Internet slow down related to the firewall

Les hlhowell at pacbell.net
Mon Aug 13 02:06:45 UTC 2007


On Mon, 2007-08-13 at 08:21 +1000, David Timms wrote:
> Les wrote:
> > On Mon, 2007-08-13 at 00:56 +1000, David Timms wrote:
> ...
> > Well, I'll be darned.  That did it that time.  I'm now getting
> > 
> > 1311Kb download and 403Kb upload.  Not great but beats the heck out of
> > 30k.
> > 
> >   I'll have to research this some more, now.  I still can't believe how
> > that could set the speed down to 3Kbs down and next to nothing up.
> > 
> > The peer2peer is for VR stuff (Croquet and SecondLife), and is needed to
> > affect anything like reasonable operation.
> Unfortunately, I don't know why the iptables firewall causes the slow 
> downs - perhaps if you tried just one or other of ipv6 or MTU, that will 
> narrow it down. Actually, it might be ipv6 - when you stop iptables, 
> were you doing service iptables stop, or using the iptables command 
> manually ? What I mean to ask is do you also stop ip6tables ?
> 
> I wouldn't have expected such a large change. However, there is a lot of 
> limited memory adsl/routers out there. If they fill their limited {eg 
> 500 connection} session table {stateful packet inspection}, then further 
> connections will be a problem. My old D-link was like this if a I ran 
> p2p for more than an hour or two. Rebooting the modem/router helped, but 
> causing my ISP to allocate a new IP address also worked.
> 
> DaveT.
> 
You may have hit it somehow, Dave, one of the things that the service
guy suggested was rebooting the router.  But that would mean it should
affect Windows as well I would think... But anyway, it seemed better for
a bit, then I did some browsing on the NASA website and it barfed again.
So I am back to firewall off.  MTU is set and the code for modprobe is
in place, but that didn't seem to help much.  The download went about 20
seconds before it barfed is about double what started me down this trip.

	I would have expected the mtu count to cause packet splitting and that
would have decreased the speed somewhat, but not by nearly 90%.  The
IPV6 stuff I know is still undergoing some birthing pains, so I might
see some sense from that affecting it periodically, but I thought
protocol called for fall back to IPV4 when it hit a snag.

I changed the cables both the local cable to the router and the phone
cable to the wall.  I reseated some boards, moved things around
physically, relocated supplies from one power strip to another all in
the name of seeing if I could make a change that might affect it due to
noise, but no joy there either.  I vacuumed the case and fans (even the
one on the processor) just to cover all bases.

	I tried running with the covers open, with them shut, with one open the
usual wave the hands for noise issues stuff, but no avail.

	When the firewall is turned off it flys.  When it is on it stalls.  I
feel like I've scratched all the usual fleas, but the itch is still
there, and it is associated with the firewall.

I looked at the gui, and the tables, at the files you guys suggested,
and looked at some files and stuff on the internet, but nothing seems to
quite apply to this case.  I'm truly puzzled.  Who does the support for
the firewall?  I don't see a name associated with the firewall.  Maybe
it is time for a bug report?

Regards,
Les H




More information about the users mailing list