0

I am using ftpsync to have a local version of the debian packages for all of our debian clients.

Internally, the traffic from the mirror is at our normal LAN speeds (100 MB/s); however, when a client is off-site, the speed is in the range of 80-200KB/s.

Is there a setting to limit the traffic to external clients? What ports sould be open on the firewall?

AWippler
  • 1,055
  • 1
  • 12
  • 32
  • 1
    Just out of interest, do you really want to provide a mirror? Are you geographically isolated? If not, you might find a cahceing proxy more beneficial -> http://packages.debian.org/wheezy/apt-cacher-ng and http://www.unix-ag.uni-kl.de/~bloch/acng/ – sgtbeano Nov 12 '13 at 15:14
  • 2
    Well...if you're hosting this mirror locally and your external clients are grabbing it, you're limited to your Internet connection speeds... – Nathan C Nov 12 '13 at 15:50
  • @NathanC Host is 100mbit upload and client is 15mbit download. – AWippler Nov 12 '13 at 16:01
  • @sgtbeano I do not want caching, I wanted a full mirror. There is no sense having 100 connections to a debian main mirror when I can limit it to 1 connection once a day. Especially since I have the resources available. – AWippler Nov 12 '13 at 16:05
  • @AWippler Even still, how many clients are pulling from this external mirror? 100mbit can be exhausted quite quickly and you'd run into this limitation. Distance and latency also plays a role. – Nathan C Nov 12 '13 at 18:42
  • @NathanC 14 hops from client to host (Verizon DSL to Cogent Fiber). 0% network usage on the host at the time apt-get is performed on the client. – AWippler Nov 12 '13 at 19:00
  • @AWippler Forgive my ignorance, but it is not clear for me what are you willing to get: increase speed of external clients? or limit it? or give preferences to some external clients before others? – Veniamin Nov 13 '13 at 07:58
  • @AWippler - I think you misunderstand me. By using apt-catcher-ng you will only have a low number of connections to the main mirror. Once an package is cached, all other clients then access the local cache. – sgtbeano Nov 13 '13 at 10:06
  • @Veniamin Yes, increased speed of external clients. No matter which external internet connection I use, the mirror only pushes out packages at 80-120KB/s. This is with the mirror's network with 0% use. – AWippler Nov 13 '13 at 19:56
  • @AWippler 100KB/s - is a not so bad speed on 14-hops distance. You can start with pure end-to-end network performance measurements using iperf. If the results will be the same, consider steps for tcp perfomance tuning. – Veniamin Nov 14 '13 at 05:07

1 Answers1

0

you can run...

"netstat | grep -i ftpsync"

...on the server and then allow the ports that it uses to the firewall. if that doesnt turn up enough info you can google about netstat to better tune you search for active ports.

but if you are using the same protocol offsite as onsite that inst your issue unless the offsite firewall restricts requests initiated by clients inside the network which isnt a super normal thing for most routers unless otherwise configured to do so (most off the shelf routers/"modems" will automatically open ports that clients request traffic on).

for limiting bandwidth to external clients i cant help you. there might be mention in the ftpsync documentation, if you can find any. a quick google turned up a 404 and something on the Debian website about making a mirror with it.

to test that it isnt just the network being sad you can try copying a file between the networks with a different protocol, like scp, and check the speed on that. then possibly check speed domain vs. ip (if you have a domain setup).

mitchell babies peters
  • 51
  • 6