-internet traffic increases. That's not surprising, but it
degrades disproportionately, i.e. when the FTP begins to show
intermittent stalls, the total traffic
Bart Schaefer wrote:
>
> On 9/9/07, Barry Brimer <[EMAIL PROTECTED]> wrote:
>
> > What is the speed of the link between you and the ISP?
>
> 100Mb/s.
>
> > Do they have other customer sites that are set up the same
> way as yours
> > that get significantly better performance?
>
> They don't h
On 9/9/07, Barry Brimer <[EMAIL PROTECTED]> wrote:
> What is the speed of the link between you and the ISP?
100Mb/s.
> Do they have other customer sites that are set up the same way as yours
> that get significantly better performance?
They don't have any other sites set up this way to compare.
On 9/8/07, Ross S. W. Walker <[EMAIL PROTECTED]> wrote:
> Has the Internet interface reached it's max capacity?
No.
> Or are you saying that LAN-to-LAN traffic maxs out at 10Mbps, it is
> a little vague.
LAN-to-gateway traffic (e.g., a test FTP of a large file from the
gateway to a machine on o
The other side is a high-end Cisco router managed by our ISP. Its
their router statistics that tell us we're peaking at just over 10Mb/s
coming out of the gateway box. That was where we first assumed the
problem must be, so we've been working with them on this problem for
some while now and have
On 9/9/07, Robert - elists <[EMAIL PROTECTED]> wrote:
> What switch is it?
LinkSys Etherfast, a couple of years old now (I'd have to go to our
colocation site to look in the cabinet to get the exact model). it's
a plain dumb switch, no management interface.
> Evidentally, there much be a switch
>
> We have a single 3GHz P4 box w/2GB RAM running CentOS 3.8, acting as a
> gateway, which serves multiple IP address, having one virtual
> interface for each IP, e.g., eth0:1, eth0:2, etc. These
> interfaces/IPs are on the public internet. Each of these IP addresses
> is the NAT address for a
Bart Schaefer wrote:
> On 9/8/07, Barry Brimer <[EMAIL PROTECTED]> wrote:
>
>> Have you checked speed and duplex settings?
>>
>
> All NICs on all machines involved report exactly the same:
>
> negotiated 100baseTx-FD flow-control, link ok
>
> We've also checked ifconfig on all interfaces,
Bart Schaefer wrote:
>
> We have a single 3GHz P4 box w/2GB RAM running CentOS 3.8, acting as a
> gateway, which serves multiple IP address, having one virtual
> interface for each IP, e.g., eth0:1, eth0:2, etc. These
> interfaces/IPs are on the public internet. Each of these IP addresses
> is t
All NICs on all machines involved report exactly the same:
negotiated 100baseTx-FD flow-control, link ok
We've also checked ifconfig on all interfaces, and no errors, dropped
packets, overruns, nor collisions have been recorded.
Great! Is your upstream device also able to talk at 100 Mb/s?
On 9/8/07, Barry Brimer <[EMAIL PROTECTED]> wrote:
>
> Have you checked speed and duplex settings?
All NICs on all machines involved report exactly the same:
negotiated 100baseTx-FD flow-control, link ok
We've also checked ifconfig on all interfaces, and no errors, dropped
packets, overruns, n
On Sat, 8 Sep 2007, Bart Schaefer wrote:
We have a single 3GHz P4 box w/2GB RAM running CentOS 3.8, acting as a
gateway, which serves multiple IP address, having one virtual
interface for each IP, e.g., eth0:1, eth0:2, etc. These
interfaces/IPs are on the public internet. Each of these IP ad
We have a single 3GHz P4 box w/2GB RAM running CentOS 3.8, acting as a
gateway, which serves multiple IP address, having one virtual
interface for each IP, e.g., eth0:1, eth0:2, etc. These
interfaces/IPs are on the public internet. Each of these IP addresses
is the NAT address for a different sma
37 matches
Mail list logo
