[ previous ] [ next ] [ threads ]
 
 From:  "Jerome Keating" <jerome at keating dot net>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  question/problem - too many connections?
 Date:  Tue, 13 Mar 2007 20:35:25 -0400 
Hi there, I was wondering if anyone has had similar experiences and if you
can help.
 
My setup is pretty basic - two local networks, one for my family and one for
our tenants. The problem is that we loose internet connectivity sometimes -
the router still gets its IP address and DNS servers and everything appears
normal except that there's no response from websites. SOMETIMES I can access
a webpage by typing its IP address but this is not always the case.
 
After some searching and pulling out my hair, it seems the problem is that
one of our tenants on the other (OPT1) network is using some kind of bit
torrent software and it seems when he opens a large number of connections,
thats when our internet stops working.
 
I've done a few things to confirm this - resetting the cable modem gives us
access for a minute or two, and I watch the firewall table - as I see this
guys connections building up, our internet connection goes out. Then I reset
the firewall states and we have internet again, until he makes his hundreds
of connections again. Remember, they are on the OPT1 interface and I'm on
the LAN interface - they've managed to knock out the internet for everyone.
 
I've also tried disabling the OPT1 interface, cutting their network off
completely and it works like a charm. Now, my temporary solution is that
I've disabled the default firewall rule to allow outgoing connections from
their interface, and I've made rules to only allow common services like web
email, etc.
 
Obviously the ultimate solution is to talk to the guy and get him to stop
using the software or perhaps lower the number of connections etc. However,
I'm wondering if this could be a problem with the router. I've never had any
problems or glitches with this router in the past. 
 
I'd like to throw this out there - my service is Rogers (Toronto) and it's a
6MBit Business account with no caps, servers allowed etc. Do you think it's
likely that these cable providers are simply limiting the overall number of
connections that can be open in order to stop P2P traffic? 
 
Furthermore, I'd appreciate any advice in diagnosing the problem and
troubleshooting it - I don't know how to use certain advanced features with
m0n0wall - I didn't even know the status.php page existed until now! Anyway
it's unnerving to know that anyone on the other network has the ability to
cause an outage for everyone else. Any tips on how to protect our network
would be much appreciated.
 
I guess my next step is to call the cable company and question them about
it, and perhaps I'll try plugging in an old router to see if the problem is
related to my router or not.
 
Quick info about my setup (didnt want to post the whole status page)
- I don't use any advanced features - just some very basic traffic shaping
rules, some firewall rules, some static DHCP mappings, but for the most part
the settings are all default. Internet is cable 6M/800K dhcp. the system is
a pentium II or something - there's never more than 1% cpu usage and memory
is always around 12% used - it's on a 128MB CF, version 1.22.
 
Thanks for your help,
 
Jerome