I have a Linksys SRW2048 switch and the UI fails under IE[789] because it uses too many concurrent connections for the switch to handle. I can use IETab in Firefox which works because it indirectly limits the number of concurrent HTTP requests, but that isn't always a solution. I have a squid proxy running on a linux router though, so I was hoping I could limit the number of concurrent connections. The docs tell me I can limit them by using a deny but that will result in the connection failing rather than simply being delayed until other connections are complete. Any suggestions? I'll use netfilter to drop new connection requests if I can't figure it out using squid. Thanks James
James Harper wrote:
I have a Linksys SRW2048 switch and the UI fails under IE[789] because it uses too many concurrent connections for the switch to handle. I can use IETab in Firefox which works because it indirectly limits the number of concurrent HTTP requests, but that isn't always a solution.
I have a squid proxy running on a linux router though, so I was hoping I could limit the number of concurrent connections. The docs tell me I can limit them by using a deny but that will result in the connection failing rather than simply being delayed until other connections are complete.
Any suggestions? I'll use netfilter to drop new connection requests if I can't figure it out using squid.
Bit of a dumb question, but if your users are benign, why not simply tell them not to multiplex connections to the same host? e.g. use wget instead of aria2. Also, polipo (alternative to squid) claims to be able to take care of automatically multiplexing *as appropriate*, i.e. iff the remote host speaks HTTP/1.1 pipelining.
James Harper wrote:
I have a Linksys SRW2048 switch and the UI fails under IE[789] because it uses too many concurrent connections for the switch to handle. I can use IETab in Firefox which works because it indirectly limits the number of concurrent HTTP requests, but that isn't always a solution.
I have a squid proxy running on a linux router though, so I was hoping I could limit the number of concurrent connections. The docs tell me I can limit them by using a deny but that will result in the connection failing rather than simply being delayed until other connections are complete.
Any suggestions? I'll use netfilter to drop new connection requests if I can't figure it out using squid.
Bit of a dumb question, but if your users are benign, why not simply tell them not to multiplex connections to the same host? e.g. use wget instead of aria2.
No it's even worse than that. The switch gets overloaded with a single browser session making multiple connections. Eg http://switch/main_page in turn loads up a heap of small images, css, java script, frames, etc, and the browser tries to load them all concurrently for performance reasons but the switch just starts refusing (connection reset) subsequent connections once it is already handling a few, so it just doesn't work. I'm the only one who logs into the switch. James
James Harper wrote:
No it's even worse than that. The switch gets overloaded with a single browser session making multiple connections. Eg http://switch/main_page in turn loads up a heap of small images, css, java script, frames, etc, and the browser tries to load them all concurrently for performance reasons but the switch just starts refusing (connection reset) subsequent connections once it is already handling a few, so it just doesn't work.
I'm the only one who logs into the switch.
Uh, so fix / change your browser? I vaguely recall seeing a "max concurrent connections per server" option in about:config years ago...
On Tue, May 29, 2012 at 07:25:14AM +0000, James Harper wrote:
No it's even worse than that. The switch gets overloaded with a single browser session making multiple connections.
this is why i prefer a fairly decent(*) desktop computer or laptop instead of an openwrt style router. they have anywhere from reasonable to excellent CPU capability, lots of storage space (relative to a linksys/netgear/*wrt*/etc anyway), lots of RAM. desktop (or mini-itx) machines even have PCI or PCI-e expansion slots. i was routinely building internet gateway boxes running linux with a dns server (bind8 at the time), squid, apache, sendmail and lots more that served entire schools with hundreds of students in the mid 90s...on 486 boxes with 16-64MB of RAM. they were more than adequate for the job - it annoys the hell out of me that the openwrt boxes can't even match that. (*) by fairly decent, i mean something equivalent to or better than a mid-1990s PC. you probably couldn't find something so primitive these days, and why bother when it's easy to find early-to-mid 2000s era PCs (i.e. up to 10 years newer than that) being given away for free. even something like an old celeron CPU eeepc is pretty good for the job, except for the shortage of ethernet and expansion ports....but the ethernet shortage is easily solved by a cheap gigabit switch (and/or USB NICs) and the lack of expansion ports is no worse than (or considerably better than) most openwrt compatible devices. craig -- craig sanders <cas@taz.net.au> BOFH excuse #392: It's union rules. There's nothing we can do about it. Sorry.
From my experiance with the srw stuff it's not that the system is incapable of serving that many connections it's just that the software is absolutely shit.the srw2048 is not something you could replace with an eepc or simliar it's a layer 2 48 port switch that is fairly cheap (to be honest i would recommend the hp 1810 or cisco sr300 these days and avoid the srw switches but based on the branding this has been around for a while.)
and i guess they still have the horrendous IE only ui (btw you can actually get a serial connection that is less fail on the switches http://www.crc.id.au/real-console-on-linksys-srw2024-switch/ On Tue, May 29, 2012 at 7:32 PM, Craig Sanders <cas@taz.net.au> wrote:
On Tue, May 29, 2012 at 07:25:14AM +0000, James Harper wrote:
No it's even worse than that. The switch gets overloaded with a single browser session making multiple connections.
this is why i prefer a fairly decent(*) desktop computer or laptop instead of an openwrt style router.
they have anywhere from reasonable to excellent CPU capability, lots of storage space (relative to a linksys/netgear/*wrt*/etc anyway), lots of RAM. desktop (or mini-itx) machines even have PCI or PCI-e expansion slots.
i was routinely building internet gateway boxes running linux with a dns server (bind8 at the time), squid, apache, sendmail and lots more that served entire schools with hundreds of students in the mid 90s...on 486 boxes with 16-64MB of RAM. they were more than adequate for the job - it annoys the hell out of me that the openwrt boxes can't even match that.
(*) by fairly decent, i mean something equivalent to or better than a mid-1990s PC. you probably couldn't find something so primitive these days, and why bother when it's easy to find early-to-mid 2000s era PCs (i.e. up to 10 years newer than that) being given away for free.
even something like an old celeron CPU eeepc is pretty good for the job, except for the shortage of ethernet and expansion ports....but the ethernet shortage is easily solved by a cheap gigabit switch (and/or USB NICs) and the lack of expansion ports is no worse than (or considerably better than) most openwrt compatible devices.
craig
-- craig sanders <cas@taz.net.au>
BOFH excuse #392:
It's union rules. There's nothing we can do about it. Sorry. _______________________________________________ luv-main mailing list luv-main@luv.asn.au http://lists.luv.asn.au/listinfo/luv-main
On Tue, May 29, 2012 at 07:53:32PM +1000, Kevin wrote:
From my experiance with the srw stuff it's not that the system is incapable of serving that many connections it's just that the software is absolutely shit.the srw2048 is not something you could replace with an eepc or simliar it's a layer 2 48 port switch that is fairly cheap
sorry, my mistake. i assumed he was talking about one of the linksys WRT type devices. are there any alternative linux firmware replacements for it? netgear make a halfway decent 48 port switch, GS748TAU. IIRC they were about $900 each when i bought a bunch of them back in 2008 or so for work (as an alternative to ciscos that were closer to $12K each IIRC). a quick google search says they're about $600 now. there's probably some things a cisco could do that these couldn't but a) i didn't need them, and b) they weren't worth paying more than 12 times the price for. I bought 6 of them at the time, i think, for under $6000. i couldn't have bought even 1 of the ciscos for that amount, and buying 6 of them would have cost about $72K. they had (prob. still have) a crappy but functional web interface (it worked in linux w/ iceweasel, anyway) and no command line that i ever discovered but they never caused me any grief. craig ps: generally, i like cisco gear (real cisco, not linksys) - it's usually well made, solid, and reliable. the only problem is that it's absurdly overpriced for what it is and what you get. corporate pricing for people who don't dare buy anything else (unless it's some other nobody-ever-gets-fired-for-buying big name with similar absurd prices) in case they get blamed if something ever goes wrong. somehow i missed the brain-washing sessions at cisco-sponsored conferences where they take all the bright young network engineers, pump them full of booze and ego-multiplying bullshit sessions and cisco branding propaganda and turn them into True Believers incapable of any critical thought. they probably spotted me as a cynical advertising-resistant disruptive influence or something. -- craig sanders <cas@taz.net.au> BOFH excuse #69: knot in cables caused data stream to become twisted and kinked
On Tue, May 29, 2012 at 07:53:32PM +1000, Kevin wrote:
From my experiance with the srw stuff it's not that the system is incapable of serving that many connections it's just that the software is absolutely shit.the srw2048 is not something you could replace with an eepc or simliar it's a layer 2 48 port switch that is fairly cheap
sorry, my mistake. i assumed he was talking about one of the linksys WRT type devices.
are there any alternative linux firmware replacements for it?
I doubt it. I'm pretty sure I grepped the firmware once upon a time and it didn't seem to have any Linux cruft in there (and Linksys are good about disclosure these days) so it's probably an exclusively proprietry platform. An open interface to a switch would be pretty cool, but most of the magic happens in hardware these days, which is why you can get a 200Mhz CPU on a 10GBit switch, so it would simply be management stuff. James
Quoting Craig Sanders (cas@taz.net.au):
are there any alternative linux firmware replacements for it?
Don't think so. http://www.humans-enabled.com/2007/10/dont-use-linksys-srw2048-until-it.html However, one could either sell it or let it achieve its best and highest purpose as landfill. ;->
Quoting Craig Sanders (cas@taz.net.au):
are there any alternative linux firmware replacements for it?
Don't think so. http://www.humans-enabled.com/2007/10/dont-use-linksys-srw2048-until- it.html However, one could either sell it or let it achieve its best and highest purpose as landfill. ;->
As a switch, once configured, it works pretty well. I won't be buying any more though. James
From my experiance with the srw stuff it's not that the system is incapable of serving that many connections it's just that the software is absolutely shit.the srw2048 is not something you could replace with an eepc or simliar it's a layer 2 48 port switch that is fairly cheap (to be honest i would recommend the hp 1810 or cisco sr300 these days and avoid the srw switches but based on the branding this has been around for a while.)
and i guess they still have the horrendous IE only ui (btw you can actually get a serial connection that is less fail on the switches http://www.crc.id.au/real- console-on-linksys-srw2024-switch/
There is a commandline interface on the srw switches, but it's a bit convoluted to get to. But yes, the management software is awful, and being constrained to IE is a limitation I'd rather do without (especially as it doesn't actually work anyway). Firefox doesn't work, but I think that's nothing to do with concurrent connections. I use the 1810G series switches these days, although they don't support 802.1x which is a bit of a pain. James
On Tue, 29 May 2012, Craig Sanders <cas@taz.net.au> wrote:
(*) by fairly decent, i mean something equivalent to or better than a mid-1990s PC. you probably couldn't find something so primitive these days, and why bother when it's easy to find early-to-mid 2000s era PCs (i.e. up to 10 years newer than that) being given away for free.
even something like an old celeron CPU eeepc is pretty good for the job, except for the shortage of ethernet and expansion ports....but the ethernet shortage is easily solved by a cheap gigabit switch (and/or USB NICs) and the lack of expansion ports is no worse than (or considerably better than) most openwrt compatible devices.
My recollection is that P3 systems less than 800MHz in speed tended to have BIOS issues. Some of them had issues with bigger hard drives (something like 24G or 32G was a limit) and they had other flakeyness. I've got a couple of P3-1GHz systems in my collection for use as routers and small servers. Recent versions of clamav have got memory hungry so 512M is about the minimum for a small mail server with a full anti-spam configuration which means that P3 desktop systems (which were all limited to 512M of RAM) will soon be unsuitable as mail servers. Such P3 systems tend to use less than 40W while relatively idle (IE hard drive is still spinning etc but it isn't under much load). http://doc.coker.com.au/environment/computer-power-use/ I've also got a small collection of Celeron 2.4GHz systems which draw 50W with a single 300G disk. Those systems can take up to 2G of RAM (enough for a small Xen server) and can take SATA disks (if I needed something bigger than the 200G IDE disks in my collection). http://etbe.coker.com.au/2008/05/22/xen-and-swap/ My first Linux server had 4M of RAM back in late 1992 or early 1993. But when I tested in 2008 I couldn't even get a Debian virtual machine to boot with less than 13M of RAM. I suspect that Debian has become bigger since then. http://en.wikipedia.org/wiki/Intel_chipset So I guess that anything from Intel that's designed for the desktop and is less than a Pentium-Pro is useless for running Linux nowadays. Those systems which were stupidly limited to 64M of RAM (like most Pentium systems) aren't going to be very useful nowadays. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/
On Tue, May 29, 2012 at 7:32 PM, Craig Sanders <cas@taz.net.au> wrote:
On Tue, May 29, 2012 at 07:25:14AM +0000, James Harper wrote:
No it's even worse than that. The switch gets overloaded with a single browser session making multiple connections.
this is why i prefer a fairly decent(*) desktop computer or laptop instead of an openwrt style router.
they have anywhere from reasonable to excellent CPU capability, lots of storage space (relative to a linksys/netgear/*wrt*/etc anyway), lots of RAM. desktop (or mini-itx) machines even have PCI or PCI-e expansion slots.
I had a netgear ADSL 2 modem/firewall appliance and it kept flaking out with the load my family was putting on it, I put it in to bridge mode and fed it to a Dell server running smoothwall with a few addons, 250GB hDD with 2 GB RAM and a 3.6GHz processor seem to handle it a lot better then the crap modem did A bit of overkill I suppose but it hasnt let me down yet
-- craig sanders <cas@taz.net.au>
BOFH excuse #392:
It's union rules. There's nothing we can do about it. Sorry. _______________________________________________ luv-main mailing list luv-main@luv.asn.au http://lists.luv.asn.au/listinfo/luv-main
-- Mark "Hiddensoul" Clohesy Mob Phone: (+61) 406 417 877 Email: hiddensoul@twistedsouls.com G-Talk: mark.clohesy@gmail.com - www.shed.twistedsouls.com - GNU/Linux.. Linux Counter #457297 "I would love to change the world, but they won't give me the source code" "Linux is user friendly...its just selective about who its friends are" "Never underestimate the bandwidth of a V8 station wagon full of tapes hurtling down the highway" "The difference between e-mail and regular mail is that computers handle e-mail, and computers never decide to come to work one day and shoot all the other computers"
On Tue, 29 May 2012, "Hiddensoul (Mark Clohesy)" <hiddensoul@twistedsouls.com> wrote:
fed it to a Dell server running smoothwall with a few addons, 250GB hDD with 2 GB RAM and a 3.6GHz processor seem to handle it a lot better then the crap modem did A bit of overkill I suppose but it hasnt let me down yet
A 3.6GHz CPU would be rather power hungry. You might want to replace that with a Celeron before summer... -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/
i would look at haproxy as your concurrent connection limiter. this would easily restrict your concurrent connections and delay rather than deny those over the limit you configure On Tue, May 29, 2012 at 2:18 PM, James Harper <james.harper@bendigoit.com.au> wrote:
I have a Linksys SRW2048 switch and the UI fails under IE[789] because it uses too many concurrent connections for the switch to handle. I can use IETab in Firefox which works because it indirectly limits the number of concurrent HTTP requests, but that isn't always a solution.
I have a squid proxy running on a linux router though, so I was hoping I could limit the number of concurrent connections. The docs tell me I can limit them by using a deny but that will result in the connection failing rather than simply being delayed until other connections are complete.
Any suggestions? I'll use netfilter to drop new connection requests if I can't figure it out using squid.
Thanks
James _______________________________________________ luv-main mailing list luv-main@luv.asn.au http://lists.luv.asn.au/listinfo/luv-main
i would look at haproxy as your concurrent connection limiter. this would easily restrict your concurrent connections and delay rather than deny those over the limit you configure
Sounds good. I'd looked at chaining squid to tinyproxy for connections to the switch, but it didn't support the required limiting features and I ran out of time to look at alternatives for today. I'll check out haproxy tonight. Thanks James
participants (7)
-
Craig Sanders -
Hiddensoul (Mark Clohesy) -
James Harper -
Kevin -
Rick Moen -
Russell Coker -
Trent W. Buck