|
Home > Archive > Linux Debian support > May 2006 > Strange Network Behaviour- Revisted
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Strange Network Behaviour- Revisted
|
|
|
|
Firstly, thanks to Bit Twister for the suggestions made in reply to my
original post, they've been very helpful.
Here's an overview of what's happening.
LAN -> switch-> linux gateway/router -> DMZ -> ADSL2-modem/router
Hosts on the lan sometimes cannot see the gateway and beyond.
I've set up two linux hosts on the lan to ping around every 5 seconds.
I've done the same in the dmz. The ping errors clearly point to the
gateway machine on the lan side.
Very intermittently, the gateway won't return a ping to the either of the
lan hosts. I've also been pinging from the gateway itself, to the lan.
Pings from the gateway to its own lan interface are okay, but not to hosts
on the lan. Pings between other hosts on the lan are fine. So I've
narrowed the problem down to between the gateway interface and the lan.
The problem would appear to be either the gateway pc, the switch between
the gateway and the lan, or the cable between the switch and the gateway.
The thing is, I've replaced all three and still have the problem.
So I'm starting to wonder if either the switch or the gateway can't handle
the bandwidth?
There's probably at most only six or seven hosts on the lan that would
access the internet or the mail server in the dmz. The gateway is a
pretty old pc, somewhere around 300MHz. The switch is a standard 10/100
24 port, but all the outside world traffic does go through the one port to
the gateway. I wouldn't have thought there would be a problem though.
I'm running out of ideas, thanks for any suggestions.
Dan
| |
| Bit Twister 2006-05-04, 7:12 am |
| On Thu, 04 May 2006 17:08:30 +0800, Dan N wrote:
> Here's an overview of what's happening.
>
> LAN -> switch-> linux gateway/router -> DMZ -> ADSL2-modem/router
>
> Hosts on the lan sometimes cannot see the gateway and beyond.
>
> I've set up two linux hosts on the lan to ping around every 5 seconds.
> I've done the same in the dmz. The ping errors clearly point to the
> gateway machine on the lan side.
>
> Very intermittently, the gateway won't return a ping to the either of the
> lan hosts. I've also been pinging from the gateway itself, to the lan.
> Pings from the gateway to its own lan interface are okay, but not to hosts
> on the lan. Pings between other hosts on the lan are fine. So I've
> narrowed the problem down to between the gateway interface and the lan.
>
> The problem would appear to be either the gateway pc, the switch between
> the gateway and the lan, or the cable between the switch and the gateway.
> The thing is, I've replaced all three and still have the problem.
If you do a /ifconfig lan_ethX_here/ you would see fault counts climb if
you have a gateway hardware problem (nic/cable for instance.)
> So I'm starting to wonder if either the switch or the gateway can't handle
> the bandwidth?
Two methods come to mind. Use crossover cable to rule out switch
and/or swap gateway box with fast lan box.
You might consider buying a crossover cable. It is useful for testing a
suspect system against a working system or when you do not wish to connect a
friends system to your lan but want to see what is comming from it.
Use crossover to hook a fast system to the gateway nic, create a script
which loops doing a ping -c 1 gateway_ip_addy_here and test for ping failure.
On the gateway the script pings the fast ip address.
On the fast box, you start running more and more scripts pinging the
gateway ip addy.
Once you have a feel for gateway max load, you remove the loopback cable,
insert the switch, and see if you can get back to the same load.
If you get the same results, add a system and see if scripts start
failing. I would expect some initial fails, maybe, but not sustained
unless a new system is hogging the connection to the internet for no reason.
Remember, Windows and/or AV software maybe call home for updates.
When you get two more system on the switch and load is
stable, make the two new system chat (ftp/pings) at each other to see
if extra work in the switch causes test load to start faililng.
It should not cause ping failures.
> There's probably at most only six or seven hosts on the lan that would
> access the internet or the mail server in the dmz. The gateway is a
> pretty old pc, somewhere around 300MHz. The switch is a standard 10/100
> 24 port, but all the outside world traffic does go through the one port to
> the gateway. I wouldn't have thought there would be a problem though.
For normal operation, I would have assumed the bottle neck of you
internet connection speed would cause all pcs to be idling waiting for
response back from web pages, mail servers, dns lookups,.....
Just for fun, you can change the test load script from using ip addresses
to using node names to see if dns affects total load.
| |
|
| On Thu, 04 May 2006 07:07:49 -0500, Bit Twister wrote:
> If you do a /ifconfig lan_ethX_here/ you would see fault counts climb if
> you have a gateway hardware problem (nic/cable for instance.)
I did that, everything looks fine.
>
> On the fast box, you start running more and more scripts pinging the
> gateway ip addy.
>
> Once you have a feel for gateway max load, you remove the loopback cable,
> insert the switch, and see if you can get back to the same load.
I would have thought it would take a lot of scripts running to start
causing failures. Care to hazard a guess as to how many?
> For normal operation, I would have assumed the bottle neck of you internet
> connection speed would cause all pcs to be idling waiting for response
> back from web pages, mail servers, dns lookups,.....
I would have thought so too, although it is adsl-2. There's a bit of
traffic to the mail server in the dmz as well.
Thanks for your suggestions.
Dan
| |
| Bit Twister 2006-05-04, 1:12 pm |
| On Thu, 04 May 2006 21:20:30 +0800, Dan N wrote:
> On Thu, 04 May 2006 07:07:49 -0500, Bit Twister wrote:
>
>
> I did that, everything looks fine.
So that rules out nic and cables.
>
> I would have thought it would take a lot of scripts running to start
> causing failures.
<grinn> yup.
> Care to hazard a guess as to how many?
Nope, you create another scipt with a _loop_ calling the ping script.
That way you can spin up a bunch pretty quick. Code with a command
argument and you can do bumps of whatever you like.
Here is a quick untested kludge called, say, loop_it
#*****************************
if [ $# -eq 0 ] ; then
_cnt=100
else
_cnt=$1
fi
while [ x -lt $_count ] ; do
$HOME/ping_fn_here
x=$(( $x + 1))
done
#*****************************
../loop_it
../loop_it 20
../loop_it 5
>
>
> I would have thought so too, although it is adsl-2. There's a bit of
> traffic to the mail server in the dmz as well.
Hmmm, why would there be a lot of mail from the lan to the dmz. 
| |
| iforone 2006-05-06, 7:11 pm |
| Bit Twister wrote:
>
> Hmmm, why would there be a lot of mail from the lan to the dmz.
Hi Bit Twister and Dan N;
just thought you should be aware of some "possible" other pertinent
info, that may help you guys diagnose the issue concerning Dan N's
problems (perhaps BT (and others) are already aware);
see in c.o.l.n;
http://tinyurl.com/h5fkh (direct google groups link)
or
MessageID : pan.2006.05.03.12.03.26.211030@localhost.localdomain
apologies if my info in that thread was not useful in any way...and I
sincerely hope you get all the kinks worked out. I'm just hanging back
and learning from the pros.
btw - i had to drop the c.o.l entry in the [TO:] header in this
"multi-newsgroup" posting, because google stinks.
Regards
| |
| Bit Twister 2006-05-06, 7:11 pm |
| On 6 May 2006 14:53:04 -0700, iforone wrote:
> Hi Bit Twister and Dan N;
> just thought you should be aware of some "possible" other pertinent
> info, that may help you guys diagnose the issue concerning Dan N's
> problems (perhaps BT (and others) are already aware);
>
> see in c.o.l.n;
> http://tinyurl.com/h5fkh (direct google groups link)
> or
> MessageID : pan.2006.05.03.12.03.26.211030@localhost.localdomain
>
> apologies if my info in that thread was not useful in any way...and I
If so it would help, not hinder.
That would free up packet band width when Windows gives up.
Dan has indicated the linux lan box looses ping packets on and off
between it and the gateway with no pattern seen so far. 
I hope Dan comes back with the solution.
|
|
|
|
|