Solved

Port 80 performance slow compared to port 8080

Posted on 2004-08-23
7
1,241 Views
Last Modified: 2008-03-17
We have a web server sitting in a DMZ. Performance when connecting to the site from the outside world is fine, but it's remarkably sluggish when connecting from the inside. There are no firewall blocks set up and syslog shows no complaints. Also, our content filter is not touching this site. A sniff shows multiple lost segments and retransmits.

However, our dev site on the same server, going over port 8080, is lightning fast (from inside or out). The production site is fast on the web server itself, but is slow from another machine in the same DMZ. Strangely (to me, anyway) if I change the IIS settings for the production site to 8080 (from 80) it, too, is suddenly very fast from the inside.

There are no access rules affecting the box internally, and the internal DNS is set up properly.

Is there something with PIX that affects port 80 traffic that is not obvious at first glance? Or a bug in the IOS?
0
Comment
Question by:chabuhi
  • 2
  • 2
7 Comments
 
LVL 10

Expert Comment

by:avidya
ID: 11872762
Hi,

You didn't specify the versions you are using, but maybe this link will help you
http://www.cisco.com/pcgi-bin/search/search.pl
Search for: pix 80 8080 slow
0
 
LVL 1

Author Comment

by:chabuhi
ID: 11873072
I'm sorry -- left that out in my haste to go fatten myself up some more ...

Server is Win 2003

IIS 6.0

Cisco FWSM 1.2.3
0
 
LVL 10

Expert Comment

by:avidya
ID: 11873612

Maybe you can use the troubleshooting options:
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/mod_icn/fwsm/fwsm_2_2/fwsm_cfg/monitor.htm
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/mod_icn/fwsm/fwsm_2_2/fwsm_ref/df.pdf

From wath I read it looks like a problem with the settings in combination with the dmz.
Maybe you are better of reallocating your question in the Networking or security area?
0
 
LVL 1

Accepted Solution

by:
chabuhi earned 0 total points
ID: 11953721
Turns out there were a number of contributing factors -- filter ties to the old webserver, firmware out of date on the server NIC, etc. No points awarded as solution was discovered internally.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question