Connection Dropouts: HELP!

The network is the forum.

Moderators: Steel, notfred

Connection Dropouts: HELP!

Postposted on Thu Aug 19, 2010 8:59 pm

Here's the problem:
My internet service is 7Mbps/0.5Mbps (yes this is a problem, but not the one im talking about) from Time Warner. I have run several speed tests (speedtest.net) over the past few months and consistantly get 16Mbps/0.43Mbps at any time during the day. Download speeds are not a problem as I usually get over the service speed. The problem is with inconsistant browsing speed. At times pages will open within 1-2 seconds. Other times it will take 20-30 seconds and often time out. The problem will remain for 5-10 min and then seem to be working normally again for a short period. One quirk I noticed is that when I first turn on a computer, I can open a dozen tabs super fast, but then after the computer has been running for a few minutes the problem kicks in.

Here's the setup:
4 desktops (2 on Gbit with Win7, 2 on 100Mbit with XP)
1 laptop (wireless on Win7)
1 PS3 (wired)
1 Ipod Touch (wireless)
1 Network printer (wired)

The house is wired in every room with cat5e. Everything runs to a 48 port patch board in the basement. From there any connection that is being used is patched to a new 24 port Gbit Dlink switch. The switch is connected to a wired (only) Dlink router. The router is connected to a brand new cable modem from Time Warner. A linksys wireless access point is connected on the main floor.

I talked with Time Warner (all the way up to senior tech support dude) and they ran several tests and couldnt find anything unusual with the connection. Trying to keep me happy they gave me the new cable modem. The problem is consistant across all computer and all browsers. It was suggested to try using GoogleDNS or OpenDNS but the problem remains for both. Its not a firewall issue, I dont run any torrents or anything downloading in the background, and all the computers have up to date antivirus.

Am I missing something obvious here? I am out of ideas. Any suggestions?
tdsevern
Gerbil
 
Posts: 47
Joined: Fri Aug 14, 2009 9:42 pm
Location: WI

Re: Connection Dropouts: HELP!

Postposted on Fri Aug 20, 2010 8:32 am

When the problem hits, I suggest first looking at the modem lights and see if they are going nuts or not. If they are going nuts then it is some activity using up your bandwidth, possibly a virus. If the lights are just do the occasional flash as retrys are sent then bust out wireshark and see what is going on - whether it is DNS timing out or everything getting hit.
notfred
Grand Gerbil Poohbah
 
Posts: 3775
Joined: Tue Aug 10, 2004 10:10 am
Location: Ottawa, Canada

Re: Connection Dropouts: HELP!

Postposted on Sat Aug 21, 2010 9:00 pm

Well, the modem lights are about the same during the slowdown. If anything they are slower. Usually the "PC" light flashes constantly and the Send and Receive lights are about once or twice a second. The router lights on the other hand are going crazy (maybe 5/sec).

I installed wireshark (never used it before) and wasnt really sure what to look for.

Just a thought, what is the maximum number (if any) of devices the router can handle? Could it be the router is trying to log all the connections and just simply be overloaded? D-Link EBR-2310
tdsevern
Gerbil
 
Posts: 47
Joined: Fri Aug 14, 2009 9:42 pm
Location: WI

Re: Connection Dropouts: HELP!

Postposted on Sat Aug 21, 2010 9:19 pm

It's very likely that the router is the problem, especially with that many devices. According to SNB, only 32 simultaneous connections. I've run into similar issues with other routers and the symptoms are the same.
arsenhazzard
Gerbil First Class
 
Posts: 169
Joined: Thu Oct 18, 2007 4:30 pm

Re: Connection Dropouts: HELP!

Postposted on Sat Aug 21, 2010 9:37 pm

Im gonna pick up a D-Link DIR-655 on Monday and see if that changes things.
http://www.newegg.com/Product/Product.a ... 6833127215
tdsevern
Gerbil
 
Posts: 47
Joined: Fri Aug 14, 2009 9:42 pm
Location: WI

Re: Connection Dropouts: HELP!

Postposted on Sat Aug 21, 2010 9:53 pm

I've actually got a theory on this; I've had similar issues on my home network, and here's what I think is going on.

I suspect (but have not proven conclusively) that some routers get confused by the DNS Source Port Randomization feature which all major OSes rolled out since 2008, to defend against DNS Cache Poisoning attacks. The most visible symptom is very slow/erratic web browsing; it looks to me like DNS responses are randomly getting lost or delayed.

My evidence for this is somewhat circumstantial, but it is enough to convince me:

1) Only systems running newer OSes which have been kept current on their patches seem to be affected. Among the motley collection of PCs running here at my house I've got an older Win2K box, and an old Fedora Core 5 box, neither of which have been patched to implement DNS Source Port Randomization. These older systems are the only two which did *not* seem to be affected at all by this issue.

2) Linux systems seem to be more severely affected than Windows systems. (This is consistent with DNS issues, since Linux doesn't normally cache DNS responses locally, whereas Windows normally does. So Linux is making more DNS requests which need to go through the potentially problematic router.)

3) Setting up a local DNS proxy server, and pointing at that for DNS instead of directly at my ISP's DNS servers seems to help somewhat for the Linux systems, reducing the problem to about the level seen on the Windows boxes. (First access to a given site still stalls or times out sometimes, but after that it is smooth for a while... presumably until the entry expires out of the proxy's cache.)

4) Changing the network settings to go through a homebrewed Linux-based router instead of my Netgear WGR614 seems to completely fix the issue. (I've got multiple IPs from my ISP, so it is easy to flip back and forth between the two routers for direct comparison.)

My suggestion to you would be to see if there's a firmware upgrade available for your router. If there isn't one, or it doesn't seem to help, try a different router (or roll your own like I did).

Edit: Looks like you're already planning to try a new router. Good luck, and please let us know if it fixes the problem!
(this space intentionally left blank)
just brew it!
Administrator
Gold subscriber
 
 
Posts: 38121
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: Connection Dropouts: HELP!

Postposted on Sat Aug 21, 2010 11:08 pm

just brew it! wrote:I've actually got a theory on this; I've had similar issues on my home network, and here's what I think is going on.

I suspect (but have not proven conclusively) that some routers get confused by the DNS Source Port Randomization feature which all major OSes rolled out since 2008, to defend against DNS Cache Poisoning attacks. The most visible symptom is very slow/erratic web browsing; it looks to me like DNS responses are randomly getting lost or delayed.

My evidence for this is somewhat circumstantial, but it is enough to convince me:

1) Only systems running newer OSes which have been kept current on their patches seem to be affected. Among the motley collection of PCs running here at my house I've got an older Win2K box, and an old Fedora Core 5 box, neither of which have been patched to implement DNS Source Port Randomization. These older systems are the only two which did *not* seem to be affected at all by this issue.

2) Linux systems seem to be more severely affected than Windows systems. (This is consistent with DNS issues, since Linux doesn't normally cache DNS responses locally, whereas Windows normally does. So Linux is making more DNS requests which need to go through the potentially problematic router.)

3) Setting up a local DNS proxy server, and pointing at that for DNS instead of directly at my ISP's DNS servers seems to help somewhat for the Linux systems, reducing the problem to about the level seen on the Windows boxes. (First access to a given site still stalls or times out sometimes, but after that it is smooth for a while... presumably until the entry expires out of the proxy's cache.)

4) Changing the network settings to go through a homebrewed Linux-based router instead of my Netgear WGR614 seems to completely fix the issue. (I've got multiple IPs from my ISP, so it is easy to flip back and forth between the two routers for direct comparison.)

My suggestion to you would be to see if there's a firmware upgrade available for your router. If there isn't one, or it doesn't seem to help, try a different router (or roll your own like I did).

Edit: Looks like you're already planning to try a new router. Good luck, and please let us know if it fixes the problem!


FWIW, I do know that the WGR614 can't handle very many connections (from experience and further testing) and will exhibit the same problems you and the OP see.
arsenhazzard
Gerbil First Class
 
Posts: 169
Joined: Thu Oct 18, 2007 4:30 pm

Re: Connection Dropouts: HELP!

Postposted on Sun Aug 22, 2010 10:25 am

tdsevern wrote:I installed wireshark (never used it before) and wasnt really sure what to look for.
When you get the problem, start wireshark doing a capture and then stop it after about 5 seconds. Look through the capture file for things labelled as retransmissions and see what they are and what is going on between them - e.g. responses that it doesn't see so it resends.

From the description of the router lights going faster and the modem lights going slower, it could well be the router as suggested by the others.
notfred
Grand Gerbil Poohbah
 
Posts: 3775
Joined: Tue Aug 10, 2004 10:10 am
Location: Ottawa, Canada

Re: Connection Dropouts: HELP!

Postposted on Sun Aug 22, 2010 10:29 am

arsenhazzard wrote:FWIW, I do know that the WGR614 can't handle very many connections (from experience and further testing) and will exhibit the same problems you and the OP see.

Well, that would be #5 on my list of evidence then!

The follow-on to that thought would be that maybe port randomized DNS is severely affected because each time it switches to another port, it counts as another "connection" as far as the stupid router is concerned!

Edit: Something I've been planning for a while is to reconfigure the entire network so that it goes out through the Linux box instead, and use the Netgear only as a WiFi access point. I just need to get a DHCP server set up on the Linux box...
(this space intentionally left blank)
just brew it!
Administrator
Gold subscriber
 
 
Posts: 38121
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: Connection Dropouts: HELP!

Postposted on Sun Aug 22, 2010 1:04 pm

just brew it! wrote:Something I've been planning for a while is to reconfigure the entire network so that it goes out through the Linux box instead, and use the Netgear only as a WiFi access point. I just need to get a DHCP server set up on the Linux box...
That's what I run. I'm on Debian on the server so "apt-get install dhcp3-server" then edit the dhcpd.conf
Code: Select all
#
# Sample configuration file for ISC dhcpd for Debian
#
# $Id: dhcpd.conf,v 1.1.1.1 2002/05/21 00:07:44 peloy Exp $
#

# The ddns-updates-style parameter controls whether or not the server will
# attempt to do a DNS update when a lease is confirmed. We default to the
# behavior of the version 2 packages ('none', since DHCP v2 didn't
# have support for DDNS.)
ddns-update-style none;

# option definitions common to all supported networks...
#option domain-name "example.org";
#option domain-name-servers ns1.example.org, ns2.example.org;

default-lease-time 600;
max-lease-time 7200;

# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
authoritative;

option tcode code 101 = text;
option tcode "America/Toronto";
option domain-name-servers 206.191.0.140, 206.191.0.210;
option routers 192.168.1.254;
option ntp-servers 192.168.1.254;
next-server 192.168.1.254;
filename "PXEClient/pxelinux.0";
use-host-decl-names on;

subnet 192.168.1.0 netmask 255.255.255.0 {
  range 192.168.1.10 192.168.1.200;
}

host nick {
  hardware ethernet 00:1f:d0:5d:20:95;
  fixed-address 192.168.1.1;
  default-lease-time 60000;
  max-lease-time 72000;
}

host ann {
  hardware ethernet 00:17:31:83:a0:f4;
  fixed-address 192.168.1.2;
  default-lease-time 60000;
  max-lease-time 72000;
}

Also set up which interface to run on in /etc/default/dhcp3-server and make sure that interface is configured static and in the correct subnet with entries in /etc/network/interfaces
notfred
Grand Gerbil Poohbah
 
Posts: 3775
Joined: Tue Aug 10, 2004 10:10 am
Location: Ottawa, Canada

Re: Connection Dropouts: HELP!

Postposted on Mon Aug 23, 2010 11:05 pm

Well, I installed a D-Link Xtreme N Gigabit router (D-Link DIR-655 ) to replace my D-Link EBR-2310. Installed this morning and havent had the issue all day. Hopefully it is fixed. Ill try to post again in a week or so with an update.

Thanks for all the help.
tdsevern
Gerbil
 
Posts: 47
Joined: Fri Aug 14, 2009 9:42 pm
Location: WI

Re: Connection Dropouts: HELP!

Postposted on Mon Aug 23, 2010 11:10 pm

I've had a DIR-655 for a year and a half. It's worked well for me in that period.
i7-4770K, H70, Gryphon Z87, 16 GiB, R9-290, SSD, 2 HD, Blu-ray, SB ZX, TJ08-E, SS-660XP², 3007WFP+2001FP, RK-9000BR, MX518
JustAnEngineer
Gerbil God
Gold subscriber
 
 
Posts: 15600
Joined: Sat Jan 26, 2002 7:00 pm
Location: The Heart of Dixie

Re: Connection Dropouts: HELP!

Postposted on Mon Aug 30, 2010 9:48 am

Well, its been a week. After replacing my old router, I haven't had the problem since. Still getting 16Mbps/0.47Mbps which is great since I'm paying for 8/0.5. The problem must have been with maxing out the number of connections. Thanks for the help guys. :D
tdsevern
Gerbil
 
Posts: 47
Joined: Fri Aug 14, 2009 9:42 pm
Location: WI


Return to Networking

Who is online

Users browsing this forum: No registered users and 1 guest