Hi Ari, On 02/12/2013 12:54 AM, Ari Heitner wrote:
We are having a strange intermittent problem on a natting firewall that's [...] Symptom: seemingly randomly, up to a few times a day, the network connection just chokes for about 30 seconds. Pings and DNS still work ok, but http traffic and seemingly anything else TCP just stops. Wait a few seconds, and it starts again, processing the pending requests (i.e. the web page you were waiting for suddenly loads, without hitting refresh again) but playing havoc with voip phone calls. The behaviour seems to correlate with the network being busy, but generally the machine can handle throughput saturation with no problem, and does so regularly.
Just an idea: check the number of currently active NAT sessions. Maybe this hits a limit, some older sessions time out and everything works again.
My friend suggested a stress-test: making a vpn (pptp) to his network, and seeing if that makes the nat firewall box act up. Sure enough - make the connection, and start copying a file (at a very low throughput like 50 kB/s) and load the network a little bit, and it freezes. And when the vpn connection is active, even without doing anything, stuff starts getting weird - the machine sometimes stops accepting incoming connections on port 22, and logmein.com sessions in progress will fail.
Though I don't know how this fits in... Erik -- To unsubscribe from this list: send the line "unsubscribe lartc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
