On May 13, 2004, at 6:47 PM, Hr. Daniel Mikkelsen wrote:
> I'm having a problem with bandwidth for SMTP traffic to and from
> certain hosts.
> It manifests itself as a sharp drop in transfer rate after about
> 200kB, down
> from the regular maximum transfer rate of that connection to about
> 4kB/s.
>
> I've tried running various different services on port 25, so it isn't
> exim.
>
> I _don't_ see the same problem for ssh and web traffic.
>
> It only appears to happen between hosts that are far (in hops) apart,
> for
> instance between Mexico and Norway.
>
> Large mails are timing out, and travelling users using smtp-auth are
> having
> problems.
>
> Is this something anyone here is familiar with? Is it perhaps some
> common
> spamworm counter measure?
This is exactly the kind of behaviour you will see when there is an
PMTU blackhole.
MTU blackholes occur when there is a host that has its PMTU set higher
than an intermediary host, and that intermediary host is either not
sending ICMP unreachable packets, or those ICMP unreachable packets are
being dropped by some router/firewall somewhere.
For example, my home ADSL router negotiates an MTU of 1492 to my ISP.
If I set MTU on any of my machines to 1500, small transfers will work
fine, however anything over a certain size (1.5k, roughtly ;) will
start to stall because the larger TCP packets will start getting
dropped. This manifests itself as poor FTP/HTTP transfers, slow mail,
etc. For example, I cannot view slashdot.org from home if my home
workstation or my mac is set to 1500 MTU. Setting the MTU below 1492
fixes the problem for me.
My suggestion would be to tune the MTU on your server down, which will
lower overall performance but should work around the problem that you
are describing. The easiest way to set it is to do:
ifconfig eth0 mtu 1492
You can then lower the number in steps of 8 until it starts working. If
you want to just test it to see if this is the problem, set it to 1400
(far too low) and then test.
Now, the solution I've proposed is something that you can do on YOUR
end. However, ideally, you want people to fix their PMTU blackholes. I
won't go into that, but a good resource is:
http://www.phildev.net/mss/index.html
It also has a lot more information on MTU blackholes and what the
problem is etc. I've found in my experience that a high percentage of
end-user whinging about 'slow websites' and 'slow mail' etc, boil down
to a PMTU blackhole somewhere.
Enjoy :)
Nathan.
--
Nathan Ollerenshaw - Unix Systems Engineer
ValueCommerce -
http://www.valuecommerce.ne.jp/
