Slow downloads from GEANT2 webserver to SWITCH

PTS Case 25

Synopsis

After downloading all the monthly reports from the GN1 project, a SWITCH user appeared to get rate limited on the GN2 web server. Other people at SWITCH also appeared to be affected. Box UK (who provide and support the Amaxus application used on the GN2 webserver) claim that there are no rate limits in place. The DANTE sys admin also reported there were no rate limits used on the server.

Two (unrelated) problems contributed to these symptoms:

  1. The long initial delay at every HTTP GET request (every click) was caused by the unavailability of www.dante.net over IPv6. The client’s web browser found the IPv6 AAAA RRs in the DNS, tried to connect to www.dante.net via TCP over IPv6, but the firewall settings of the GN2 router in front of the website blocked this traffic so this TCP session timed out (75 sec). The browser then fell back to IPv4, which worked (but sometimes with poor performance).
  2. Heavy packet loss in HTTP flows from www.dante.net inside the London GÉANT2 PoP caused the successfully established TCP sessions to perform very poorly (in the 10-100 kBytes/s throughput range, as observed from 16-32 ms RTT away from London). This packet loss happened most of the time during 29-30 January, but there were short periods (a few minutes each) when there was no such loss.

The IPv6 related problem was first mitigated by temporarily removing the AAAA resource records from the DNS, and was later resolved by fixing the firewall settings. The packet loss related problem disappeared by 31 January, but its cause was never found.

-- TobyRodwell - 14 Aug 2007

Topic revision: r1 - 2007-08-14 - TobyRodwell
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2004-2009 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.