[ previous ] [ next ] [ threads ]
 
 From:  Pierre-Yves Maunier <pierre dash yves at maunier dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] need help with retransmits and lost frames through m0n0 1.21
 Date:  Wed, 05 Apr 2006 09:51:26 +0200
Robert Rich wrote:
> Hi all!
>
> I'm getting ~125-250kbps between two 100Mbps ethernet interfaces on a m0n0 1.21 install i'm
working with.  The code running off of a bootable cd on a 800mhz dell workstation.  The LAN
interface is using the fxp driver (i'm not sure what kind of card exactly), and the DMZ interface is
using a netgear card (sis driver).  Both interfaces are attached to Cisco switching gear, the
internal to a Cat 5505, the DMZ to a Cat 2924xl, everything set to autonegotiate.
>
> I've disabled traffic shaper, checked the 'interface polling' box, looked for collisions or other
indications of duplex issues on the ethernet ports, and i haven't found anything.  I ran a capture
on both sides to compare packets of a file transfer, and i'm getting an enormous number of
retransmits on the 'DMZ' side...it looks like i'm somehow losing frames coming from the DMZ back to
the LAN (sis to fxp).  I have four cards total, and i notice the same performance issue coming from
another sis card back to the LAN.  This happens regardless of the system or OS used on either end of
the communication (RedHat, Debian, Win2k, XP, Solaris).
>
> Any hints/tips/suggestions would be appreciated!
>   
- Have a look to the CPU utilization graph while you're processing the 
transfert. Be sure that every packet is NOT logged (this may cause very 
very hard cpu work and make your transferts going slow).
- Have a look to the speed/negociation on to the switches (sh int status 
on the 2924 and sh port status on the 5505), be sure that the auto 
negociation was made in 100/Full.
- Try multiple transfert mode (scp, ftp, samba etc) to see if it's not a 
protocol/configuration problem
- backup your conf, try to do this kind of transfert with a clean config 
from scratch with only rules allowing that to see if you have a config 
problem now
- if above hints are ok, try anothers NICs :-)

> Bob
>
>   
Pierre-Yves