HPE Community
Operating System - HP-UX
1833582 Members
3741 Online
110061 Solutions
New Discussion

Re: HP/UX TCP parameters for firewall

 
Verhaeghe Rene_1
Occasional Advisor

‎06-23-2005 08:17 PM

‎06-23-2005 08:17 PM

HP/UX TCP parameters for firewall

We have three HP/UX system in a DMZ behind a firewall.

When we transfer a file between those systems, the file (400 mb) is transferred in less than 40", which is normal.

When I transfer the same file from any system outside the DMZ, the transfer time grow to 10-20 minutes. We don't have the same problem with the other systms in the DMZ, but they are not HP systems (Linux/AIX).

Is there some parameters that we can or have to tune to have a better performance on the HP system itself ?
0 Kudos
Reply
2 REPLIES 2
Ralph Grothe
Honored Contributor

‎06-23-2005 08:52 PM

‎06-23-2005 08:52 PM

Re: HP/UX TCP parameters for firewall

May I ask how you are transferring files from hosts within your shielded LAN to bastion hosts in your DMZ?
I would assume SSH?
Did you use the same transport when transferring files between hosts within the DMZ?
Is there any proxying or packet mangling involved?
Usually SSH should be no problem, however FTP can be a bit tricky.
I'd think it also depends on what kind of firewalls you are using.
Madness, thy name is system administration
0 Kudos
Reply
rick jones
Honored Contributor

‎06-27-2005 05:08 AM

‎06-27-2005 05:08 AM

Re: HP/UX TCP parameters for firewall

Check the netstat -p tcp stats. Then look at the lanadmin stats for your HP-UX NICs. Are there FCS errors or late collisions (*late* collisions, not the other kinds).

Can you run netperf through your firewalls and see what the perf is there? www.netperf.org

Do your firewalls have statistics - say for dropped packets?
there is no rest for the wicked yet the virtuous have no pillows
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.