Background:
For some time now, we have been having internet connectivity problems in our small office. We are a part of a Complex that hosts small businesses, and they provide us with internet connectivity as a part of the package. The net based work is at the core of our business, as it is with a second company in the Complex. We always have internet connection problems, as does the other company. But the Complex management doesnt believe there is a problem with the net connection because no one else complains. But the rest of the companies use the net for email, and thats about it. So they wont have any problems to the extent that we do. We spend our day using ssh, webdav, bittorrent, wgetting stuff, doing sftp uploads and playing the occasional game of WoW
. The rest of companies use the net to check their Hotmail and Yahoo account, and have never heard of Gmail.
Problem:
This place is one big Windows shop. When we complain, they blame the problem on Linux of course. We have frequent, but intermittent issues with slow connections, down connections and the like, to the point where we wish we had dial-up instead. They provide us with 3 ports and 4 static IP addresses on our own subnet (standard for each company in the Complex). We have one Linux box that we use as a router and feed all the other machines net connectivity from it over a switch. Configs at the end of this post. We have always started with troubleshooting that box. We have ran Debian on it, tried Smoothwall, switched out the network cards and even switched out the box and OS entirely. Its now a PowerPC box (Mac Performa 6400) running Ubuntu Warty. In all cases, the problems have persisted so we have abandoned the hardware/config theory. But we are still willing to concider it as we now want to be thorough.
What we want to do now:
We have two goals right now:
1. Double check to make sure our configs are correct and not the source of our woes
2. Provide solid proof that their is a problem with the net connection here by providing logs from a thorough analysis.
Goal 1:
To accomplish goal one, I have posted the relevant configs on our gateway/router box below. Please peruse this and let me know if you see any possible confilicts that may have been overlooked.
Goal 2:
For our second goal, I need suggestions on a network analysis/testing utility that we can setup to run tests and produce a report on netowork performance. Preferably one that provides a summary or trace of network performance over a few days.
Machine role
Router, gateway between internal and external network
DHCP Server
Serves between 8 - 10 machines daily
Hardware
Macintosh Performa 6400
56MB RAM
200MHz PowerPC 603e
2 PCI Network Cards
Relevant Software
Ubuntu Warty, server install with no GUI
Kernel version 2.6.8.1-3-powerpc
DHCP Server 2.0pl5
DHCP Config
Code:
subnet 192.168.0.0 netmask 255.255.255.0{
range 192.168.0.10 192.168.0.254;
default-lease-time 86400;
max-lease-time 31536000;
option routers 192.168.0.1;
option ip-forwarding off;
option broadcast-address 192.168.0.255;
option subnet-mask 255.255.255.0;
option domain-name "alteroo.lan";
option domain-name-servers 192.168.0.1;
}
Network card configs
Code:
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
address 127.0.0.1
netmask 255.0.0.0
broadcast 127.255.255.255
network 127.0.0.0
# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.0.1
netmask 255.255.255.0
broadcast 192.168.0.255
#external intefrace
auto eth1
iface eth1 inet static
address 192.168.255.181
netmask 255.255.255.248
broadcast 192.168.255.183
gateway 192.168.255.177
Routing table
Code:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.255.176 0.0.0.0 255.255.255.248 U 0 0 0 eth1
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 192.168.255.177 0.0.0.0 UG 0 0 0 eth1
Networking options
powermac@powermac:~ $ cat /etc/network/options
ip_forward=yes
spoofprotect=yes
syncookies=no
iptables config
Code:
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere state NEW
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Startup script
Code:
#!/bin/sh
#
# $Id: routing.init.d,v 0.0.0.2 2005/06/03 22:11:54 peloy Exp $
#
# Defaults
ETH_EXT="eth1"
# Reads config file (will override defaults above)
case "$1"
in
start ) echo -n "Setting up Routing "
echo 1 > /proc/sys/net/ipv4/ip_forward
sleep 2
if iptables --table nat -A POSTROUTING -o $ETH_EXT -j SNAT --to 192.168.255.181; then
echo "routing started"
else
echo "routing failed Restart manually"
fi
;;
stop ) echo -n "Stopping Routing"
echo 0 > /proc/sys/net/ipv4/ip_forward
iptables -D POSTROUTING 1
;;
restart | force-reload ) sleep 2
echo "Error in arguements"
;;
* ) echo "Usage: /etc/init.d/routing {start|stop}"
exit 1
;;
esac
exit 0
ifconfig dump
Code:
eth0 Link encap:Ethernet HWaddr 00:C0:95:F8:7E:7A
inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::2c0:95ff:fef8:7e7a/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1256624 errors:1 dropped:0 overruns:0 frame:0
TX packets:1213083 errors:19 dropped:0 overruns:0 carrier:10
collisions:169981 txqueuelen:1000
RX bytes:432102836 (412.0 MiB) TX bytes:885944264 (844.9 MiB)
Interrupt:23 Base address:0x800
eth1 Link encap:Ethernet HWaddr 00:08:A1:82:62:FC
inet addr:192.168.255.181 Bcast:192.168.255.183 Mask:255.255.255.248
inet6 addr: fe80::208:a1ff:fe82:62fc/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1262706 errors:3 dropped:0 overruns:0 frame:4
TX packets:68 errors:1258487 dropped:0 overruns:4 carrier:1258487
collisions:0 txqueuelen:1000
RX bytes:892632682 (851.2 MiB) TX bytes:5836 (5.6 KiB)
Interrupt:25 Base address:0x400
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:447 errors:0 dropped:0 overruns:0 frame:0
TX packets:447 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:61228 (59.7 KiB) TX bytes:61228 (59.7 KiB)
Let me know if there is any other relevant info that is needed that I may have missed. I'm trying to be as thorough as possible.
