Search Results

Search found 3691 results on 148 pages for 'perfect forwarding'.

Page 3/148 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Linux Kernel Packet Forwarding Performance

    - by Bob Somers
    I've been using a Linux box as a router for some time now. Nothing too fancy, just enabling forwarding in the kernel, turning on masquerading, and setting up iptables to poke a few holes in the firewall. Recently a friend of mine pointed out a performance problem. Single TCP connections seem to experience very poor performance. You have to open multiple parallel TCP connections to get decent speed. For example, I have a 10 Mbit internet connection. When I download a file from a known-fast source using something like the DownThemAll! extension for Firefox (which opens multiple parallel TCP connections) I can get it to max out my downstream bandwidth at around 1 MB/s. However, when I download the same file using the built-in download manager in Firefox (uses only a single TCP connection) it starts fast and the speed tanks until it tops out around 100 KB/s to 350 KB/s. I've checked the internal network and it doesn't seem to have any problems. Everything goes through a 100 Mbit switch. I've also run iperf both internally (from the router to my desktop) and externally (from my desktop to a Linux box I own out on the net) and haven't seen any problems. It tops out around 1 MB/s like it should. Speedtest.net also reports 10 Mbits speeds. The load on the Linux machine is around 0.00, 0.00, 0.00 all the time, and it's got plenty of free RAM. It's an older laptop with a Pentium M 1.6 GHz processor and 1 GB of RAM. The internal network is connected to the built in Intel NIC and the cable modem is connected to a Netgear FA511 32-bit PCMCIA network card. I think the problem is with the packet forwarding in the router, but I honestly am not sure where the problem could be. Is there anything that would substantially slow down a single TCP stream?

    Read the article

  • OpenWRT + OpenVPN client forwarding from lan to vpn not working

    - by Dariusz Górecki
    I've OpenWRT router with Backfire 10.03.1-rc3 (arch:brcm 2.6 kernel) I've set up an OpenVPN client connecting my router with workplace lan, and it works nicely, I can connect from router to networks (several) in workplace. My OpenVPN client uci-config looks like: config 'openvpn' 'stream_client' option 'nobind' '1' option 'float' '1' option 'client' '1' option 'reneg_sec' '0' option 'management' '127.0.0.1 31194' option 'explicit_exit_notify' '1' option 'verb' '3' option 'persist_tun' '1' option 'persist_key' '1' list 'remote' 'remote.address.cutted' option 'ca' '/lib/uci/upload/cbid.openvpn.stream_client.ca' option 'key' '/lib/uci/upload/cbid.openvpn.stream_client.key' option 'cert' '/lib/uci/upload/cbid.openvpn.stream_client.cert' option 'enable' '1' option 'dev' 'tun1' I've set the 'STREAM_VPN' Zone to allow in/out traffic, and I've added rules for zone-to-zone lan<-vpn and vpn<-lan config 'zone' option 'name' 'stream_vpn' option 'network' 'stream_vpn' option 'input' 'ACCEPT' option 'output' 'ACCEPT' option 'forward' 'REJECT' config 'forwarding' option 'src' 'lan' option 'dest' 'stream_vpn' config 'forwarding' option 'src' 'stream_vpn' option 'dest' 'lan' And interface config: config 'interface' 'stream_vpn' option 'proto' 'none' option 'ifname' 'tun1' option 'defaultroute' '0' option 'peerdns' '0' Now, from my router everything works nicely, the problem is that I cannot connect from computer inside a lan to hosts in networks provided by vpn connection :/ What I've missed, or what I'm doing wrong? And how can I force using specified DNS when connected to vpn? (I know that sever should use PUSH DNS option, but is PUSHes only routes)

    Read the article

  • Virtualbox port forwarding with iptables

    - by jverdeyen
    I'm using a virtualmachine (virtualbox) as mailserver. The host is an Ubuntu 12.04 and the guest is an Ubuntu 10.04 system. At first I forwarded port 25 to 2550 on the host and added a port forward rule in VirtualBox from 2550 to 25 on the guest. This works for all ports needed for the mailserver. The guest has a host only connection and a NAT (with the port-forwarding). My mailserver was receiving and sending mail properly. But all connections are comming from the virtualbox internal ip, so every host connection is allowed, and that's not what I want. So.. I'm trying to skip the VirtualBox forwarding part and just forward port 25 to my host only ip of the guest system. I used these rules: iptables -F iptables -P INPUT ACCEPT iptables -P OUTPUT ACCEPT iptables -P FORWARD ACCEPT iptables -t nat -P PREROUTING ACCEPT iptables -t nat -P POSTROUTING ACCEPT iptables -A INPUT --protocol tcp --dport 25 -j ACCEPT iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -s 192.168.99.0/24 -i vboxnet0 -j ACCEPT echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A PREROUTING -p tcp -i eth0 -d xxx.host.ip.xxx --dport 25 -j DNAT --to 192.168.99.105:25 iptables -A FORWARD -s 192.168.99.0/24 -i vboxnet0 -p tcp --dport 25 -j ACCEPT iptables -t nat -A POSTROUTING -s 192.168.99.0 -o eth0 -j MASQUERADE iptables -L -n But after these changes I still can't connect with a simple telnet. (Which was possible with my first solution). The guest machine doesn't have any firewall. I only have one network interface on the host (eth0) and a host interface (vboxnet0). Any suggestions? Or should I go back to my old solution (which I don't really like). Edit: bridge mode isn't an option, I have only on IP available for the moment. Thanks!

    Read the article

  • Port forwarding with multiple IP's

    - by Jon
    I work at a company which uses a Fortigate 60 router, something I'm not really familiar with. Everything worked fine with it until a week ago when Comcast came in and replaced our modem. It seemed as though the process went smoothly - our connection came back up and our static IP remained the same. However, none of our port forwarding is working. What has me confused is the Comcast modem apparently has two IP addresses. The WAN2 interface for it in the Fortigate router is set to 10.1.10.10. However, all of our port forwarding settings are set to an external IP address of 10.1.10.50. Now this setup used to work fine, so something with the Comcast modem must have changed. How can I find out what? I tried setting a computer to a local IP of 10.1.10.15 so I could open up the web interface for the modem, but I can't even ping 10.1.10.10 when I do that. Any ideas? Thanks!

    Read the article

  • Doing port forwarding and then using it from within the internal network

    - by Ram Rachum
    We all know that by doing port forwarding on the router, computers from outside the network are able, on the specified ports, to access internal computers by targeting the external IP. I'm now replacing a TP-Link router with a D-link VDSL N 6740U router, (and copied over all the settings,) and I've noticed that one thing stopped working: With the TP-link router, you could access those port-forwarded computers from within the network, using the external IP, and they would be forwarded to the relevant computers. With the new D-Link router, it doesn't work. You might be wondering, why would you want to use the external IP and port forwarding when you're inside the internal network anyway and can just access the internal IP? One example for why this is useful: You have an iPhone app that connects to a service on an internal computer. The iPhone app knows to connect to the external IP. When we put that iPhone inside the internal network (via WiFi), it suddenly stops working, because it can't access the service from the external IP anymore. Is it an inherent property of D-Link routers that they do not allow accessing internal servers from inside the network by targeting the external IP? Or is there a way to make it work?

    Read the article

  • creating email forwarding accounts on the fly using

    - by Phil Jackson
    I've recently asked a question on Stack Overflow; http://stackoverflow.com/questions/2637137/creating-email-forwarding-accounts-on-the-fly-using-php and was I would find the solution here. first instruction was: Ask on the serverfault what operations you have have to perform. what config file to edit or something. Any help would be much appreciated. regards, phil

    Read the article

  • Port forwarding 443 doesn't work

    - by Interstellar_Coder
    So i'm hosting my own svn server and also have wamp running on the same machine. I have forwarded port 443 which the svn server is listening on. I can't seem to login when i simply forward the port, if i make the server a DMZ host then i can log in via https://mydomain.com, but i can't seem to figure out why simply forwarding port 443 doesn't work. Any ideas ? I checked online and it shows that port as stealth.

    Read the article

  • Port forwarding to asp.net development server

    - by ile
    I have configured my router so that I can access my localhost from internet. But I can't manage to port forward it to asp.net development server. In router's port forwarding I did the same thing as for the localhost but only changed port number so that it is the same as the one that is assigned to my application, but this doesn't work. Any idea how to get it work? Thanks in advance, Ile

    Read the article

  • Forwarding RDP via a Linux machine using iptables: Not working

    - by Nimmy Lebby
    I have a Linux machine and a Windows machine behind a router that implements NAT (the diagram might be overkill, but was fun to make): I am forwarding RDP port (3389) on the router to the Linux machine because I want to audit RDP connections. For the Linux machine to forward RDP traffic, I wrote these iptables rules: iptables -t nat -A PREROUTING -p tcp --dport 3389 -j DNAT --to-destination win-box iptables -A FORWARD -p tcp --dport 3389 -j ACCEPT The port is listening on the Windows machine: C:\Users\nimmy>netstat -a Active Connections Proto Local Address Foreign Address State (..snip..) TCP 0.0.0.0:3389 WIN-BOX:0 LISTENING (..snip..) And the port is forwarding on the Linux machine: # tcpdump port 3389 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 01:33:11.451663 IP shieldsup.grc.com.56387 > linux-box.myapt.lan.ms-wbt-server: Flags [S], seq 94663035, win 8192, options [mss 1460], length 0 01:33:11.451846 IP shieldsup.grc.com.56387 > win-box.myapt.lan.ms-wbt-server: Flags [S], seq 94663035, win 8192, options [mss 1460], length 0 However, I am not getting any successful RDP connections from the outside. The port is not even responding: C:\Users\outside-nimmy>telnet example.com 3389 Connecting To example.com...Could not open connection to the host, on port 3389: Connect failed Any ideas? Update Per @Zhiqiang Ma, I looked at nf_conntrack proc file during a connection attempt and this is what I see (192.168.3.1 = linux-box, 192.168.3.5 = win-box): # cat /proc/net/nf_conntrack | grep 3389 ipv4 2 tcp 6 118 SYN_SENT src=4.79.142.206 dst=192.168.3.1 sport=43142 dport=3389 packets=6 bytes=264 [UNREPLIED] src=192.168.3.5 dst=4.79.142.206 sport=3389 dport=43142 packets=0 bytes=0 mark=0 secmark=0 zone=0 use=2 2nd update Got tcpdump on the router and it seems that win-box is sending an RST packet: 21:20:24.767792 IP shieldsup.grc.com.45349 > linux-box.myapt.lan.3389: S 19088743:19088743(0) win 8192 <mss 1460> 21:20:24.768038 IP shieldsup.grc.com.45349 > win-box.myapt.lan.3389: S 19088743:19088743(0) win 8192 <mss 1460> 21:20:24.770674 IP win-box.myapt.lan.3389 > shieldsup.grc.com.45349: R 721745706:721745706(0) ack 755785049 win 0 Why would Windows be doing this?

    Read the article

  • Setup a vpn server with a static IP with NAT and port forwarding

    - by Lorenzo Pistone
    I have a Debian VPS with an assigned static IP. I want to setup a virtual interface (with an ip like 192.168..) on my laptop (Ubuntu, dynamic IP) linked to the remote VPS, so that if I bind sockets to it the traffic is tunneled to the VPS and sent to the Internet from there. Port forwarding must be available. This looks like a job for a VPN software, but I'm clueless about the pieces of software needed. Any advice?

    Read the article

  • Port forwarding for Rsync

    - by malfist
    Every port on my server is blocked except port 222 which is were ssh connects too. This server is pretty much a backup server, and I have my clients rsync to it. I do this by using ssh's port forwarding (-P 222 -L 873:myserver.com:873), however, I want to do this with just using the rsync command. Is that possible?

    Read the article

  • Remote access to internal machine (ssh port-forwarding)

    - by MacUsers
    I have a server (serv05) at work with a public ip, hosting two KVM guests - vtest1 & vtest2 - in two different private network - 192.168.122.0 & 192.168.100.0 - respectively, this way: [root@serv05 ~]# ip -o addr show | grep -w inet 1: lo inet 127.0.0.1/8 scope host lo 2: eth0 inet xxx.xxx.xx.197/24 brd xxx.xxx.xx.255 scope global eth0 4: virbr1 inet 192.168.100.1/24 brd 192.168.100.255 scope global virbr1 6: virbr0 inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 # [root@serv05 ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr1 xxx.xxx.xx.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0 169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0 0.0.0.0 xxx.xxx.xx.62 0.0.0.0 UG 0 0 0 eth0 I've also setup IP FORWARDing and Masquerading this way: iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE iptables --append FORWARD --in-interface virbr0 -j ACCEPT All works up to this point. If I want to remote access vtest1 (or vtest2) first I ssh to serv05 and then from there ssh to vtest1. Is there a way to setup a port forwarding so that vtest1 can be accessed directly from the outside world? This is what I probably need to setup: external_ip (tcp port 4444) -> DNAT -> 192.168.122.50 (tcp port 22) I know it's easily do'able using a SOHO router but can't figure out how can I do that on a Linux box. Any help form you guys?? Cheers!! Update: 1 Now I've made ssh to listen to both of the ports: [root@serv05 ssh]# netstat -tulpn | grep ssh tcp 0 0 xxx.xxx.xx.197:22 0.0.0.0:* LISTEN 5092/sshd tcp 0 0 xxx.xxx.xx.197:4444 0.0.0.0:* LISTEN 5092/sshd and port 4444 is allowed in the iptables rules: [root@serv05 sysconfig]# grep 4444 iptables -A PREROUTING -i eth0 -p tcp -m tcp --dport 4444 -j DNAT --to-destination 192.168.122.50:22 -A INPUT -p tcp -m state --state NEW -m tcp --dport 4444 -j ACCEPT -A FORWARD -i eth0 -p tcp -m tcp --dport 4444 -j ACCEPT But I'm getting connection refused: maci:~ santa$ telnet serv05 4444 Trying xxx.xxx.xx.197... telnet: connect to address xxx.xxx.xx.197: Connection refused telnet: Unable to connect to remote host Any idea what's I'm still missing? Cheers!!

    Read the article

  • Stable reverse port forwarding in SSH and stale sessions

    - by Vi
    Using VPS to forward ports behind NAT: for((;;)) { ssh -R 2222:127.0.0.1:22 [email protected]; sleep 10; } When connection is broken somehow and it is reconnecting. Warning: remote port forwarding failed for listen port 2222 Linux vi-server.no-ip.org 2.6.18-92.1.13.el5.028stab059.3 #1 SMP Wed Oct 15 13:33:44 MSD 2008 i686 I type: vi@vi-server:~$ killall sshd Connection to vi-server.org closed by remote host. Connection to vi-server.org closed. Linux vi-server.no-ip.org 2.6.18-92.1.13.el5.028stab059.3 #1 SMP Wed Oct 15 13:33:44 MSD 2008 i686 vi@vi-server:~$ Now it's OK. How it's simpler to make this automatic?

    Read the article

  • Forwarding port to a VM - How to?

    - by Peter Gadd
    I use Win 8 Ent x64 on my PC, and I also have a Win 7 VMware virtual machine set up using a bridged network adapter. The IPv4 number for the Win 7 VM is 192.168.1.115. I require access to the VM from the Internet through port 1688. How do I set up port forwarding to achieve this? My router is a Cisco Linksys WAG120N. ========= If you require any further information to help me with this, I will gladly supply it. ========= Thanks in advance.

    Read the article

  • Need IP port forwarding to access an internel service running on an internal machine

    - by appleluo
    I am trying to configure iptables to do port forwarding for certain request. The scenario is like this: Login node A can be accessed from outside Compute node B that running the service can be accessed from A but not from outside. I want to set up iptables so that a request for the service on B from outside can be accessed through A. A has two ethernet ports: Internal eth0, with ip internal_A and External eth1, with ip external_A. B has 1 ethernet port, internal eth0. let's say its ip is internal_B The service listens to internal_B:5900. We open external_A:10000 for user access. I configure my iptables with the following commands: echo 1> /proc/sys/net/ipv4/ip_forward /sbin/iptables -P FORWARD ACCEPT /sbin/iptables -t nat -A POSTROUTING -j MASQUERADE /sbin/iptables -A PREROUTING -p tcp -t nat --dport 10000 -j DNAT --to-destination interal_B:5900 /sbin/iptables -A OUTPUT -p tcp -t nat -d external_A --dport 10000 -j DNAT --to-destination internal_B:5900 But it didn't work. Can anybody help me?

    Read the article

  • Port forwarding for VNC on Dynalink RTA1335 not working

    - by Curyous
    I've vnc-java running on an Ubuntu box, with the IP address 192.168.1.68, using port 5800 (because port 5900 is being used for normal VNC). If I connect to 192.168.1.68:5800 using another computer on the network, I can use VNC fine. Using www.whatismyip.com, I find out what my IP address from the outside world is, and if I go directly to that, I get to access my modem/router. If I try to navigate to that IP address, with ':5800' on the end, I get a "This web page is not available." error. I have port forwarding set up in the router as follows: Application Name External Packet Internal Host IP Address Protocol Port IP Address Port VNC ALL TCP/UDP 5800 192.168.1.68 5800 What else do I need to do to get this to work?

    Read the article

  • Sendmail : forwarding emails problem

    - by Chayan
    So here is my situation. I have this 2 DNS (say a.org and b.org) with the same IP address (both A record) tied to this box. We have Google mail handing our a.org emails . I want b.org emails to forward to users at a.org emails . My sendmail is getting confused and is delivering all b.org emails locally instead of forwarding them to a.org (which is specified in the .forward) . What do I do from the sendmail side to force external delivery . Thanks Much

    Read the article

  • xauth error with ssh X Forwarding

    - by bdk
    From my (Debain) Desktop machine, I am trying to ssh into a Debian Server with ssh -X remote-ip After logging into the remote host, I get: /usr/bin/X11/xauth: creating new authority file /root/.Xauthority /usr/bin/X11/xauth: (stdin):1: bad display name "unix:10.0" in "remove" command /usr/bin/X11/xauth: (stdin):2: bad display name "unix:10.0" in "add" command And the X Forwarding doesn't work. From my Desktop I can ssh -X into other Debian servers and it works fine. I found a lot of threads discussing similar issues on google, but they all seem to fade out without a solution, and the simple things suggested there like exporting DISPLAY or setting xhost + don't seem to make a difference.

    Read the article

  • Forwarding email in a specific folder only

    - by Ian
    I ran across a post on Super User that addressed a question about Outlook email forwarding. One user provided a script to utilize. Sub AutoForwardAllSentItems(Item As Outlook.MailItem) Dim strMsg As String Dim myFwd As Outlook.MailItem Set myFwd = Item.Forward myFwd.Recipients.Add "[email protected]" myFwd.Send Set myFwd = Nothing End Sub This worked good for me, but how would it work if I want to just automatically forward email in a specific folder only? The folder already has email auto directed to it upon receipt. Any ideas?

    Read the article

  • Weird (?) issue with Exchange Forwarding

    - by abszero
    Hello everyone. Here is the long and short of it: the company I work for was purchased by another company who uses Gmail for domains as their email provider. We use an in house Exchange box. No big deal, I dropped into Active Directoy and created several Contact objects that represented our new email addresses at Gmail. I then went through each employees record and have their mail set to forward to this new address and not deliver locally. So I am forwarding email for me@domain1 to me@domain2 and this works great as long as I don't send an email from me@domain2 to me@domain1. If I log into my personal Gmail account and send an email to me@domain1 the email is properly forwarded to me@domain2. The mail coming from me@domain2 to me@domain1 seems to just get lost in the ether. Have I done something wrong or is this a quark with Exchange? Thanks!

    Read the article

  • Port Forwarding on Actiontec GT704-WG Router Issues

    - by adamweeks
    I am trying to setup a server at customer's location that has the Actiontec GT704-WG DSL router. The port forwarding it not working at all. Here's the details: Server: OpenSuse Linux box with a static IP address of 192.168.1.200 Application running accepting connections on port 8060 Firewall disabled Local connections (within the network) working properly Router: Updated to latest firmware available DHCP range set to 192.168.1.69-192.168.1.199 to not have any conflicts with the server Firewall set to "off" Rule set in the "Applications" setting to forward 8060 TCP and UDP to 192.168.1.200 machine (I've tried using the "TCP,UDP" option as well as both individual options) I've also tried just simply putting the server in the DMZ to see if I could connect to anything, but still nothing. Looking for any clues before I call and waste hours explaining the issue to tech support.

    Read the article

  • Port forwarding on D-Link DIR-615 super-slow, useless

    - by Jaroslav Záruba
    Hello I have replaced my old router with DIR-615 from D-Link, and now the port forwarding is so slow it makes the router practically useless. Accessing the router itself (admin UI) is without issues, no delay whatsoever. But when I try to access a service on another computer in the network the requests take minutes and minutes. (E.g. I can see source of my GWT-app main page, but loading additional CSS and JS files takes years.) If anyone could recommend any further diagnostics I should do to figure out what is happening it would be great. Few notes: happens with more services (web-app on Tomcat, viewing directory index via Apache) it does not make a difference whether the service is hosted on wired or wireless PC accessing the service on a localhost works fine turning off firewall on the target PC does not make difference either (makes sense) when I replace this router with the old one (both 192.168.1.1) everything works fine I see nothing suspicious in the router's log I believe I have the latest firmware (4.11) DIR-615 sucks, it already died once completely Regards Jarda Z.

    Read the article

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >