[MAINT] Network Work on Code Sunday, Oct 1, 1-4pm EDT

AC gnucash at acarver.net
Fri Oct 6 12:02:31 EDT 2017 

Another shot in the dark:

I don't know how you scored an Arris modem with static IPs (I have the
annoying AT&T/2Wire HGV3801 for my statics) but I found that heavy
traffic filled the very small memory for the CONNTRACK connection
tracking table which would cause massive packet loss.  In the HGV, all
traffic goes through the CONNTRACK table as if it was NATted even though
I'm using a static public IP.  Traffic headed for the modem itself also
goes through the CONNTRACK table.  The CONNTRACK table is tiny, about
1024 entries maximum, and the state machine is fairly dumb, unable to
reuse connections and constantly adding to the table.  On top of all
that, the default TTL of the table is 24 hours.  Any heavy traffic in or
outbound will quickly fill the table.  I reduced that TTL to about one
hour (you'll have to fiddle with it to find the right number) and a lot
of mysterious drops went away.  No idea if the Arris has a similar issue
but it's a quick test.

On 2017-10-06 07:47, Derek Atkins wrote:
> Yes.  Replaced the cables.  Changed the ports on the switch..
> Only thing I haven't tried yet is replacing the network card.
> 
> -derek
> 
> On Fri, October 6, 2017 10:27 am, David Carlson wrote:
>> Derek,
>>
>> Did you try replacing the cable? Low hanging fruit...
>>
>> David C
>>
>> On Fri, Oct 6, 2017 at 8:39 AM, Derek Atkins <warlord at mit.edu> wrote:
>>
>>> David Carlson <david.carlson.417 at gmail.com> writes:
>>>
>>>> Derek,
>>>>
>>>> Is it possible to read event logs and determine that some pieces of
>>> equipment
>>>> are definitely not causing the problem?
>>>
>>> Well, if I unplug or otherwise disable the VM server then the problem
>>> goes away.  Similarly, if I shutdown two of the VMs (the two that
>>> generate the most traffic, by the way), the problem goes away.  I tried
>>> rebuilding one of the VMs and swapped over to that one (to test if,
>>> perhaps, the VM had been hacked)..  The problem did not go away.
>>>
>>> SO..  I have ordered a new network card for the server which should
>>> arrive tomorrow.  HOPEFULLY that will solve the problem.  We'll know
>>> soon.
>>>
>>>> David C
>>>
>>> -derek
>>>
>>> --
>>>        Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
>>>        Member, MIT Student Information Processing Board  (SIPB)
>>>        URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
>>>        warlord at MIT.EDU                        PGP key available
>>>
>>
> 
>

More information about the gnucash-user mailing list