[FX.php List] Using a web app over a VPN

Leo R. Lundgren leo at finalresort.org
Wed Mar 24 13:22:23 MDT 2010

Usually it has to do with lack of experience or knowledge, sad but  
true. But most of the sysadmins that are like this try to do a good  
job, usually just don't have the resources to keep themselves updated.

Anyway, a long shot, since you are saying that you DO have  
connectivity, just very slow, is that there is something DNS-related,  
as ggt mentioned as well. An unrelated example is when you try to  
login via SSH to a server that doesn't have working DNS and "UseDNS"  
isn't set to no in sshd_config, one might see a one-two minute delay  
after entering the password, before getting a prompt. This is because  
the server tries to lookup the client's hostname, but can't, and times  
out on that. When it it's done timing out on the DNS queries, it lets  
you in anyway.

As I said, a long shot, but weird slowdowns is often related to bad  
DNS configuration. If this could be the problem in your case I do not  
know, because I don't know what parts are involved in your solution  
and how/if they use DNS in their work. But for example, the server you  
connected to could unsuccessfully try to lookup the hostname of the  
connecting client and fail, and then cause a delay. The question in  
that case is; Are the delays you are experiencing of the same length,  
pretty consistently? If they are not, then it might be something else.  
But if you see a pattern, like this or in any other way, that's a good  

What type of VPN is it, how is it set up/configured? Sometimes when  
using VPNs there can be connectivity or performance problems due to  
the "inner" TCP/IP packets being too large to fit in the packets of  
the tunnel. This could happen for example with SSL VPNs, but can of  
course happen with other VPNs as well. Also, the possibility of a MTU  
mismatch or between the endpoints could be a similar problem I think.  
Just guessing here.

How come you cannot analyze the network traffic? If any of the two  
machines (web server and database server) are OS X, UNIX or Linux or  
similar, you should be able to use tcpdump. For Windows there's  
Wireshark, and the latter also exists for other platforms if tcpdump  
feels uncomfortable.

Anyway I guess the network guys have the ball currently :)

24 mar 2010 kl. 19.29 skrev Bob Patin:

> Well, it works, but really really slowly. Port 80 is on the list of  
> ports that I told them need to be open, so I'm waiting to see what  
> they find out once they finish their testing today.
> I would've *thought* that if I used the public IP of the website in  
> the web app, it would work, but it doesn't; I think that's because  
> the ports aren't open to the outside world.
> I strongly suspect that they've got something screwy going on, and  
> will eventually find it; it took them about a half-hour just to open  
> the right ports for me to use FMNET to get to the database on the DB  
> server... not a small company, but one wonders when it takes that  
> long just to open a few ports.
> BP
> Longterm Solutions
> bob at longtermsolutions.com
> 615-333-6858
> http://www.longtermsolutions.com
> iChat: bobpatin
> FileMaker 9 & 10 Certified Developer
> Member of FileMaker Business Alliance and FileMaker TechNet
> --
> Expert FileMaker Consulting
> FileMaker Hosting for all versions of FileMaker
> PHP • Full email services • Free DNS hosting • Colocation • Consulting
> On Mar 24, 2010, at 1:21 PM, Gjermund Gusland Thorsen wrote:
>> However there might be DNS issues.
>> remember if you are not using IPs you will have to replace the global
>> DNS settings with local ones.
> _______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.iviking.org/pipermail/fx.php_list/attachments/20100324/832d4338/attachment-0001.html

More information about the FX.php_List mailing list