On Tuesday 20 Sep 2016 12:57:00 Grant wrote: > > Leaving your MTU at the default ethernet size of 1500 on your PC/server > > should not cause a problem for most day to day operations, because modern > > end-point OS and network devices use Path MTU Detection. Problems will > > arise when you come across a misconfigured router/firewall/server > > (internet black hole) which drops ICMP Fragmentation Needed (Type 3, > > Code 4) packets and won't adjust its MTU to make sure you can receive > > packets of the appropriate size. > > And I believe that's exactly what I have as far as my AT&T > modem/router which seems to drop all icmp packets. I think that's why > it's important for me to set an MTU for my network which is not > greater than the MTU of the modem/router which appears to be 1492. > > > I have no idea if PMTUD is in any way relevant to the TCP queue spikes you > > have observed, but they are caused by TCP buffers overflowing. Some > > detective work at the time these overflows take place would show what the > > server is doing at the time. > > Any idea which tool to use? I could start keeping an eye on output > when things are good and then again when things are bad so I can > compare the two states. > > - Grant
On the server you could start by using iftop, iptraf-ng, netstat to get an idea of connections and bandwidth consumed. Use lsof, syslog and webserver logs to see what's happening at an application level. You can also increase the firewall verbosity briefly, to see if anything strange is happening with packets being processed there. -- Regards, Mick
signature.asc
Description: This is a digitally signed message part.
