On Friday 25 October 2002 17:38, Ken Price wrote:
> My colo provider provides IP addresses and expects routing much like a T-1
> data provider. I get 4-5 "WAN" IP addresses and 32 "PUBLIC ROUTABLE" IP
> addresses. Their enterprise router expects another router (customer
> provided) to handle this forwarding. In this role, I currently use a
> RedHat 7.3 box with 2 NICs, simply with IP forwarding enabled. No special
> rules or shaping. Straight forward enough, and it's always worked without
> a hitch. Behind this router, I have another RedHat box acting as a NAT
> Firewall which protects my server farm. Now my problem. We've recently
> developed an application that makes outgoing requests to other websites and
> returns data. I'm noticing a serious lag in the amount of time it takes for
> this data to return to the server vs. our development environment in the
> office which uses a much slower internet link.
>
> If I test from the production RH7.3 "router", all data is returned
> extremely fast. If I step back to the NAT firewall, or further back into
> the server farm, I get serious delays. ICMP does not seem to reflect this
> problem, I'm assuming because of it's small packet size. Could MTU size be
> an issue here? All of my firewalls and routers use the default 1500 MTU
> size and the network is all 100Mbps up to the OC-48 internet backbone. Am
> I missing some router configuration? I've tried adjusting the MTU size on
> the router with no change in results.
>
> Any suggestions on where to go with this?
If I have a tcp delay, I always check the dns config. In many cases, there is
no reverse dns lookup of the ip-address so the other hosts waits for the
dns-timeout before allowing the connection. So, has your ip-address a
reverse dns entry?
Stef
--
stef.coene@docum.org
"Using Linux as bandwidth manager"
http://www.docum.org/
#lartc @ irc.oftc.net
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
