Page 1 of 1
About interfaces & slow internet
Posted: Tue Apr 02, 2013 11:09 am
by konstg
Hello to all!
We have problems with "very slow internet" in our office. Below is attached pic with interfaces. Seems strange that
public interface has normal speed, on other hand, local interface has low speed.
Can somebody advice us on this matter.....?
mikr01.JPG
Re: About interfaces & slow internet
Posted: Tue Apr 02, 2013 11:45 am
by Caci99
Run torch on the public interface, and see what is going on there, on which ports and from which IPs the traffic is coming and going. I have seen some cases like this before, where the proxy was activated but not protected from the outside. This caused similar situation like yours when there was a lot of traffic on the public interface (because of proxy), but almost nothing arriving on the local network.
Re: About interfaces & slow internet
Posted: Tue Apr 02, 2013 3:09 pm
by konstg
Tnanks a lot, Caci99! I'll give a look!
What can you say about this strange behaviour: 231 Gb is used from 307 Gb and we don't see on what!
file_list1.JPG
I create access only for my network to the Proxy. But it is long time while we can see a message BUILDING CACHE. May be smth goes wrong???
web-pr-sett1.JPG
Re: About interfaces & slow internet
Posted: Tue Apr 02, 2013 3:30 pm
by Caci99
Can you post the nat rule where you redirect your LAN to the proxy? It should be something like this:
/ip firewall nat
add chain=dstnat protocol=tcp dst-port=80 in-interface=LAN action=redirect to-ports=8080
You should protect the webproxy port from the outside requests with:
/ip firewall filter
chain=input action=drop protocol=tcp in-interface=ether1 dst-port=8080
where ether1 is presumably the WAN interface
As for the HDD, I think it is your proxy populating it, that is normal.
Re: About interfaces & slow internet
Posted: Tue Apr 02, 2013 4:22 pm
by konstg
Can you post the nat rule where you redirect your LAN to the proxy? It should be something like this:
/ip firewall nat
add chain=dstnat protocol=tcp dst-port=80 in-interface=LAN action=redirect to-ports=8080
You should protect the webproxy port from the outside requests with:
/ip firewall filter
chain=input action=drop protocol=tcp in-interface=ether1 dst-port=8080
where ether1 is presumably the WAN interface
As for the HDD, I think it is your proxy populating it, that is normal.
I wrote in Access in Web-Proxy that
if ! from 192.168.0.0/24 then deny
Re: About interfaces & slow internet
Posted: Tue Apr 02, 2013 6:39 pm
by Caci99
It is better if you drop attempted connections to the webproxy from the firewall filter.
The in-interface=LAN, serves because the router will redirect only traffic from your network, which you are interested in, and not from other interfaces.
Still, you need to run torch on the WAN interface, so that you have a better picture of what is going on there.
Re: About interfaces & slow internet
Posted: Wed Apr 03, 2013 8:12 am
by konstg
Thank you a lot, Caci99!
