|Sprache - Language: Deutsch English||Page last changed January/6/2006 by firstname.lastname@example.org¹|
GmuSoft - Gerhard Mueller Software Development
This article relates to
SUSE Linux 9.0 and SUSE Linux 10.0 (by Novell)
accessing the internet through a router
DrayTek Vigor 2500We with firmware V 2.3.12 (German) of 14.11.2003
via German DSL (T-DSL).
It may also relate to other versions of Linux and other routers incorporating a Linux derivate, and possibly also to Linux-PCs connected to the internet in other ways.
I have a small local network that is connected to the internet via German DSL (T-DSL)
by means of a router that incorporates an ADSL modem.
The router is of type DrayTek Vigor 2500We with firmware V 2.3.12 (German) of 14.11.2003.
Internet access in this setup is very fast from Windows 98 and Windows XP (after having set appropriate MTU, Rwin and TTL values) - internet pages show up almost immediately.
But when accessing an internet page from SuSE Linux 9.0 (on the same PC),
internet access is so slow that I could almost go out for a walk before the
page shows up, even after setting proper values for
MTU, MRU and MSS.
The same applies to SuSE Linux 10.0 in the same environment.
It seems to be a problem of name resolution
(translation of names such as www.xxx.de into IP-addresses)
and it is definitely a communication problem between Linux and the router.
Very likely the Network Address Translation (NAT) or masquerading in the router
does not work as it should.
For an analysis of the problem refer to Slow Internet Access - Suse Linux 9.0 and router DrayTek Vigor 2500We - Analysis
The problem has been reported to both DrayTek and SuSE in February 2004, and it is probably solved in new versions of the firmware from DrayTek (not yet tested by me).
You should check the values set for MTU, MRU, and MSS. Improper values, especially too high a value for MTU in a DSL-environment (maximum 1492 for german T-DSL), may also lead to slow data transfer from/to the internet, or may even make certain servers unreachable.
A number of solutions could be thought of. However, so far I tried only the one using an own domain name server.
The router firmware that the problem applies to is dated 11/14/2003,
and the problem is known at least since February 2004.
New firmware has been released since then, e.g. v.2.54 german of 12/15/2004 or v.2.55 english of 6/8/2005.
It is very likely that the problem has been solved in newer releases of the firmware. However, I have not yet checked that.
A possible solution might also be to use two IP-addresses for the Ethernet connection:
One static address used for communication within the LAN,
and a dynamically assigned one for communication with the internet.
This seems to be the way that Windows works.
I do not know how this is accomplished. You will probably have to use IP aliasing with the definition of something like
eth0:0 with the static local address, and
eth0:1 with a dynamically assigned internet address.
Refer to www.faqs.org/docs/Linux-mini/IP-Alias.html or possibly also to www.tldp.org/HOWTO/Networking-Overview-HOWTO.html.
I did not try and check this possibility.
A possible solution - although fairly unlikely - might be to play around with the firewall settings.
You would probably have to make the firewall settings less stringent, sacrificing security.
This however, if it works at all, might only be a temporary work-around.
I did not try and check this possibility.
Since the problem seems to be mainly a problem of name resolution,
a possible solution is to install a local domain name server (DNS) under Linux,
and to use it as the first name server to be asked for name resolution.
What it does is to store the translations between names and IP-adresses for quite some time once translations have been found. This still lets the first resolution of an unknown name be slow, but all further resolutions are very fast.
How you install and configure the local name server, see below.
I tried and checked this possibility, and it works very well, although not perfect. After setting up the DNS, data exchange with the internet runs very fast.
Install your own DNS server under Linux and use it locally.
You do this in Yast.
If you have the standard installation you need to install bind first. Yast will guide you through this.
Provided your connection to the router is through eth0,
your specification for eth0 must include 127.0.0.1 (localhost = Io) as the first name server.
This alone is sufficient. If you specify others as secondary DNS, this does not harm.
You need the following settings for the network interface and the DNS,
assuming the router has the IP-address 192.168.1.1
(written down for Linux 10.0, Linux 9.x is similar):
Network card or network controller respectively:
Device type: ... Device name: eth0 (Linux 9.x) or eth-bus-pci-0000:... (Linux 10.0, the naming convention has changed) respectively Hostname: xxxxx IP-Address: 192.168.1.x (a free IP-Address in the LAN with x between 2 and 254) Subnet mask: 255.255.255.0 Nameserver 1: 127.0.0.1 - localhost = the nameserver on the local Linux - must be defined as first nameserver Nameserver 2: 192.168.1.1 - the router to the internet Nameserver 3: .... - for safety a second nameserver, not necessary if the name server in the router works correctly Routing: Standardgateway: 192.168.1.1 - the router to the internet Special settings: MTU: 1492 - the maximum value for an internet connection via German DSL (Maximum Transfer Unit) Aktivation: System start Firewall zone: External zoneDomain Name Server
Forwarders: PPP-Daemon ... List: 192.168.1.1 - the nameserver in the router .... - for safety a second nameserver, should not be necessary if the name server in the router works correctly Protocol: System DNS-Zones: - Start service: At system start Open firewall port: No
Created by: Gerhard Mueller, Germany, Herrenberg, email@example.com¹
Responsibility for this page and comments to: http://www.gmusoft.de/gmuwebe.htm
Creation/change date: 16.02.2004/06.01.2006