DSL Internet sloooooow on 20-pc network w/Linux server
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
DSL Internet sloooooow on 20-pc network w/Linux server
Hello, I've done a search but cannot find a detailed solution.
My network is approximately 20 Windows XP Pro clients, one Win 98 "test box", a Mandrake 9.2 desktop and my Linux (Mandrake MultiNetwork Firewall) server (kernel 2.4.18-8). My clients are plugged into a switch, then plugged into eth0, and eth1 goes to a ADSL modem to the Internet. so all internet connection goes through the server.
The server is a router, firewall (iptables), gateway, proxy (squid), filter (squidGuard). The Internet connection is "connect on demand." It works fine but many times gets extremely slow and sometimes stops altogether.
My ISP (Bell) says that we are only using about 40% of our bandwidth. My users complain about speed and frequently get "the page cannot be displayed" errors in Internet Explorer.
If the Internet stops completely, I can get it back up by doing a hard reset of the modem, then rebooting the server (adsl-stop and adsl-start do not bring the connection back). This works anywhere from a few hours to a week.
If it's really slow, I can usually increase speed by messing with /etc/resolv.conf - my ISP uses dynamic IP's for its DNS servers, so I've "found" some static ones to use that seem to work quite well. I don't know how to set up dynamic DNS from Linux...
I don't know what the problem could be.. sometimes killing the proxy (squid) works, other times not; sometimes messing wtih DNS works, sometimes not... my ISP insists that our line is perfect and we aren't even using half our available bandwidth. My speed tests today said my Linux desktop was between 7 Kbps and 32 Kbps (www.numion.com/yourspeed) but sometimes i can get up to 400 Kbps.
I'd like to use a software like Ethereal or something to figure out what's going on, but I don't know how to use it, and I'm not sure if that's what I need.
avatar; recalling something read (reference) the speediest is the slowest
device in system. from all those (20) which is slowest, which will be as fast as
all will be able to send & recieve. workaround is place all devices with the same speed to attain maximum.
Distribution: Just about anything... so long as it is Debain based.
Posts: 297
Rep:
Speed of the network is in no way affected by the other clients. Speed is dependant upon the client and devices between that client and the Internet.
The issues are probably DNS related... I agree with that.
How do your clients get DNS? How does your router get DNS? Are you running a DNS server internally on your network? You say you are running squid, have you statically assigned your clients to use it as a proxy or are you using it as a transparent proxy?
If you have to physically reset your modem to get the connection back, does your modem do the PPPoE for you, or do you have to have your router/firewall device do that?
you may want to check the following
Hardware :
bad network device :
bad network NIC in your Linux router ( check by running bandwidth test of your ISP
by using your linux box. If you get good results then your Internet side NIC card is probably
ok.
Next test your bandwidth from the lan side; Run a speed test from a workstation . If you get good results then probably your switch, and LAN side NIC
are ok . If not check switch, and NICs
Check all cables to make sure they are in specs for the network your are running, and not draped over anything that places RFI/EMI on the cables . If you can ,do not mix cat3 and cat5 cabling. If you do make sure they pass for rated speed. You can run a speed test by downloading a file via internet exploder from a web server on your lan. It will give you stats
on the bandwidth your lan can handle after the download . If you are still getting slow connections check ALL
cable connections esp those running from the DSL modem to the Linux router and the router to the switch.
For the software side make sure of the following
1) your proxy server (if you are running one ) can access a STABLE DNS server to parse
DNS requests
workstation and server can do the same .
2) Your proxy server is configured properly (memory cache usage, HD usage .etc ) Squid is notorious for dying mysteriously if it does not have the resources to run. Sometimes it will die and
not restart.
3) that iptables or whatever firewall you are running is stable and you have enable the correct
rules (this is a general caveat)
Today, the speed was great. Last week, it was poor.
Extra info: the workstations are mostly public terminals, so when the clients complain about the Internet or if it's not working, I have to fix it as soon as possible. Sometimes I had to do some rather messy workarounds.
charon79m:
The clients have set the DNS to the router/server 192.168.1.1 - some clients were not able to connect to the Internet one day, so I manually put in the ISP or an Internet DNS server. The router (server) uses /etc/resolv.conf to get its DNS server addresses. (Which I sometimes have to mess about with).
Squid is set up as a transparent proxy server, and I also run squidGuard to block inappropriate content, so I know that squid hasn't died since squidGuard continuously works. Also sometimes I check it to make sure it's running OK. So far it has never died.
I don't know about the PPPoE... I use the ADSL-start command in the Linux computer's startup.The Internet interface is ppp0, if that helps...
pcdocms:
I will try your suggestions; by speed test, do you mean the one at www.numion.com/yourspeed?
check for spyware and P2P software (e.g. virtual bouncer , gator, kazaa are not running
on your public network. You may need to check the services that running are on your workstation
s
and server. Turn off all program on server and workstations you dont need.
avatar; U got it. fraid so, mfg to sell products boast on speed from there test labs data not with real-time speeds. not
only that but has to do with other devices interfaced with any communications will become resulting accurate speed preformance.
Today slow again. Many clients stopped. It seems to hang on the DNS lookups (my browser says "Resolving host..") Windows clients say "Page cannot be displayed". I can connect better by using the IP address in the browser. Pings return about 20=25% of packets.
I fixed the problem by rebooting modem, then server - twice each. Now the Internet seems fine again.
PCdocms wanted me to check my cable connections. This seems very logical however, would a bad cable possibly cause this intermittent problem?
Here's another (involved) question. Right now I have static DNS servers in my /etc/resolv.conf. This is probably contributing to my problem. I would like to get the DNS servers via DHCP from my ISP. How can I do this?
Well, right now, i am running a Gentoo box as a router. I am also using Bell Sympatico DSL. I have eth1 using DSL and eth0 for the computers on my network. I have it all tied togther with a cheap hub (not a router). For my clients, it's as easy as eth0=dhcp in /etc/conf.d/net and for the Sympatico part, i am letting the Sympatico end assign me my IP and the DNS settings. I have entered the DNS primary and secondary addresses in adsl-setup (other than just putting server) but whether i did that or not, either way, it was the same speed and stability. As for your question, if you put "server" as the option for DNS servers during the adsl-setup, that should do the dhcp automatically from Sympatico. Hoped that helped a bit. Other than that, i would suggest changing the Mandrake router to a Gentoo router. Why? Because i like Gentoo. Period. No special reason (other than the numerous ways you can configure and see what is happening behind the scenes).
avatar; it may but not likely(cable) but worth trying better/new cable. if it does
make difference then that may have been the problem. but if not its within config(w/linux). recheck them all.
Just a thought: How about setting up caching DNS on the gateway system and configuring your clients to use that (instead of the internet based DNS servers). If you're running 20 machines on a DSL connection, it seems to me that you should have at least 1 static IP address too - at the very least, the IPS's DNS servers have to have static IP addresses - you can't FDQN a nameserver without one. This also makes me wonder if you have more than 1 device on your network trying to do DHCP. Do you have any WAN hubs, routers or switches that are doing this? If so, I think you'd be better off setting them to "Access Point Mode" and doing DHCP from the Linux box. That will also allow you to do coherent iptables rules based on what network a device is on.
Something else, do you need to use squid? I notice you're using iptables already, if you're not needing to log where your clients are going, you should take a look at the IP Masquerading HOWTO - you can find it here -> http://www.ecst.csuchico.edu/~dranch...ux.html#ipmasq (for some reason tldp.org has been intermittent at best lately)
Also, if these client machines are being used by the public (or anyone who is not responsible for them) I would suggest you at the very least install and use Spybot Search & Destroy and Ad-Aware on each of the clients. Plus, if you're using iptables anyway, you might want to think about only allowing the client machines to get out on ports 80 and 443 (HTTP and HTTPS) or whatever other ports they actually need to have open. If one (or more) of them have a virus it could very well be the cause of your speed woes.
If you configure your system as above, your clients should get configured with no proxy server (The NAT is transparent). In Internet Explorer under Tools>Internet Options>Connections>LAN Settings everything should be unchecked.
One last suggestion: If you're running X on the gateway, get etherape (http://etherape.sourceforge.net, I guess - but I'm really not sure about that URL). It will allow you to see in real time the traffic that's going across your network. It doesn't do logging (at least, not that I've found), but it's great for troubleshooting.
Distribution: Just about anything... so long as it is Debain based.
Posts: 297
Rep:
The huge results you got for download are most likely the result of your cache server. To get true results you might want to clear your cache and try again.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.