Results 1 to 9 of 9

Thread: The joy?

  1. #1
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,554

    Default The joy?

    I lost an interface in my UT tonight, so I downed it, replaced both PCI boards with two of the dual port boards I got from Tony.

    Brought the server back up, clicked the refresh button. I now have eth3-6 instead of eth0-2.

    Ok no problem, except... while UT was showing link lights I had no traffic flow.

    A quick trip into /etc/network/interfaces showed why, it was still on the old device flags. The UVM's read out matched the contents of /etc/udev/rules.d/70-persistent-net.rules.

    So, I manually modified /etc/network/interfaces to have the correct values and rebooted. *poof* traffic.

    There's only one massive problem, TCP 80 traffic is taking an ETERNITY. If I don't bypass it entirely it takes almost 10min to load these forums. So I'm pretty sure my UVM is nice and borked.

    External (eth3) and Internal (eth4) report normal configuration details via the GUI, However my bench interface (was DMZ, now eth5) doesn't show any IP configuration at all.

    Given that this is "working" enough for me to get by I'm going to try and leave this unit in this state until Monday so I can get support in here. I've attempted to "upgrade" four installations using these dual port cards as a test bed, and in each situation the upgrade has failed in some whacky way. This is the second box to completely forget to modify the interfaces file.

    So I'm thinking there is a bug here somewhere, but not sure where specifically yet.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  2. #2
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,554

    Default

    Ok I'm now off the bypass, the performance issue is the Web Filter. Turn it off, instant browsing. Turn it on, takes at least 30 seconds to resolve a page.

    Fascinating...

    Just tried switching off my ISP's DNS to OpenDNS, and followed that up with Google DNS. No change, so I'll leave the filter disabled for tonight and go pass out.

    I suppose I should fill in the details.

    This is my Untangle here at Intouch, it now has 4 interfaces. It's a dual core AMD Athlon 64 X2 4200+ (2.2ghz) machine with 1GB of ram, and two of those Dual port Intels in it. Prior it had the on board interface, and two single port Intel boards in it.

    The server reports very little utilization, heck it's 3am I see 4 sessions! Yet it takes ages to load a web page if I turn web filter back on. Perhaps something is broken on the zvelo side?

    http://zvelo.com/partners/test-a-site

    That site won't go past the captcha for me at all right now.
    Last edited by sky-knight; 06-04-2011 at 03:38 AM.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #3
    Untanglit
    Join Date
    Jun 2011
    Posts
    20

    Default

    Very interesting. We have just had the same problem starting to happen with our web filter in the last 4 hours.

    Turn off the Web Filter and normal page loads. Really slow with the web filter on.

    This is on a box that has been running OK for ages.

    Same thing with zvelo test-a-site (nothing after captcha)

    Phil

  4. #4
    Untanglit
    Join Date
    Jun 2011
    Posts
    20

    Default

    We are back up and running with Web Filter on.....did nothing here.

    Looks like a zvelo problem to me as their test site is now working too.

    Can someone from Untangle confirm and explain ?

    Thanks
    Phil

  5. #5
    Untangle Ninja hescominsoon's Avatar
    Join Date
    Sep 2007
    Posts
    1,704

    Default

    It would be nice to have the option of loading the database locally and have it update the database via the cloud if needed.

  6. #6
    Master Untangler
    Join Date
    Aug 2008
    Posts
    283

    Default

    Good thing I came across this forum. Same thing on my end. I would find that some web pages wouldn't load at all. Thought my computer may be acting up, NIC driver or something (too much Realtek vs Intel...lol).

    When it happened again, I was remoted into my home computer from work. That indicated to me that it wasn't an Internet problem but a web browsing problem. Also, DNS was working (I have a domain controller at home providing DNS so I wasn't sure if that was the problem but that was solid). Only when I bypassed Untangle (in bridge mode with a switch before and a switch after for such occasions) did it come back up. Of course, plugging it back in behind Untangle, and everything started working again.

  7. #7
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,554

    Default

    Yeah I'm back online with the web filter as well.

    So that issue is at least somewhat confirmed, for some odd reason for a period of time starting around 2:00am AZ time, the Zvelo servers hosting the web filter were taking AGES to respond. And then some time later, long after I passed out but before now, they started working again?

    Now all that is left is my poor limping Untangle server with a manually corrected bug thanks to interface replacements. That can wait until Monday, everything is "working".

    And hescominsoon, you really don't want that DB to be local... it's HUGE and it changes rapidly. As much as I dislike cloud based tech for reasons just like this... in this particular case such a feature would almost certainly triple if not quadruple the system requirements of Untangle.
    Last edited by sky-knight; 06-04-2011 at 10:44 AM.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  8. #8
    Untangle Ninja hescominsoon's Avatar
    Join Date
    Sep 2007
    Posts
    1,704

    Default

    for some reason my post didn't take..maybe i didn't hit submit..

    actually i use both UT and another product. The other product now has the option to have the database disk or ram based or cloud based. It's not official yet and you have to use the cli to do it. The ram requirement is only a gigabyte and with how cheap ram is that's not a huge deal.. It's purely an option..one that i take advantage of..but it nothing i'm going to stop using UT over..

  9. #9
    Master Untangler
    Join Date
    Aug 2008
    Posts
    283

    Default

    I know Watchguard units have an option to bypass the web filter if the category database has not responded by after 5 seconds. That may be a feature that would benefit situations like this. It could also be set to auto-block everything as well if your devious...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2