Topic: Internet speed slowly degrading

[kgraversen]

My SMESERVER (gateway mode) has been "automatically" upgraded to latest release (7.3) and after that I have started to see my internet speed (via smerserver) slowly degraded.

When I reboot the SMESERVER gateway, it regains its potential. But after some time (cant be more specific than a day or so) the speed goes down again.

I have a 2048/512 ADSL and normally see transfer rates to my ISP around 1750/430.
But after a while it is degraded to just 450/50 (until next time I reboot).

Has anyone experienced this?
If this could be a bug - what data should I include in a decent bug report for this type of problem?

Best regards
Ken

[thomasch]

Looks like a general network congestion to me, coincidently happened after upgraded to 7.3..
See log files maybe there's big emails bouncing around somewhere in your network.
I suggest you to check your network traffic on eth0 side and eth1 side first before you file a bug.
Use Wireshark to see what is crawling in the ethernet cable, maybe a bittorent client eats up the bandwidth?

[raem]

kgraversen

Do you have (spam) blacklists enabled ?
This is not enabled by default.

See
http://wiki.contribs.org/Email#Setup_Blacklists_.26_Bayesian_Autolearning
and
http://wiki.contribs.org/Updating_to_SME_7.2#Yum_Update
re RHSBL Servers and DNSBL Servers

Without at least DNSBL enabled, you may have too much spam load on your CPU & memory.
If you also have RHSBL enabled then that may be causing too much load on your system and cause slowness.

Best practice suggestion is to enable DNSBL for conservative lists only ie

config setprop qpsmtpd RBLList zen.spamhaus.org:whois.rfc-ignorant.org:dnsbl.njabl.org
signal-event email-update

[kgraversen]

These are all good suggestions. Thanks.

What I forgot to say (sorry for that) is that this installation is acting as a gateway in a private home. There are only a couple of clients and I have pretty much control over what they are doing.

This night (since my previous post) none of the machines have been active and still the internet speed this morning has dropped to 600/65

Ok - so no activity on the internal side (even going outside to the internet). But there could be activity on the external side trying to get in, using the webserver (great with some visitors) or maybe even the server being compromised and used for something else.

Anyone got ideas how to proceed?

[kgraversen]

Do you have (spam) blacklists enabled ?
This is not enabled by default.

-- I am not using the mail server so does this matter?

See
http://wiki.contribs.org/Email#Setup_Blacklists_.26_Bayesian_Autolearning
and
http://wiki.contribs.org/Updating_to_SME_7.2#Yum_Update
re RHSBL Servers and DNSBL Servers

-- Ooops - the second URL is wrong - or?

[kgraversen]

Looks like a general network congestion to me, coincidently happened after upgraded to 7.3..

-- Could be, but I dont think so in this case. See my added info (http://forums.contribs.org/index.php?topic=39639.msg181747#msg181747).

See log files maybe there's big emails bouncing around somewhere in your network.

-- I dont use the mailserver - so I guess thats not an issue - or?

I suggest you to check your network traffic on eth0 side and eth1 side first before you file a bug.
Use Wireshark to see what is crawling in the ethernet cable, maybe a bittorent client eats up the bandwidth?

-- OK - great idea - I guess I could limit my investigation to consumed bandwidth on the two sides. Is that an option in Wireshark (just if you know)?

[raem]

kgraversen

I am not using the mail server so does this matter?

No need to enable those settings if you are not receiving incoming mail via your sme mail server.

Check if any workstations are infected and sending lots of messages. Run a virus scan on them.
Also use iptraf to see what is happening at the server ie at the command prompt type
iptraf
Check your mail log files eg qpsmtpd/current

Ooops - the second URL is wrong - or?

It's correct, I referred you to the sections on RHSBL & DNSBL

[kgraversen]

Problem solved 

It was a cron schedule remote backup job that was in error causing it to retransmit ALL data EVERYDAY.
This was eating up the bandwidth.

Found it by combination of looking at running jobs and putting in Whireshark monitoring on the external network interface.

Thanks