ftp uploads very slow

Home Page Forums Network Management ZeroShell ftp uploads very slow

This topic contains 2 replies, has 1 voice, and was last updated by  Filippo 2 months, 1 week ago.

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • #64371

    Filippo
    Participant

    Hi,

    I’ve a working ZS router since a couple of weeks.
    I’ve noticed ftp uploads are very (very) slow from both pc behind ZS and ZS itself.
    ftp downloads instead are fast as they should be.
    I’m using passive mode for ftp transfers.

    a pc linked directly to the provider’s router uploads file at more than 2600kb/s. ZS (which is itself also directly linked to provider’s routers) and pc linked to ZS internal lan upload at 200kb/s.
    download speeds are almost 25Mbps from every host.

    ZS has 3 eth cards:
    ETH00 192.168.1.251/24: to the provider’s router
    ETH02 192.168.2.251/24: to another provider’s router
    ETH01 192.168.10.4/24: to the internal lan

    ETH02 is configured as ‘spare’ in load balancer (failover mode)
    ETH00 and ETH02 are ‘nat enabled interfaces’ while ETH01 and VPN99 are in the ‘available’ side.

    QOS is disabled
    VPN is disabled
    there is no rule configured in firewall panel
    proxy is disabled
    I can’t see any error logs from dmegs

    this is iptables –list
    root@zeroshell ~> iptables –list
    Chain INPUT (policy ACCEPT)
    target prot opt source destination
    SYS_GUI all — anywhere anywhere
    SYS_INPUT all — anywhere anywhere
    SYS_HTTPS tcp — anywhere anywhere tcp dpt:http
    SYS_HTTPS tcp — anywhere anywhere tcp dpt:https
    SYS_SSH tcp — anywhere anywhere tcp dpt:ssh

    Chain FORWARD (policy ACCEPT)
    target prot opt source destination

    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination
    SYS_OUTPUT all — anywhere anywhere

    Chain NetBalancer (0 references)
    target prot opt source destination

    Chain SYS_DNS (2 references)
    target prot opt source destination
    ACCEPT all — 10.0.0.0/8 anywhere
    ACCEPT all — 172.16.0.0/12 anywhere
    ACCEPT all — 192.168.0.0/16 anywhere
    ACCEPT all — 192.168.1.0/24 anywhere
    ACCEPT all — 192.168.10.0/24 anywhere
    ACCEPT all — 192.168.2.0/24 anywhere
    ACCEPT all — 192.168.250.0/24 anywhere
    DROP all — anywhere anywhere

    Chain SYS_GUI (1 references)
    target prot opt source destination
    ACCEPT tcp — savage.infotelsrl.local anywhere tcp dpt:12081

    Chain SYS_HTTPS (2 references)
    target prot opt source destination
    ACCEPT all — anywhere anywhere
    ACCEPT all — 10.0.0.0/8 anywhere
    ACCEPT all — 172.16.0.0/12 anywhere
    ACCEPT all — 192.168.0.0/16 anywhere
    ACCEPT all — 192.168.1.0/24 anywhere
    ACCEPT all — 192.168.10.0/24 anywhere
    ACCEPT all — 192.168.2.0/24 anywhere
    ACCEPT all — 192.168.250.0/24 anywhere
    DROP all — anywhere anywhere

    Chain SYS_INPUT (1 references)
    target prot opt source destination
    ACCEPT all — anywhere anywhere
    ACCEPT udp — anywhere anywhere udp spt:domain state ESTABLISHED
    ACCEPT tcp — anywhere anywhere tcp spt:domain state ESTABLISHED
    SYS_DNS udp — anywhere anywhere udp dpt:domain
    SYS_DNS tcp — anywhere anywhere tcp dpt:domain
    ACCEPT tcp — anywhere anywhere tcp spt:http state ESTABLISHED
    ACCEPT tcp — anywhere anywhere tcp spt:8245 state ESTABLISHED
    ACCEPT udp — anywhere anywhere udp spt:ntp state ESTABLISHED
    RETURN all — anywhere anywhere

    Chain SYS_OUTPUT (1 references)
    target prot opt source destination
    ACCEPT all — anywhere anywhere
    ACCEPT udp — anywhere anywhere udp dpt:domain
    ACCEPT tcp — anywhere anywhere tcp dpt:http
    ACCEPT tcp — anywhere anywhere tcp dpt:8245
    ACCEPT udp — anywhere anywhere udp dpt:ntp
    RETURN all — anywhere anywhere

    Chain SYS_SSH (1 references)
    target prot opt source destination
    ACCEPT all — anywhere anywhere
    ACCEPT all — 192.168.1.0/24 anywhere
    ACCEPT all — anywhere anywhere
    DROP all — anywhere anywhere
    root@zeroshell ~>

    this is lsmod
    root@zeroshell ~> lsmod
    Module Size Used by
    nf_conntrack_netlink 24891 0
    sch_htb 13205 0
    ipt_MASQUERADE 981 2
    nf_nat_masquerade_ipv4 1613 1 ipt_MASQUERADE
    xt_nat 1529 2
    xt_realm 871 2
    bonding 95999 0
    tun 16536 1
    iptable_nat 1431 1
    nf_nat_ipv4 4359 1 iptable_nat
    xt_mark 1021 7
    xt_conntrack 3001 11
    xt_connmark 1621 4
    iptable_mangle 1224 1
    xt_ndpi 452304 0
    br_netfilter 12211 0
    bridge 90528 1 br_netfilter
    stp 1337 1 bridge
    llc 3001 2 bridge,stp
    nf_nat_pptp 2010 0
    nf_nat_proto_gre 1081 1 nf_nat_pptp
    nf_nat_sip 7701 0
    nf_nat_ftp 1540 0
    nf_nat_h323 5295 0
    nf_nat 10000 8 nf_nat_masquerade_ipv4,xt_nat,nf_nat_ipv4,nf_nat_pptp,nf_nat_proto_gre,nf_nat_sip,nf_nat_ftp,nf_nat_h323
    nf_conntrack_tftp 3077 0
    nf_conntrack_pptp 3478 1 nf_nat_pptp
    nf_conntrack_proto_gre 3408 1 nf_conntrack_pptp
    nf_conntrack_irc 3103 0
    nf_conntrack_sip 18245 1 nf_nat_sip
    nf_conntrack_ftp 5531 1 nf_nat_ftp
    nf_conntrack_h323 38014 1 nf_nat_h323
    dummy 2423 0
    iptable_filter 1160 1
    ip_tables 9458 3 iptable_nat,iptable_mangle,iptable_filter
    8139too 16939 0
    8139cp 16614 0
    uio_pdrv_genirq 2870 0
    input_leds 2382 0
    mii 3635 2 8139too,8139cp
    i2c_piix4 8125 0
    8250_fintek 2182 0
    virtio_balloon 4497 0
    floppy 49758 0
    ehci_pci 3087 0
    virtio_pci 11574 0
    ehci_hcd 34596 1 ehci_pci
    uhci_hcd 19035 0
    root@zeroshell ~>

    root@zeroshell ~> ip route
    default via 192.168.1.1 dev ETH00 realm 101
    192.168.1.0/24 dev ETH00 proto kernel scope link src 192.168.1.251
    192.168.2.0/24 dev ETH02 proto kernel scope link src 192.168.2.251
    192.168.10.0/24 dev ETH01 proto kernel scope link src 192.168.10.4
    192.168.250.0/24 dev VPN99 proto kernel scope link src 192.168.250.254
    root@zeroshell ~>

    root@zeroshell ~> brctl show
    bridge name bridge id STP enabled interfaces
    DEFAULTBR 8000.000000000000 no
    root@zeroshell ~>

    root@zeroshell ~> ip a
    1: lo: <LOOPBACK,UP,10000> mtu 65536 qdisc noqueue qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
    valid_lft forever preferred_lft forever
    2: sit0@NONE: <NOARP> mtu 1480 qdisc noop qlen 1
    link/sit 0.0.0.0 brd 0.0.0.0
    3: ETH00: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 52:54:00:22:a7:b6 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.251/24 brd 192.168.1.255 scope global ETH00:00
    valid_lft forever preferred_lft forever
    inet6 fe80::5054:ff:fe22:a7b6/64 scope link
    valid_lft forever preferred_lft forever
    4: ETH01: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 52:54:00:47:5a:7d brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.4/24 brd 192.168.10.255 scope global ETH01:00
    valid_lft forever preferred_lft forever
    inet6 fe80::5054:ff:fe47:5a7d/64 scope link
    valid_lft forever preferred_lft forever
    5: ETH02: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 52:54:00:1b:fb:1b brd ff:ff:ff:ff:ff:ff
    inet 192.168.2.251/24 brd 192.168.2.255 scope global ETH02:00
    valid_lft forever preferred_lft forever
    inet6 fe80::5054:ff:fe1b:fb1b/64 scope link
    valid_lft forever preferred_lft forever
    6: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noqueue qlen 1000
    link/ether 1e:21:89:9e:30:69 brd ff:ff:ff:ff:ff:ff
    inet 192.168.141.142/24 brd 192.168.141.255 scope global dummy0
    valid_lft forever preferred_lft forever
    7: dummy1: <BROADCAST,NOARP,UP,10000> mtu 1500 qdisc noqueue qlen 1000
    link/ether da:a7:a8:4e:77:81 brd ff:ff:ff:ff:ff:ff
    inet 192.168.142.142/32 brd 192.168.142.255 scope global dummy1
    valid_lft forever preferred_lft forever
    inet6 fe80::d8a7:a8ff:fe4e:7781/64 scope link
    valid_lft forever preferred_lft forever
    8: DEFAULTBR: <BROADCAST,MULTICAST> mtu 1500 qdisc noop qlen 1000
    link/ether 76:c7:08:70:a4:49 brd ff:ff:ff:ff:ff:ff
    9: VPN99: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
    link/ether 0e:b5:5d:93:2c:b7 brd ff:ff:ff:ff:ff:ff
    inet 192.168.250.254/24 brd 192.168.250.255 scope global VPN99:00
    valid_lft forever preferred_lft forever
    10: bond0: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop qlen 1000
    link/ether 56:b4:7a:e8:c6:c2 brd ff:ff:ff:ff:ff:ff
    11: bond1: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop qlen 1000
    link/ether b2:3f:ca:10:65:cb brd ff:ff:ff:ff:ff:ff
    12: bond2: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop qlen 1000
    link/ether ca:f3:65:27:c1:d0 brd ff:ff:ff:ff:ff:ff
    13: bond3: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop qlen 1000
    link/ether a6:f6:da:18:62:c3 brd ff:ff:ff:ff:ff:ff
    14: bond4: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop qlen 1000
    link/ether 8a:c3:4c:b0:78:c2 brd ff:ff:ff:ff:ff:ff
    15: bond5: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop qlen 1000
    link/ether 92:d7:0b:0a:90:82 brd ff:ff:ff:ff:ff:ff
    16: bond6: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop qlen 1000
    link/ether 9a:29:f2:5b:e1:dc brd ff:ff:ff:ff:ff:ff
    17: bond7: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop qlen 1000
    link/ether aa:76:70:5a:d8:17 brd ff:ff:ff:ff:ff:ff
    18: bond8: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop qlen 1000
    link/ether be:d6:93:fc:71:e9 brd ff:ff:ff:ff:ff:ff
    19: bond9: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop qlen 1000
    link/ether aa:97:69:0d:df:77 brd ff:ff:ff:ff:ff:ff
    root@zeroshell ~>

    can you please give any support? (answers in italian are also fine 😉 )

    #64373

    Filippo
    Participant

    I think I’ve found where the problem is. The fact that I have poor performance also from inside the ZS host make me think that the problem is inside the vm configuration.
    Right now ZS is using the rtl8139 driver (kvm/libvirt) for the 3 nic. I’ve created another vm using virtio driver and attached to the provider’s router and I see no problems at all.
    I’ll try changing the driver for the ZS host too and I’ll confirm here if it works.

    #64379

    Filippo
    Participant

    I can confirm, after switching the vm’s network drivers to virtio, that all problems are gone.

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.