Over the past week, I've been encountering slowdowns on my DSL connection. Normally, I can get 1.5Mbps download speeds, which is what I'm provisioned for and what the line is capable of. But over the past week or so, my top download speed has gradually fallen to around 300-500Kbps (1/5 to 1/3 of the usual bandwidth). It didn't seem to matter what protocol I was using at the time either.
So I did some testing. With the LinkSys router involved, I was seeing download rates of 300-500Kbps. But if I hooked a laptop directly to the DLS modem, I could get 1.5Mbps again. Ah ha! That shows clearly that the issue is not any sort of bandwidth shaping or traffic limiting by the ISP but rather something strange going on with my Linksys BEFW11S4 router.
Since the router is a few years old (circa 2001), it could simply be age related. Maybe a heatsink has come loose (making the CPU throttle back) or a capacitor has failed or something else.
Rather then adding a new hardware-based router to the mix, I decided to press my old VIA C3 box into service as the new firewall/NAT. It's something I had been considering doing for a while, but kept putting it off due to the complexities involved. Mostly, I worry about my misconfiguring the box, allowing it to get hacked and turned into someone else's playtoy.
It took me around 2 hours to configure Shorewall for Gentoo on my C3 box. So far it seems to be working fine and provides me with some new diagnostic tools (such as "nettop"). According to the ShieldsUp! portscan service, everything is stealthed except for the tcp/113 ident port which is simply closed.
Now I can go read up on my Linux security books and figure out if I want to continue using Shorewall or not.
Follow-up note: Unfortunately, I was never able to get PPTP pass-through working. I was trying to use Shorewall in a SOHO environment where I create a VPN connection from my laptop out through the Shorewall NAT to a PPTP VPN server on the public internet. But something in either the Linux kernel or the Shorewall / IPTables configuration is blocking all or some of the PPTP traffic. So I had to drop the Linksys hardware router back in so that I could get work done.
skip to main |
skip to sidebar
Posts
Posts
Copyright 2003-2010, Thomas G. Harold, All Rights Reserved
Random technical tidbits from around the web, or things that I've figured out along the way.
Search This Blog
Blog Archive
Subscribe To
Posts
Posts
Labels
2003
(14)
2004
(68)
2005
(50)
2006
(58)
2007
(23)
2008
(17)
2009
(27)
2010
(10)
2011
(10)
2012
(4)
2013
(10)
2014
(1)
2015
(24)
2016
(1)
3ware
(3)
ActiveDirectory
(2)
Angband
(1)
autofs
(2)
Backups
(15)
bash
(3)
Benchmarks
(7)
BIND9
(2)
BorgBackup
(4)
CentOS5
(22)
CentOS6
(2)
ClamAV
(1)
Code
(1)
CSS
(3)
Cygwin
(5)
DisasterRecovery
(4)
DIY
(1)
Dovecot
(4)
EMail
(3)
Encryption
(10)
ExQuilla
(1)
ext3
(2)
ext4
(2)
Firewalls
(9)
FRAPS
(1)
FreeNX
(5)
FSVS
(10)
Gentoo
(70)
Gigabyte-GA-6VA7+
(7)
Gnetoo
(1)
GNUParted
(1)
GnuPG
(4)
GRUB
(3)
Hardware
(6)
IMAP
(2)
IPSec
(2)
IPTables
(1)
iSCSI
(5)
iSCSITarget
(2)
jQuery
(1)
Linux
(13)
LUKS
(2)
LVM
(10)
Mint
(2)
MotorolaQ
(5)
MRTG
(1)
Nagios
(1)
NAT
(1)
News
(14)
NTFSClone
(2)
NTP
(4)
NX
(5)
Office365
(1)
OpenVPN
(1)
pfSense
(6)
Postfix
(2)
PostgreSQL
(7)
PPTP
(1)
Prices
(4)
Printing
(1)
PuTTY
(2)
RAID
(1)
Releases
(1)
RHEL5
(3)
RHEL6
(1)
RSync
(9)
Samba
(7)
SAN
(5)
SecureCRT
(2)
Security
(10)
SELinux
(9)
ServerAdministration
(5)
Shorewall
(1)
SmartPhones
(1)
SMTP
(2)
SNMP
(3)
SoftwareRAID
(30)
SPF
(2)
Squid
(3)
SSH
(13)
SSL
(3)
SubVersion
(12)
SVK
(1)
SystemAdministration
(3)
Thinkpad
(2)
Thunderbird
(3)
TrueCrypt
(4)
Ubuntu
(2)
UltraVNC
(1)
VBScript
(1)
VIAEPIA
(19)
Virtualization
(2)
VisualBasic
(3)
VLAN
(2)
VNC
(4)
VPN
(2)
WiFi
(1)
Win2000
(3)
Win2003
(6)
Win7
(2)
WindowsEFS
(2)
X11
(2)
Xen
(2)
No comments:
Post a Comment