slow download speed while upload speed is fine

English Network/Internet
#1

Hello to the community once again!
Nothing to do with torrents or anything specific but this issue has me fully confused.
I’ve got 4 boxes on a router. 3 are varying hardware, all those are:


OS:  Linux 3.16.7-24-desktop x86_64
System:  openSUSE 13.2 (x86_64)
KDE:  4.14.9

The fourth is a work laptop running a common, yet unworthy operating system from a proprietary vendor.

My incoming network connection is 200Mbs Down / 25Mbs Up fiberoptic ISP.
Every PC in the house (including the work laptop) gets 200Mbs download EXCEPT the main PC I use.
All testing is being done using Speedtest.net connecting directly to the ISP server.

All testing on the other boxes has been with the router in the loop and the speeds are fine.
I have taken the incoming CAT6 cable directly to the PC completely bypassing the router entirely with little improvement.
THIS specific PC can only achieve 35 sometimes 65Mbps down during testing. BUT the upload speed is always good, right at 25Mbps.
In fact the UPload speed is frequently testing faster than the download speed.

Hardware:


ASUS A8N32-SLI Deluxe 
AMD Athlon(tm) 64 X2 4800+ Socket 939 dual core 2.4MHz processor
4Gb Corsair XMS 4GB (4x1GB) CMX1024-3500LLPRO
2 onboard NICS:
   ck804 ethernet controller                  enpos19  IP Address DHCP (not used but tested.  No difference in download speed)
   88e8053 PCI-E Gigabit Ethernet Controller  enp2s0   IP Address DHCP4 (the currently and typically used NIC)
Root partion:
Western Digital WD2500HHTZ-6 Raptor drive 250Gb 10000rpm 64Mb cache
/home partitions:
Western Digital WD20EARX-00P Green 2Tb  (yes I know it's slow...)
MSi GeForce GTX 650Ti boost OC  2Gb GDDR5 / 192 bit memory bus
Netgear WNDR3700v2 Wireless/Wired 2.4/5Ghz dual band

So this is not ISP related, not cable related, and not router related. Strongly seems specific to this PC only.

**Q: ** Is there a most logical culprit here that might restrict my download speeds?
I’m really baffled as I am the only hands in the pie dough here and set up all my Linux boxes the same way.
What setting could I have screwed up here that would specifically restrict download speeds?
Any ideas?

#2

Just wanted to add some bits.
Forgot to mention that I am using Network Manager in all the Linux configurations.
I have disabled the wireless radios in the NetGear router during this troubleshooting.
And while I have switched off ipv6 in places where I know to look, I just implemented a Kernel Parameter via YaST suggested by deano ferrari from another post, that should disable it at boot up. A reboot and more testing to come…

#3

Have you considered hard drive speed? Writes are slower than reads, and
some filesystems in particular really stink at performance. An SSD can go
pretty fast, but old spinning drives, not so much.

Have you tried just uploading/downloading between boxes on your network to
rule out everything other than local connections? Assuming you have a
gigabit switch/router as I assume you do (I did not look closely at your
post to see if you specified, but the rest of your information would seem
to imply as much) you should be able to do tests between boxes that way.

Because you’re using Linux here and there, it’s simple to test network
speed without using the hard drive at all, by using ‘netcat’ and ‘dd’. On
a “server” that allows connection to port (for example) 12345, run the
following command to install and use netcat:


sudo zypper in netcat
netcat -l 12345 > /dev/null

That “service” is now listening for a connection and will send all
received data to /dev/null, so that’s great.

Next, on the “client” run the following command:


sudo zypper in netcat
time dd if=/dev/zero bs=1048576 count=100 | netcat server.ip.here 12345

That will send 100 MiBs of data to your server IP address. When done,
‘dd’ will naturally tell you the speed written, and you can also do the
math yourself (the time command at the beginning will tell you a very
reliable time for the overall operation).

If that performs properly, your problem is off of your network. I would
never expect IPv6 to really matter at this level unless you happen to talk
to slow boxes because of DNS resolution of AAAA records to slower boxes
than you’d get from A records. Still, good to test.


Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below…

#4

You may not be benchmarking properly (or you may if you are mentally accounting for the differences in what happens on this one box).

Reviewing some benchmarking “Best Practices” because how a benchmark test is designed and run is critical to how usable are the results…

The following applies to all benchmarking although focuses specifically on your scenario:

  • Generate some good baselines. This generally means in your case unaffected by use that might fill your network device and stack buffers with unrelated data. To do this, you must

– Boot from a “Cold Boot.” A Cold Boot is a machine that has been sitting powered off for at least 10 seconds… no “restart” and no benchmarking after workloads. This may not be a realistic reading of what would happen during normal use, but it’s important to first get a baseline reading.

– Run at least 3 benchmarks in succession (maybe many more) and average your results or save only an average result, discarding outliers (maybe a statistician would save them all and do a statistical analysis but I’m going to avoid recommending that approach to the average person). Benchmarking may require “warming up” the machine, filling buffers before you might see best marks.

  • After you collect some baselines, then you can run your tests under different conditions (like under normal use).

  • Know the limitations and issues involved with whatever test you use. So, for instance a typical network speed test run using a web browser will be subject to latencies and possible variances due to the OS and the web browser application. This is why you should run your tests after a cold boot which tries to remove as many possible variable results as possible but cannot eliminate causes. And, because of this you should understand that your results are mainly good for various <comparisons> only, and the actual numbers should be taken with a grain of salt. If you want to avoid all of this, then you may need to find a real mode test or use a professional meter, not run tests through your machine.

  • But, the converse of what I criticize in the above point may be actually what you might want, but you have to analyze your test properly… Maybe you’re not interested in pure numbers that try to measure actual throughput but want some kind of numbers under the conditions using a web browser. THEN, it’s OK to use the numbers you see with some understanding what is happening.

The bottom line and closing comment,
Benchmarking is like Accounting… Any set of numbers can be created to illustrate anything. Benchmarking is usually done incorrectly and is not something that can be done with zero or superficial thought about design.

And, I generally tell people who use these web browser based benchmarks that if you don’t really know what you are looking at, then the best value you can get is to monitor changes in numbers over time whenever you run the benchmark. The actual numbers themselves may be next to worthless but you may get some really useful info comparing the numbers of the test you just ran with previous times you ran that test <on the same machine> (don’t compare results between different machines if you can’t account for their differences).

As for disk write metrics… Gee, I hope I never have a machine that writes slower than my theoretical network throughput… :slight_smile:

HTH,
TSU

#5

ab I appreciate the ideas. But I’m not sure they’re addressing the issue.
And indeed this is a fine Ghz speed NetGear router.

Surely this isn’t suggesting users need to install SSD drives to download at 200Mbps?
Not one of the other machines has a harddrive anywhere near as fast as this…

Western Digital WD2500HHTZ-6 Raptor drive 250Gb 10000rpm 64Mb cache

yet they all download at 200Mbps from the ISP server.

I DID try the idea of checking intra-machine communication however I’m not familiar with the tools and not sure I’m using them right.

sudo zypper in netcat

gives this output:

Loading repository data…
Reading installed packages…
‘netcat’ not found in package names. Trying capabilities.
‘netcat-openbsd’ providing ‘netcat’ is already installed.
Resolving package dependencies…
Nothing to do.

Sounds like it’s already installed.
After several attempts and trying to decipher what I was looking at…I decided maybe I was misunderstanding.

So from my main system 192.168.1.2 (which I’m complaining is slow to download from the ISP server) I did this:

mysystem:~> time dd if=/dev/zero bs=1048576 count=100 | netcat 192.168.1.2 8050

which produced this output:

real 0m0.005s
user 0m0.001s
sys 0m0.003s

but I think that’s useless as it’s a download FROM and TO the same system So… tried another target:

mysystem:~> time dd if=/dev/zero bs=1048576 count=100 | netcat 192.168.1.7 8050

this is to the wife’s opensuse box…generates this output:

real 2m7.264s
user 0m0.000s
sys 0m0.005s

mysystem:~> time dd if=/dev/zero bs=1048576 count=100 | netcat 192.168.1.8 8050

this is to my garage opensuse box…generates this output:

real 2m7.230s
user 0m0.001s
sys 0m0.003s

Then I went off and tried this from the other direction:

my2ndsystem:~> time dd if=/dev/zero bs=1048576 count=100 | netcat 192.168.1.2 8050

this is from System#2 192.168.1.7 is to my slow acting box 192.168.1.2…generates this output:

real 2m7.328s
user 0m0.002s
sys 0m0.004s

Then

my3rdsystem:~> time dd if=/dev/zero bs=1048576 count=100 | netcat 192.168.1.7 8050

this is from System#3 192.168.1.8 is to my 2nd box 192.168.1.7…generates this output:

real 2m7.316s
user 0m0.002s
sys 0m0.004s

Then finally

my3rdsystem:~> time dd if=/dev/zero bs=1048576 count=100 | netcat 192.168.1.2 8050

this is from System#2 192.168.1.7 is to my main box with the issue 192.168.1.2…generates this output:

real 2m7.249s
user 0m0.000s
sys 0m0.004s

What I see is that they all seem to talk to each other at a similar rate.
But I don’t see how tests of this nature help troubleshoot the download speed of this PC from an common external server when all the others on the same router download at full speed.
One might think the obvious solution would be to replace the cable from router to PC… EXCEPT that I’ve connected direct from the wall to the NIC bypassing the router entirely with still miserable download speed tests.
I’m just not quite sure how to do the math on that, so not sure what that tells us.

Thanks for taking a look!

#6

Understood regarding statistics and the malleability of the conclusions based on them.
All this testing has been done ad nauseum over a period of several days. Each machine has been rebooted “cold start” several times during the course of the testing.
I’ve done it even though having to reboot these Linux machines seems “unnatural” to a degree.

And not starting any other processes after reboot excepting the browser and a Kwrite page.

The tests are relatively consistent in terms of the download speeds. And there are at least 30+ test runs at this point.
All tests being run to the same server, the ISP server which is 3hr’s drive from me. That should be about as fast as it’s going to get.
Results on all machines but this one are consistent.
192.168.1.2 never got more than 72Mhz and typically MUCH slower even with no router in the loop, CAT6 direct to the wall AND via the router like all the others.
EVERY other machine on the network has tested VERY near 200Mbps every time, router in the loop.

And indeed disabling IPV6 has accomplished nothing.

I think I’ve talked myself into my next round of tests starting with a BIOS reset to factory just to ensure there isn’t something in there I’ve tweaked incorrectly.
I’ve not got any overclocking settings configured at the moment, but that doesn’t mean something else isn’t set wrong.
And I do play with overclocking from time to time. The BIOS WOULD be something UNcommon between the 4 machines.

Thanks for your feedback!

#7

On 10/12/2015 11:06 PM, SomeSuSEUser wrote:
> I DID try the idea of checking intra-machine communication however I’m
> not familiar with the tools and not sure I’m using them right.
>
> Code:
> --------------------
> sudo zypper in netcat
> --------------------
>
> gives this output:
>> Loading repository data…
>> Reading installed packages…
>> ‘netcat’ not found in package names. Trying capabilities.
>> ‘netcat-openbsd’ providing ‘netcat’ is already installed.
>> Resolving package dependencies…
>> Nothing to do.
> Sounds like it’s already installed.
> After several attempts and trying to decipher what I was looking at…I
> decided maybe I was misunderstanding.

Already installed, so that’s great!

> So from my main system 192.168.1.2 (which I’m complaining is slow to
> download from the ISP server) I did this:
>
> Code:
> --------------------
> mysystem:~> time dd if=/dev/zero bs=1048576 count=100 | netcat 192.168.1.2 8050
> --------------------
>
> which produced this output:
>>
>> real 0m0.005s
>> user 0m0.001s
>> sys 0m0.003s
>>
> but I think that’s useless as it’s a download FROM and TO the same

exactly, well-deduced.

> system So… tried another target:
>
> Code:
> --------------------
> mysystem:~> time dd if=/dev/zero bs=1048576 count=100 | netcat 192.168.1.7 8050
> --------------------
>
> this is to the wife’s opensuse box…generates this output:
>>
>> real 2m7.264s
>> user 0m0.000s
>> sys 0m0.005s
>>

I am guessing you missed the other command that must be run on the server
side, and which must use a port that is NOT blocked by the system
firewall. The command to listen for the incoming data from the client
machine (and which must therefore be run on the server side) follows:


netcat -l 8050 > /dev/null

This command listens on TCP 8050 and sends all data to /dev/null, so if
you are not running this command, or if the firewall on this server side
is not allowing connections, the client side commands you are successfully
running are all invalid.

> Code:
> --------------------
> mysystem:~> time dd if=/dev/zero bs=1048576 count=100 | netcat 192.168.1.8 8050
> --------------------
>
> this is to my garage opensuse box…generates this output:
>>
>> real 2m7.230s
>> user 0m0.001s
>> sys 0m0.003s
>>

The time is so close it makes it seem likely that the server side is not
getting the data.

> Then I went off and tried this from the other direction:
>
> Code:
> --------------------
> my2ndsystem:~> time dd if=/dev/zero bs=1048576 count=100 | netcat 192.168.1.2 8050
> --------------------
>
> this is from System#2 192.168.1.7 is to my slow acting box
> 192.168.1.2…generates this output:
>>
>> real 2m7.328s
>> user 0m0.002s
>> sys 0m0.004s
>>

Running the command in the other direction is a good test, as long as
there is both a server side listening as well as a client side sending and
firewalls allowing it on both sides, if necessary.

> Then
>
> Code:
> --------------------
> my3rdsystem:~> time dd if=/dev/zero bs=1048576 count=100 | netcat 192.168.1.7 8050
> --------------------
>
> this is from System#3 192.168.1.8 is to my 2nd box
> 192.168.1.7…generates this output:
>>
>> real 2m7.316s
>> user 0m0.002s
>> sys 0m0.004s
>>
>
> Then finally
>
> Code:
> --------------------
> my3rdsystem:~> time dd if=/dev/zero bs=1048576 count=100 | netcat 192.168.1.2 8050
> --------------------
>
> this is from System#2 192.168.1.7 is to my main box with the issue
> 192.168.1.2…generates this output:
>>
>> real 2m7.249s
>> user 0m0.000s
>> sys 0m0.004s
>>
>
> What I see is that they all seem to talk to each other at a similar
> rate.
> But I don’t see how tests of this nature help troubleshoot the download
> speed of this PC from an common external server when all the others on
> the same router download at full speed.

The test is just to verify everything is okay on your systems testing
nothing other than the local network.

> One might think the obvious solution would be to replace the cable from
> router to PC… EXCEPT that I’ve connected direct from the wall to the
> NIC bypassing the router entirely with still miserable download speed
> tests.
> I’m just not quite sure how to do the math on that, so not sure what
> that tells us.

The math also confirms either your network is terribly reliable, as well
as being terrible, or else your tests are not yet complete. The math is
104857600 bytes divided by number of seconds (127), giving you something
less-than 1 MiB/s, meaning your intra-network connections are not even up
to 10 MBit, 100x slower than gigabit, which further supports the theory
about the missing server-side netcat command. On a gigabit connection the
command above should take about one second to complete, as that is the
amount of time a gigabit network can transfer 100 MBytes.


Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below…

#8

More info on the hardware in question might be useful

/usr/sbin/hwinfo --netcard

Check the NIC negotiation/duplex status too. With the ethernet interface connected, what is reported by ethtool? (You might need to use ‘ifconfig’ to get the interface name first)

For example, I would use

/usr/sbin/ethtool enp3s0
#9

Notes:

  • The mainboard BIOS is reset to factory.
  • Cold boot before testing.
  • Generally speaking I use enp2s0 all the time.
  • I’ve removed the ipv6 disabler code in the kernel parameters since it seemed to have no affect.

Here are those results:

192.168.1.2 # /usr/sbin/hwinfo –netcard

25: PCI 13.0: 0200 Ethernet controller

[Created at pci.328]
Unique ID: ybzU.Buw2ZJWujl6
SysFS ID: /devices/pci0000:00/0000:00:13.0
SysFS BusID: 0000:00:13.0
Hardware Class: network
Model: “nVidia CK804 Ethernet Controller”
Vendor: pci 0x10de “nVidia Corporation”
Device: pci 0x0057 “CK804 Ethernet Controller”
SubVendor: pci 0x1043 “ASUSTeK Computer Inc.”
SubDevice: pci 0x8141 “K8N4-E or A8N-E Mainboard”
Revision: 0xa3
Driver: “forcedeth”
Driver Modules: “forcedeth”
Device File: enp0s19
Memory Range: 0xfebfa000-0xfebfafff (rw,non-prefetchable)
I/O Ports: 0xc480-0xc487 (rw)
IRQ: 23 (25301 events)
HW Address: 00:e0:18:99:88:77
Link detected: no
Module Alias: “pci:v000010DEd00000057sv00001043sd00008141bc06sc80i00”
Driver Info #0:
Driver Status: forcedeth is active
Driver Activation Cmd: “modprobe forcedeth”
Config Status: cfg=no, avail=yes, need=no, active=unknown

39: PCI 200.0: 0200 Ethernet controller
[Created at pci.328]
Unique ID: c3qJ.QaYgOoJzo8E
Parent ID: 3hqH.Q0xgpa4wjL6
SysFS ID: /devices/pci0000:00/0000:00:03.0/0000:02:00.0
SysFS BusID: 0000:02:00.0
Hardware Class: network
Model: “ASUSTeK Marvell 88E8053 Gigabit Ethernet controller PCIe (Asus)”
Vendor: pci 0x11ab “Marvell Technology Group Ltd.”
Device: pci 0x4362 “88E8053 PCI-E Gigabit Ethernet Controller”
SubVendor: pci 0x1043 “ASUSTeK Computer Inc.”
SubDevice: pci 0x8142 “Marvell 88E8053 Gigabit Ethernet controller PCIe (Asus)”
Revision: 0x15
Driver: “sky2”
Driver Modules: “sky2”
Device File: enp2s0
Memory Range: 0xfc7fc000-0xfc7fffff (rw,non-prefetchable)
I/O Ports: 0x9800-0x98ff (rw)
Memory Range: 0xfc7c0000-0xfc7dffff (ro,non-prefetchable,disabled)
IRQ: 45 (28143 events)
HW Address: 00:15:f2:39:6a:34
Link detected: yes
Module Alias: “pci:v000011ABd00004362sv00001043sd00008142bc02sc00i00”
Driver Info #0:
Driver Status: sky2 is active
Driver Activation Cmd: “modprobe sky2”
Config Status: cfg=no, avail=yes, need=no, active=unknown
Attached to: #19 (PCI bridge)

then…

192.168.1.2 # /usr/sbin/ethtool enp2s0

Settings for enp2s0:
Supported ports: TP ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Half 1000baseT/Full
Supported pause frame use: No
Supports auto-negotiation: Yes
Advertised link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Half 1000baseT/Full
Advertised pause frame use: No
Advertised auto-negotiation: No
Speed: 1000Mb/s
Duplex: Full
Port: Twisted Pair
PHYAD: 0
Transceiver: internal
Auto-negotiation: on
MDI-X: Unknown
Supports Wake-on: pg
Wake-on: d
Current message level: 0x000000ff (255)
drv probe link timer ifdown ifup rx_err tx_err
Link detected: yes

then…

192.168.1.2 # /usr/sbin/ethtool enp0s19

Settings for enp0s19:
Supported ports: MII ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Supported pause frame use: No
Supports auto-negotiation: Yes
Advertised link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Advertised pause frame use: No
Advertised auto-negotiation: Yes
Speed: Unknown!
Duplex: Unknown! (255)
Port: MII
PHYAD: 1
Transceiver: external
Auto-negotiation: on
Supports Wake-on: g
Wake-on: d
Link detected: no

Thanks!

#10

I’m suspicious of your ‘nVidia CK804 Ethernet Controller’ using the forcedeth driver. This driver and particular chipsets using it are mentioned in a number threads and bug reports, although most are not recent. More testing would be needed to see if you are impacted in any way.

I’ve seen some recommendations that suggest adding a custom cofig file (eg /etc/modprobe.d/forced.conf) with

options forcedeth msi=0 msix=0

No promises though.

Have you tried comparing throughput test using the other ethernet interface? That would at least eliminate the possibility of a faulty NIC or cabling.

#11

Quite right! So I’ve revisited this with new results…
On the subject of ports, I’m quite fuzzy. I do have SAMBA enabled for all my systems. (I’ve thanked the gods repeatedly for SWERDNA’s tutorials)
To that end, in YaST I know I’ve got an exception specified for a port 8080 so I’ve switched my testing to use that known “open port”. It’s one of 2 open ports for TCP that is specified in YaST.
Also, all terminal sessions run as “su”.
(It seems backward to me. Knowing netcat is installed everywhere… that if 192.168.1.2 is my slow machine and I want to test download speed on there, then I run this command on that machine: netcat -l 8080 > /dev/null… but if this machine is “listening” how is it the server? Am I taking the term “server” too literally?)
In any case I did this:

192.168.1.2 # netcat -l 8080 > /dev/null

Next, on the “client”, in this case 192.168.1.8 I ran the following command:

time dd if=/dev/zero bs=1048576 count=100 | netcat 192.168.1.2 8080

Lo and behold I got an immediate response:
100+0 records in
100+0 records out
104857600 bytes (117M B) copied, 0.896488 s, 117MB/s

real 0m0.902s
user 0m0.014s
sys 0m0.507s

So… by the math…104857600 bytes divided by 0.896488s, yeilding 116964867.349 or as the routine provided, effectively 117Mb/s.
So that seems to confirm that I’m not going to be able to get 200Mbps down from the ISP.
Again pointing to some issue on the network internally.
Am I reading that right?

Conversely, I tried this test the other direction…

192.168.1.8 # netcat -l 8080 > /dev/null

Next, on the “client”, in this case 192.168.1.2 I ran the following command:

time dd if=/dev/zero bs=1048576 count=100 | netcat 192.168.1.8 8080

dd: error writing ‘standard output’: Broken pipe
1+0 records in
0+0 records out
65536 bytes (66 kB) copied, 127.293 s, 0.5 kB/s

real 2m7.295s
user 0m0.000s
sys 0m0.005s

Interesting, from one to the other works, albeit slowly.
From this one the other direction the same set of commands fail with a “broken pipe”…
Tried it again in case of a typo, I typed the entire string in manually, but no change…
Still got the broken pipe issue. I repeated the same set of tests 3 times from each side and got similar results each time from each direction.

FROM 192.168.1.8 time dd if=/dev/zero bs=1048576 count=100 | netcat 192.168.1.2 8080 the test works fine, but about half as fast as I need it to be.
FROM 192.138.1.2 time dd if=/dev/zero bs=1048576 count=100 | netcat 192.168.1.8 8080 fails with a “broken pipe” error.
I did ensure that I enabled the listen command on the opposite machine.

Ultimately not QUITE sure how to interpret this fully, especially the “broken pipe” comment.
Is this proving the issue mentioned by deano ferrari perhaps?
Thanks!!

#12

I have done almost all of the testing using this device. SubDevice: pci 0x8142 “Marvell 88E8053 Gigabit Ethernet controller PCIe (Asus)”
Revision: 0x15
Driver: “sky2”
Driver Modules: “sky2”
Device File: enp2s0

I think I might have read something a long time ago about that other ethernet controller being lousy and have avoided it. I tend to keep hardware a long time as I’m often borderline with finances. And as you may know the old ASUS A8N32-SLI Deluxe board I’m using is SEVERAL years old and well behind the curve of current technology I suppose.

I switched the cable to the CK804 controller, rebooted cold, and tried the intranetwork comms test again.
The system locked up and dumped the session.
Restarted cold boot and setup tests again with the CK804 Ethernet controller…
Getting “Broken Pipe” no matter which way I go now.
192.168.1.2 # time dd if=/dev/zero bs=1048576 count=100 | netcat 192.168.1.8 8080 OR
192.168.1.8 # time dd if=/dev/zero bs=1048576 count=100 | netcat 192.168.1.2 8080

So, I’m kind of assuming that the conclusion is that I’m going to HAVE to update the mainboard or buy a more capable NIC to use…
Is that the considered consensus?

Thanks so much to everyone for the help sorting this out.

#13

On 10/13/2015 09:46 PM, SomeSuSEUser wrote:
> Quite right! So I’ve revisited this with new results…
> On the subject of ports, I’m quite fuzzy. I do have SAMBA enabled for
> all my systems. (I’ve thanked the gods repeatedly for SWERDNA’s
> tutorials)

swerdna’s tutorials have been similarly complimented many times over the
years.

> To that end, in YaST I know I’ve got an exception specified for a port
> 8080 so I’ve switched my testing to use that known “open port”.

As long as another service is not using it, that’s fine. You can check,
before running netcat in listen mode, that the current system is NOT
listening with that socket using the ‘ss’ or ‘netcat’ commands; copy/paste
the following line:


ss -planeto | grep :8080 | grep 'LISTEN '

If you see something there, you may have another service already using
that socket, in which case netcat will not load listening on that socket
because it is already in use. You may have known this, but it’s a common
thing to overlook.

It’s one of 2 open ports for TCP that is specified in YaST.
Also, all terminal sessions run as “su”.

Runningas ‘root’ for any of these tests is not needed, and as a result is
not recommended. Still, it should never hurt the test, but if you typo
something the ramifications can be system-wide instead of user-specific.

-(It seems backward to me. Knowing netcat is installed everywhere…
that if 192.168.1.2 is my slow machine and I want to test download speed
on there, then I run this command on that machine: netcat -l 8080 >
/dev/null… but if this machine is “listening” how is it the
server? Am I taking the term “server” too literally?)-

With TCP there is no “server” or “client” other than during the handshake,
because in 99.99999% of situations the client connects to the server
first, but after that three-way handshake (three tiny packets) has
completed, the transfer o data can happen bidirectionally. As a result,
testing a “server” or a “client” only really refers, in this case, to who
makes the connection. We could technically change the netcat commands to
be a little more traditional, but I feel confident it would only confuse
things to those who are not interested in niggling details. With that
said, I appreciate your attention to detail; if these tests work out
properly ,we could try things differently to prove that the issue you have
is more about data flow direction than which box setup the bidirectional
connection.

In any case I did this:

Code:

192.168.1.2 # netcat -l 8080 > /dev/null

Next, on the “client”, in this case 192.168.1.8 I ran the following
command:

Code:

time dd if=/dev/zero bs=1048576 count=100 | netcat 192.168.1.2 8080

Lo and behold I got an immediate response:
100+0 records in
100+0 records out
104857600 bytes (117M B) copied, 0.896488 s, 117MB/s

real 0m0.902s
user 0m0.014s
sys 0m0.507s

Perfect, and as predicted, around one second. Yes, you’re pushing gigabit
speeds (1000 Mbit).

So… by the math…104857600 bytes divided by 0.896488s, yeilding
116964867.349 or as the routine provided, effectively 117Mb/s.
So that seems to confirm that I’m not going to be able to get 200Mbps
down from the ISP.

No, you’re confusing bits and bytes. The numbers you calculated were
effectively 117 MB/s (capital ‘b’) not Mb/s (lower-case ‘b’) and the
upper-case B means Bytes. One byte per second is eight bits per second,
so 120 MB/s is around 1000 Mb/s or 1 Gb/s. Most network things are
calculated in bits/second due to tradition, and that’s what is really
handled on the wire. Back in the modem days, the fastest 56k modems were
only going (give or take) 7K/second, but the modem had to put every bit
individually on the wire. Because this slowness was so widespread and
common among professionals as well as non-professionals, common language
still counts network things in bit/second. Confusing the two is very
common, but it will make your testing have a bad result. In truth, the
speed you just had between systems would never be possible with your ISP,
and unless your ISP really does give you 200 MB/s (vs. 200 Mb/s) the
fastest you could get from them is (200/8) 25MB/s.

Conversely, I tried this test the other direction…

Code:

192.168.1.8 # netcat -l 8080 > /dev/null

Next, on the “client”, in this case 192.168.1.2 I ran the following
command:

Code:

time dd if=/dev/zero bs=1048576 count=100 | netcat 192.168.1.8 8080

dd: error writing ‘standard output’: Broken pipe
1+0 records in
0+0 records out
65536 bytes (66 kB) copied, 127.293 s, 0.5 kB/s

real 2m7.295s
user 0m0.000s
sys 0m0.005s

Something else is wrong. This is the time we saw earlier, and you can see
that ‘dd’ only managed to send 66 KB, which is nowhere near 100 MB, so
your listener was never reached on whatever the server was this time.
Check your firewall to be sure it’s not listening. You can do so easily
using the 'iptables or iptables-save command on the server side:


/usr/sbin/iptables -nvL | grep 8080
/usr/sbin/iptables-save | grep 8080

You can also use netcat to do a port test from the client to the server to
tell you whether or not the connection is open. It should return
instantly with ‘succeeded’ or ‘open’ with respect to the socket tested:

CODE
netcat -zv 192.168.1.8 8080



&gt; Interesting, from one to the other works, albeit slowly.
&gt; From this one the other direction the same set of commands fail with a
&gt; "broken pipe"...
&gt; Tried it again in case of a typo, I typed the entire string in manually,
&gt; but no change....
&gt; Still got the broken pipe issue.  I repeated the same set of tests 3
&gt; times from each side and got similar results each time from each
&gt; direction.

The speed is fine; the chances of an ISP offering 200 MB/s is low, and
your ability to fully utilize that from one computer, where gigabit is as
fast as most non-enterprise things go, is even lower.

&gt; FROM 192.168.1.8 time dd if=/dev/zero bs=1048576 count=100 | netcat
&gt; 192.168.1.2 8080  the test works fine, but about half as fast as I need
&gt; it to be.
&gt; FROM 192.138.1.2 time dd if=/dev/zero bs=1048576 count=100 | netcat
&gt; 192.168.1.8 8080  fails with a "broken pipe" error.
&gt; I did ensure that I enabled the listen command on the opposite machine.

Yes, just your firewall may be in the way still. Fix with yast: Security
and Users: Firewall: Allowed Interfaces: Advanced: TCP: 8080:
Okay/Next/Finish/etc.

&gt; Ultimately not QUITE sure how to interpret this fully, especially the
&gt; "broken pipe" comment.
&gt; Is this proving the issue mentioned by  deano ferrari  perhaps?
&gt; Thanks!!

No, we're not there yet, as you probably now realize having made it this
far, but we'll get there.

--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below...
#14

I may sound smart, but it’s just a disguise…<wink> I just follow directions fairly well. I’m an old Navy Sonar tech and a “street geek” for years. So was long ago technically trained and I put together all my own PC’s, etc. but I’m not a software engineer or anything of the sort.
All things “commonly overlooked” are fair game without a doubt.
Also will avoid using su privileges in terminal unless required, understand the root risks.
On to testing:
I opened YaST => Security and Users => Firewall => Allowed Services => Advanced and defined port 12000 for testing purposes so I’d have something dedicated to this cause.
Saved all and closed YaST
Executed this code as su and got the result of a blank prompt, so I’m presuming that my newly opened port isn’t being utilized by another routine.

192.168.1.2 # ss -planeto | grep :12000 | grep 'LISTEN
 > ss -planeto | grep :12000 | grep 'LISTEN'
 >

So I did a ^C to stop that process as it did not return to a system prompt within a few seconds.
Not being sure that the response was right or wrong, I went to workstation #2 AND found out that I did NOT have port 8080 defined on that machine.
…sigh… So previous test failures maybe are not surprising for that reason. But now I DO have both 12000 and 8080 defined in YaST on BOTH machines.
*On some rainy day I’ll have to go back in my logs to find out why I defined 8080 in this workstation but not the other.

*Here are the tests and results:

192.168.1.8 # ss -planeto | grep :12000 | grep 'LISTEN'
192.168.1.8 #

and

192.168.1.2 # ss -planeto | grep :12000 | grep 'LISTEN'
192.168.1.2 #

So I’m getting the same results on each workstation with the system prompt returning immediately. I’m guessing that is the expected response if the ports are not engaged.
Thanks for the “server / client” explanation, helps me wrap my mind around what I’m doing a bit better.
And thanks for the math lesson as well… I knew there was a difference between bits and bytes, but I don’t ever remember which is which.
So checking now for firewall listening…

192.168.1.2 # /usr/sbin/iptables-save | grep 12000
    0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 3/min burst 5 tcp dpt:12000 flags:0x17/0x02 LOG flags 6 level 4 prefix "SFW2-INext-ACC-TCP "
     0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:12000

192.168.1.2 # /usr/sbin/iptables-save | grep 12000
 -A input_ext -p tcp -m limit --limit 3/min -m tcp --dport 12000 --tcp-flags FIN,SYN,RST,ACK SYN -j LOG --log-prefix "SFW2-INext-ACC-TCP " --log-tcp-options --log-ip-options
-A input_ext -p tcp -m tcp --dport 12000 -j ACCEPT

not sure how to interpret that, but on to the other workstation…

192.168.1.8 # /usr/sbin/iptables-save | grep 12000
    0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 3/min burst 5 tcp dpt:12000 flags:0x17/0x02 LOG flags 6 level 4 prefix "SFW2-INext-ACC-TCP "
     0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:12000

192.168.1.8 # /usr/sbin/iptables-save | grep 12000
 -A input_ext -p tcp -m limit --limit 3/min -m tcp --dport 12000 --tcp-flags FIN,SYN,RST,ACK SYN -j LOG --log-prefix "SFW2-INext-ACC-TCP " --log-tcp-options --log-ip-options
 -A input_ext -p tcp -m tcp --dport 12000 -j ACCEPT

So that appears the same at each end.
then…

192.168.1.2# netcat -l 12000 > /dev/null

followed by:

192.168.1.8 # time dd if=/dev/zero bs=1048576 count=100 | netcat 192.168.1.2 12000
100+0 records in
100+0 records out104857600 bytes (105MB) copied, 0.893992 s, 117 MB/s
real 0m0.901s
user 0m0.019s
sys 0m0.476s

trying again the math now… 117MB/s is BYTES (of 1000[SUB]2[/SUB] bits / byte), so 936Mb/s I think.
Not too bad…now from the other direction…

192.138.1.2 # time dd if=/dev/zero bs=1048576 count=100 | netcat 192.168.1.8 12000
100+0 records in
 100+0 records out
 104857600 bytes (105 MB) copied, 0.868201 s, 121 MB/s
real    0m0.907s
user    0m0.023s
sys     0m0.706s

…and the math… 121MB/s is BYTES (of 1000[SUB]2[/SUB] bits / byte), so 968Mb/s I think.
Again not bad right?.. as close to 1G as is reasonable to expect as it sounds.
So now I know that the systems are talking to each other at about the expected rate of data transmission. I think.

I did re-run the tests on the ISP’s server using speedtest.net which is what the ISP tech advised they use for testing their connections.

192.168.1.2  still only seeing  72.06Mbps down and 10.66Mbps up.

192.168.1.8  still shows me   203.63Mbps down and 16.40Mbps up.

ISP advertised fibreoptic connection speeds: 200Mbps down/ 25Mbps up.
So it seems my network is talking normally box to box.[FONT=Droid Sans][size=2]
Yet 192.168.1.2 doesn’t download from the ISP anywhere near fast enough.

Thanks for your review and thoughts about where to look next for the discrepancy.

[/size][/FONT]

#15

On 10/14/2015 02:16 PM, SomeSuSEUser wrote:
>
> ab;2732195 Wrote:
>> On 10/13/2015 09:46 PM, SomeSuSEUser wrote:ss -planeto | grep
>> :8080 | grep 'LISTEN 'If you see something there, you may
>> have another service already using that socket, in which case netcat
>> will not load listening on that socket because it is already in use. You
>> may have known this, but it’s a common thing to overlook.
> I may sound smart, but it’s just a disguise…<wink> I just
> follow directions fairly well. I’m an old Navy Sonar tech and a
> “street geek” for years. So was long ago technically trained and I
> put together all my own PC’s, etc. but I’m not a software engineer or
> anything of the sort.

Whatever you have, it works. Sometimes the thinking process is the
hardest to teach, and sometimes getting people to follow directions is the
hardest. Well done getting past those two hurdles already.

> On to testing:
> I opened YaST => Security and Users => Firewall => Allowed
> Services => Advanced and defined port 12000 for testing purposes so I’d
> have something dedicated to this cause.
> Saved all and closed YaST
> Executed this code as su and got the result of a blank prompt, so I’m
> presuming that my newly opened port isn’t being utilized by another
> routine.
>
> Code:
> --------------------
> 192.168.1.2 # ss -planeto | grep :12000 | grep 'LISTEN
> > ss -planeto | grep :12000 | grep ‘LISTEN’
> >
> --------------------
>
> So I did a ^C to stop that process as it did not return to a
> system prompt within a few seconds.
> Not being sure that the response was right or wrong, I
> went to workstation #2 AND found out that I did NOT have port 8080
> defined on that machine.

Yes, likely caused your prior issue. Oh well, as the new tests all look good.

> …sigh… So previous test failures maybe are not surprising for that
> reason. But now I DO have both 12000 and 8080 defined in YaST on BOTH
> machines.
> -On some rainy day I’ll have to go back in my logs to
> find out why I defined 8080 in this workstation but not the
> other.
>
> -Here are the tests and results:
>
> Code:
> --------------------
> 192.168.1.8 # ss -planeto | grep :12000 | grep ‘LISTEN’
> 192.168.1.8 #
> --------------------
>
> and
>
> Code:
> --------------------
> 192.168.1.2 # ss -planeto | grep :12000 | grep ‘LISTEN’
> 192.168.1.2 #
> --------------------
>
> So I’m getting the same results on each workstation with the
> system prompt returning immediately. I’m guessing that
> is the expected response if the ports are not engaged.

Yes, precisely.

> So checking now for firewall listening…
>
> Code:
> --------------------
> 192.168.1.2 # /usr/sbin/iptables-save | grep 12000
> 0 0 LOG tcp – * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp dpt:12000 flags:0x17/0x02 LOG flags 6 level 4 prefix "SFW2-INext-ACC-TCP "
> 0 0 ACCEPT tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:12000
> --------------------
>
>
> Code:
> --------------------
> 192.168.1.2 # /usr/sbin/iptables-save | grep 12000
> -A input_ext -p tcp -m limit --limit 3/min -m tcp --dport 12000 --tcp-flags FIN,SYN,RST,ACK SYN -j LOG --log-prefix "SFW2-INext-ACC-TCP " --log-tcp-options --log-ip-options
> -A input_ext -p tcp -m tcp --dport 12000 -j ACCEPT
> --------------------
>
> not sure how to interpret that, but on to the other

Basically both commands show the same thing, that the system will ACCEPT
data on TCP 12000 from any address, and that if something is listening for
data, it will be given the data, rather than having it blocked by the system.

> workstation…
>
> Code:
> --------------------
> 192.168.1.8 # /usr/sbin/iptables-save | grep 12000
> 0 0 LOG tcp – * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 tcp dpt:12000 flags:0x17/0x02 LOG flags 6 level 4 prefix "SFW2-INext-ACC-TCP "
> 0 0 ACCEPT tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:12000
> --------------------
>
>
> Code:
> --------------------
> 192.168.1.8 # /usr/sbin/iptables-save | grep 12000
> -A input_ext -p tcp -m limit --limit 3/min -m tcp --dport 12000 --tcp-flags FIN,SYN,RST,ACK SYN -j LOG --log-prefix "SFW2-INext-ACC-TCP " --log-tcp-options --log-ip-options
> -A input_ext -p tcp -m tcp --dport 12000 -j ACCEPT
> --------------------
>
> So that appears the same at each end.

Yes, so both systems’ processes can receive data on TCP 12000.

> then…
>
> Code:
> --------------------
> 192.168.1.2# netcat -l 12000 > /dev/null
> --------------------
>
> followed by:
>
> Code:
> --------------------
> 192.168.1.8 # time dd if=/dev/zero bs=1048576 count=100 | netcat 192.168.1.2 12000
> 100+0 records in
> 100+0 records out104857600 bytes (105MB) copied, 0.893992 s, 117 MB/s
> real 0m0.901s
> user 0m0.019s
> sys 0m0.476s
> --------------------
>
> trying again the math now… 117MB/s is BYTES (of
> 10002 bits / byte), so 936Mb/s I think.
> Not too bad…now from the other

Rather good, really. Getting 100% of potential is basically impossible.
A common assumption is that you can get 70-80% of your potential
throughput, though lately with good hardware I’ve seen 90% regularly. The
70% numbers may be letovers from when we suffered with hubs instead of
switches and their resulting packet collisions. shudder

> direction…
>
> Code:
> --------------------
> 192.138.1.2 # time dd if=/dev/zero bs=1048576 count=100 | netcat 192.168.1.8 12000
> 100+0 records in
> 100+0 records out
> 104857600 bytes (105 MB) copied, 0.868201 s, 121 MB/s
> real 0m0.907s
> user 0m0.023s
> sys 0m0.706s
> --------------------
>
> …and the math… 121MB/s is BYTES (of 10002 bits / byte), so
> 968Mb/s I think.
> Again not bad right?.. as close to 1G as is reasonable to
> expect as it sounds.

Exactly. Your boxes and network are capable of going nearly 5x faster
than your ISP’s advertised max download rate, and for both uploads and
downloads. The problem is very likely NOT your system.

> I did re-run the tests on the ISP’s
> server using speedtest.net which is what the ISP tech advised they use
> for testing their connections.
>
> Code:
> --------------------
> 192.168.1.2 still only seeing 72.06Mbps down and 10.66Mbps up.
> --------------------
>
>
> Code:
> --------------------
> 192.168.1.8 still shows me 203.63Mbps down and 16.40Mbps up.
> --------------------
>
> ISP advertised fibreoptic connection speeds: 200Mbps down/ 25Mbps up.
> So it seems my network is talking normally box to box.
> Yet 192.168.1.2 doesn’t download from the ISP anywhere near fast enough.

The only thing that comes immediately to mind may be some kind of
Quality-of-Service (QoS) feature of your router. It is not uncommon for
those to have the ability (not usually implemented by default, in my
experience) to throttle some boxes over others. For example, in my home
my systems are given priority, and any guests are given less priority
because they get my awesome network for convenience for free, but I need
it to do real work. Again, not default usually, but it may be worth
checking your router’s settings to see if one box is throttled. Swapping
IPs of boxes (2 with 8) would likely also verify it is or is not
QoS-related, since I’ve only ever seen QoS based on IP addresses (vs. MAC
addresses).


Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below…

#16

Well I did enjoy learning these processes in any case.
But consider these two points:

  1. I’ve taken the router and swapped the lines on ports 1 & 3. Putting the slow PC on the fast port, and the fast PC on the slow port… in a manner of speaking.
    Powered down and restarted the router and both workstations. The results? The slow PC is still slow and the fast PC is still fast.
  2. I’ve taken the router completely out of the loop, direct from the fibreoptic box => wall jack => PC …and she remains a drag.

I just can’t fathom what to make of it…we’ve ruled out the NIC’s being an issue since I’m able to run comms tests close to the limits… I’m just walking in circles…
The good news is while I haven’t yet got an answer yet, I think I lost a couple of pounds of weight running back and forth doing testing of my workshop PC vs. the office PC which are at opposite ends of the house! …So i’ve got THAT going for me anyway… :wink:
Still mulling things around in my bean… perhaps now a full-on factory reset of the router… perhaps I’ll just tell the wife that the community suggests I upgrade to newer hardware… :nerd:
Anyone with an idea do feel free to ring in!

#17

Your NIC config readout says you have auto-negotiation on, which is a notorious possible problem.

Disable auto-negotiation and force the speed you want (for whatever networking you have). If you’re not running gigabit or “slow” ethernet, set to "fast ethernet) (100mbits/sec). But, that speed will be slow since you say you should be getting at least 200mbits/sec.

And, of course be clear whether you’re really expecting or reading MBytes/sec or Mbits/sec… That’s a diff of 8x.

TSU

#18

OK I did some digging and found that if I run this command:

ethtool -s enp2s0 duplex full speed 1000 autoneg off

It does indeed turn the auto-negotiation off.
But then I’m not sure if I should need to restart the session, reboot the machine, or just let it percolate for a few minutes before trying the test again.
I did restart after resetting with the above command. But after a reboot, the autoneg had been re-enabled.
I poked around in /etc and didn’t find a config file that seemed likely and had the term autoneg in it, but there are a lot of files in the tree of course.

How do I set it permanently off?

I do understand there is a significant difference between 200MB and 200Mb however I’m not certain how the ISP declares their speed.
But isn’t it somewhat irrelevant in terms of comparison one machine to the next? Whether bits or bytes, I think the machines should all demonstrate similar download speed numbers, generally speaking, yet they are far apart.
And in any case the upload speed number should not be x2 the download speed number, whether bits or bytes.
Or has my train of thought run off the rails?

Thanks for the push forward!

#19

Typically, if you edit or create that setting in the network interface file instead of by command line, it’s permanent.

When you monitor your throughput, you just need to apply some common sense as well as wariness when you read Bytes or bits, If you’re using something like netcat consistently for all your tests then you have total control over, and understand what is happening. But, if you’re using or combining testing with tools provided by others (which in itself is a suspicious practice for many reasons), you need to be aware that the tools themselves may not be reporting correctly… Yes, I’ve seen ISP and other tools confuse Bytes and bits.

TSU

#20

Yes indeed.
I spend a good bit of time making some guesses in the /etc folder but didn’t find a config file that seemed to be appropriate.
Even poking around in YaST, I didn’t find a setting to change to make that permanent.

Would you know the path to the config file or what file name I should be looking for?