Date: Thu, 20 Feb 2003 19:20:03 -0500 From: Bill Moran <wmoran@potentialtech.com> To: Joseph Noonan <jfn@msc.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Bizarre Networking Problem Message-ID: <3E5570B3.2090201@potentialtech.com> References: <27.39e39215.2b869c70@aol.com> <20030220155544.V84973@pcjfn.msc.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Joseph Noonan wrote: > I have a really weird networking issue on my firewall box. The > machine in question has an ethernet facing a cisco facing the > Internet and an ethernet facing the LAN plugged into a 3com > 100Mbit switch. My LAN has all of the servers and most of the > workstations sitting in the /24 that I've had for 10 years. Some > of the newer workstations are now sitting on a /24 that I got from > one of my providers when I filled up the old space. > > On xl0, the LAN ether, I simply added one of the new /24's to the > interface with an ifconfig -alias and thought everything was good. > And it was for users that only use the LAN for e-mail and www. > But when I added some users that started messing around with 25MB > pppts or 100MB .docs, the performance became pathetic, like in the > single or low double digit kbps. The very same computer, can > download a 100MB file from the 'net over a T1 faster than it can > get a 50MB file off of my Samba based BSD file server. If I > change the machines IP to one in the old /24 everything is fine > again. > > Now it gets really weird. Today, one of my associates was > investigating this problem and doing the experiments that document > the above facts on two different machine. He called me and told > me what he found. I logged into the firewall and started running > tcpdump against the one address and also looking at the firewall > logs to make sure I wasn't firewalling my own network. A few > minutes later one of the users afflicted by this issue called to > thank me for fixing the problem. I said eh? I haven't done > anything other than look at the problem and I'm stumped. He says > whatever, works great now! My associate confirmed this on another > machine. > > Well, it is true, I *did* do something: I put xl0 into promiscuous > mode. But why oh why is that fixing what should not even be a > problem to begin with? > > Any klews cheerfully accepted (including hitting me with a > clue-by-4 if I'm missing something obvious). Somewhat of a shot in the dark, but ... Is the routing possibly messed up such that an attempt to connect to the aliased IP is being routed through the machine to the other IP on the same interface? I don't see why this would cause such terrible performance, but it's the best guess I have with the information you provide. Perhaps some output form 'netstat -rn' and 'ifconfig' might provoke some more useful answers. -- Bill Moran Potential Technologies http://www.potentialtech.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3E5570B3.2090201>