March 27, 20179 yr Hello, everyone! Never before posted on the LimeTech forums but I have been silently using unRAID for the past few months. I have recently noticed that when I'm on a different subnet I get different transfer speeds. When I'm on the same subnet as the server, I get 108MB/s write (cache) and 100MB/s read (array). The unRAID server runs on a (public) dedicated IP address, behind a firewall, with 2 NICs. My computer also, usually, runs on a dedicated IP address in the same subnet. Both subnets are controlled by the same router. When I transfer to and from the unRAID server on the same subnet, I get 108MB/s write to the cache and 100MB/s read from the array. However, when I am on a different subnet (but still local), I get 17MB/s read and 17MB/s write. I initially suspected that data was being routed through the internet and back to my server, but my internet connection is only capable of 2-3MB/s up and 8MB/s down, so that theory isn't correct. What could be causing this odd behaviour? Am I simply overlooking something? If any further information is required, let me know. -- Brodie
March 28, 20179 yr Not entirely sure how to help here as more details from your network environment will be needed -- though the first thing I would be looking at is how exactly your router is switching traffic. That could be the limiting factor (equipment can't handle it), it could be a mis-configuration (you may be missing a static route or two between these subnets). What router do you have? Is it L3 capable (it's a router, so hopefully it is)? Extra points: Is the gateway address on both clients the same? And just for curiosity, even with multiple public ip's, why different subnet? Over 255 devices?
March 28, 20179 yr Author 4 hours ago, avluis said: Not entirely sure how to help here as more details from your network environment will be needed -- though the first thing I would be looking at is how exactly your router is switching traffic. That could be the limiting factor (equipment can't handle it), it could be a mis-configuration (you may be missing a static route or two between these subnets). What router do you have? Is it L3 capable (it's a router, so hopefully it is)? Extra points: Is the gateway address on both clients the same? And just for curiosity, even with multiple public ip's, why different subnet? Over 255 devices? Hi, and thanks for your reply! The router is a DrayTek Vigor 2860n with two LANs setup and inter-lan routing enabled is between the two. I have attempted to create static routes between the two subnets, but the router simply deletes them - I suspected it was because the inter-lan routing feature is available. I have successfully used the static routes in the past, so I know that they aren't broken. I'm not sure exactly whether the router is L3 capable, although I reckon it is. It hasn't been stated in documentation that I've read though. The public IP addresses are provided by my ISP and that is why they are on a different subnet. We have a block of IP addresses. EDIT: forgot to mention, each subnet does have a different gateway. Thanks! -- Brodie Edited March 28, 20179 yr by brodie124 Missed info & typo
March 28, 20179 yr I don't think I've worked with a Vigor in my bit of networking, but the Ubiquiti name kept popping up every time I searched for any documentation for this router. That's a bit confusing as taking a look at the interface of the router (in the manual) showed something entirely different than what Ubiquity uses, then again, it could simply be an UI layer on top of the Ubiquity software -- that's besides the point though. If it is running Ubiquity software in there, then it should support just about anything, as that is a combination of different linux utilities based on vyatta. Anyways, what's giving you the biggest problem atm is having different gateways between these subnets -- a common gateway will resolve communication between networks and simply route. Sans a common gateway and you would need additional hardware (or software defined hardware) to take care of routing at a higher level which would then have their own switching equipment for each device that needs to be in their own subnet -- in this case, they could have their own gateway, but that address must know (a static path at the higher level device) how to communicate with other gateways in order to communicate with other devices (on their own gateway). Looking at your router, I would do one of the following: - If you NEED each device to have their own IP address: Set a common gateway between each device at the router level -- the subnet can be as wild as you want it (as long as it follows local subnet standards -- don't go too crazy). - If you NEED an always online connection: Make use of the auto-failover on that router (this is something I seen done more often when assigned multiple drops by an ISP, though normally with a different ISP or a different switch from the same ISP). From there, same thing as above, common gateway, etc. A few other pointers: unRAID should not be public facing (make sure those firewall rules are good) and it is best reserved behind a NAT, but I won't tell you can't do this, only that you shouldn't (at least until it gets more crypto support on that webUI -- I'm hearing rumors about nginx running behind the scenes in the future). A common gateway is the key to getting devices on different subnets to communicate with one another -- this gateway is usually in place at the highest branch (the router/firewall) in your network topology -- any switching devices with their own subnet still have that gateway in common. If you network exceeds common allocation then I officially denote you as an ISP; note that a Class C IPV4 network (mask 255.255.255.0) can handle 254 nodes (devices) -- 0 and 255 are reserved -- a Class B IPV4 network: 192.168.x.x (mask 255.255.0.0) can handle 16381 nodes (devices) with 0 and 16383 reserved. As a general networking rule; If you aren't offering services (hosting, etc), then it doesn't need a public IP (no matter how many blocks you get assigned by your ISP). While the idea of having your own public IP for each device is lovely, it will often require additional equipment and it is usually not meant to be handled by a single device in a node. I won't say you can't do the above, but do know that it does complicate things needlessly (definitely not a plug and play scenario). Note that everything I said above is not meant in any way as an insult -- I just like going into detail and simply love sharing what I know. If you have any other questions for me, feel free to ask~
March 28, 20179 yr Author 25 minutes ago, avluis said: I don't think I've worked with a Vigor in my bit of networking, but the Ubiquiti name kept popping up every time I searched for any documentation for this router. That's a bit confusing as taking a look at the interface of the router (in the manual) showed something entirely different than what Ubiquity uses, then again, it could simply be an UI layer on top of the Ubiquity software -- that's besides the point though. If it is running Ubiquity software in there, then it should support just about anything, as that is a combination of different linux utilities based on vyatta. Anyways, what's giving you the biggest problem atm is having different gateways between these subnets -- a common gateway will resolve communication between networks and simply route. Sans a common gateway and you would need additional hardware (or software defined hardware) to take care of routing at a higher level which would then have their own switching equipment for each device that needs to be in their own subnet -- in this case, they could have their own gateway, but that address must know (a static path at the higher level device) how to communicate with other gateways in order to communicate with other devices (on their own gateway). Looking at your router, I would do one of the following: - If you NEED each device to have their own IP address: Set a common gateway between each device at the router level -- the subnet can be as wild as you want it (as long as it follows local subnet standards -- don't go too crazy). - If you NEED an always online connection: Make use of the auto-failover on that router (this is something I seen done more often when assigned multiple drops by an ISP, though normally with a different ISP or a different switch from the same ISP). From there, same thing as above, common gateway, etc. A few other pointers: unRAID should not be public facing (make sure those firewall rules are good) and it is best reserved behind a NAT, but I won't tell you can't do this, only that you shouldn't (at least until it gets more crypto support on that webUI -- I'm hearing rumors about nginx running behind the scenes in the future). A common gateway is the key to getting devices on different subnets to communicate with one another -- this gateway is usually in place at the highest branch (the router/firewall) in your network topology -- any switching devices with their own subnet still have that gateway in common. If you network exceeds common allocation then I officially denote you as an ISP; note that a Class C IPV4 network (mask 255.255.255.0) can handle 254 nodes (devices) -- 0 and 255 are reserved -- a Class B IPV4 network: 192.168.x.x (mask 255.255.0.0) can handle 16381 nodes (devices) with 0 and 16383 reserved. As a general networking rule; If you aren't offering services (hosting, etc), then it doesn't need a public IP (no matter how many blocks you get assigned by your ISP). While the idea of having your own public IP for each device is lovely, it will often require additional equipment and it is usually not meant to be handled by a single device in a node. I won't say you can't do the above, but do know that it does complicate things needlessly (definitely not a plug and play scenario). Note that everything I said above is not meant in any way as an insult -- I just like going into detail and simply love sharing what I know. If you have any other questions for me, feel free to ask~ 9 Hi, thank you for the great amount of detail. None of it was taken as an insult, and I love the depth you went into. The firewall rules prevent any connections from being made to the server unless they were established by itself or are an exception - e.g. file sharing, TeamSpeak, plex, etc. I am 100% open to suggestions and improvements, so any pointers on how to not have the unRAID server public-facing but also have my services accessible elsewhere would be greatly appreciated! Each device in my home doesn't run a public IP, however. Only the unRAID server, alongside a couple of VM's (configured properly and securely), as well as my personal computer if I decide to host a game server for my friends - much more convenient to switch to an IP with a firewall rule configured for typical game server ports that I use than to look up my IP every time. I will look into creating a common gateway. Thanks a lot for your help! -- Brodie
Archived
This topic is now archived and is closed to further replies.