Solved

Port 80 performance slow compared to port 8080

Posted on 2004-08-23
7
1,276 Views
Last Modified: 2008-03-17
We have a web server sitting in a DMZ. Performance when connecting to the site from the outside world is fine, but it's remarkably sluggish when connecting from the inside. There are no firewall blocks set up and syslog shows no complaints. Also, our content filter is not touching this site. A sniff shows multiple lost segments and retransmits.

However, our dev site on the same server, going over port 8080, is lightning fast (from inside or out). The production site is fast on the web server itself, but is slow from another machine in the same DMZ. Strangely (to me, anyway) if I change the IIS settings for the production site to 8080 (from 80) it, too, is suddenly very fast from the inside.

There are no access rules affecting the box internally, and the internal DNS is set up properly.

Is there something with PIX that affects port 80 traffic that is not obvious at first glance? Or a bug in the IOS?
0
Comment
Question by:chabuhi
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
7 Comments
 
LVL 10

Expert Comment

by:avidya
ID: 11872762
Hi,

You didn't specify the versions you are using, but maybe this link will help you
http://www.cisco.com/pcgi-bin/search/search.pl
Search for: pix 80 8080 slow
0
 
LVL 1

Author Comment

by:chabuhi
ID: 11873072
I'm sorry -- left that out in my haste to go fatten myself up some more ...

Server is Win 2003

IIS 6.0

Cisco FWSM 1.2.3
0
 
LVL 10

Expert Comment

by:avidya
ID: 11873612

Maybe you can use the troubleshooting options:
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/mod_icn/fwsm/fwsm_2_2/fwsm_cfg/monitor.htm
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/mod_icn/fwsm/fwsm_2_2/fwsm_ref/df.pdf

From wath I read it looks like a problem with the settings in combination with the dmz.
Maybe you are better of reallocating your question in the Networking or security area?
0
 
LVL 1

Accepted Solution

by:
chabuhi earned 0 total points
ID: 11953721
Turns out there were a number of contributing factors -- filter ties to the old webserver, firmware out of date on the server NIC, etc. No points awarded as solution was discovered internally.
0

Featured Post

Ready to get started with anonymous questions?

It's easy! Check out this step-by-step guide for asking an anonymous question on Experts Exchange.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question