On Feb 6, 2010, at 10:24 PM, Gadi Cohen wrote:
Some more on this for those interested... it looks like NV just have
some special rules that go into effect during times of peak
traffic. My speeds and email are fine most of the time, but in the
evenings this weekend suddenly my slightly less regular mail ports
(587, imap ssl on 993) are blocked again and certain intl bandwidth
is down to 6k/sec. During such times, I can tunnel through the VPN,
access my email and download at normal speeds again.
I think it's far less sinister than that. While every ISP does traffic
shaping, they also oversell their bandwidth. No matter how good your
QOS routing is, you are not going to get good performance with less
than 100 byte long compessed header SIP packets, when the lines are at
99% capacity with 1400 byte P2P or video packets.
Since voice and video protocols are usually UDP based, they don't even
get out of the starting gate as it were. The packets expire in the
queue and although many arrive, the application discards them.
There is also a feature of DNS which uses UDP packets up to 2048
bytes. It's part of the EDNS support and can not be globally turned
off. The best you can do is to set the maximum sent and received
packet size to 512 bytes, which is the fallover size when the larger
packets fail. I have read pages after pages of comments about it by
people supporting bind, and if your router/firewall can't support UDP
packets of 2k, then it's your router's fault.
Well yes it is, my router has an mtu of around 1452 bytes, and no I
can't change it. If your application breaks because every router in
the country can't support UDP packets that big, at least fix the
application enough to let globally turn off the option.
The same with DNS security, many users have reported that it
quadruples DNS query time. Not a problem until your queries take 3 to
4 seconds without it. Rare, but it happens to international ones
during peak load.
I do have a mea culpa about that, I recently switched to google DNS,
which most of the time is great, but if the lines are clogged, the
lines are clogged,
As for netvision blocking ports, they started that a year ago. I
complained, and since I have a commercial account, I was told they did
not block any ports, and since then they have not. Up unitl a month
ago I used a ssh tunnel to send and receive email to my provider, but
have since gone back to using 587 and sasl pop3.
Things have been so bad on my aDSL line for a week that not only did
it crash every 2 or 3 minutes but after several hours of crashing my
router would jam my network and everything would stop. Since I have
been sick and unable to hold a conversation longer than about 5
words, I just turned off the router and left the line unused. A friend
called me to wish me shabbat shalom and ask how I was feeling, he
mentioned that his aDSL line was not working well in what turned out
to be a similar situation. He is still in Jerusalem, but at the other
end of town.
Geoff.
--
geoffrey mendelson N3OWJ/4X1GM
Jerusalem Israel geoffreymendel...@gmail.com
New word I coined 12/13/09, "Sub-Wikipedia" adj, describing knowledge
or understanding, as in he has a sub-wikipedia understanding of the
situation. i.e possessing less facts or information than can be found
in the Wikipedia.
_______________________________________________
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
