Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Port 80 performance slow compared to port 8080

Posted on 2004-08-23
7
Medium Priority
?
1,332 Views
Last Modified: 2008-03-17
We have a web server sitting in a DMZ. Performance when connecting to the site from the outside world is fine, but it's remarkably sluggish when connecting from the inside. There are no firewall blocks set up and syslog shows no complaints. Also, our content filter is not touching this site. A sniff shows multiple lost segments and retransmits.

However, our dev site on the same server, going over port 8080, is lightning fast (from inside or out). The production site is fast on the web server itself, but is slow from another machine in the same DMZ. Strangely (to me, anyway) if I change the IIS settings for the production site to 8080 (from 80) it, too, is suddenly very fast from the inside.

There are no access rules affecting the box internally, and the internal DNS is set up properly.

Is there something with PIX that affects port 80 traffic that is not obvious at first glance? Or a bug in the IOS?
0
Comment
Question by:chabuhi
  • 2
  • 2
4 Comments
 
LVL 10

Expert Comment

by:avidya
ID: 11872762
Hi,

You didn't specify the versions you are using, but maybe this link will help you
http://www.cisco.com/pcgi-bin/search/search.pl
Search for: pix 80 8080 slow
0
 
LVL 1

Author Comment

by:chabuhi
ID: 11873072
I'm sorry -- left that out in my haste to go fatten myself up some more ...

Server is Win 2003

IIS 6.0

Cisco FWSM 1.2.3
0
 
LVL 10

Expert Comment

by:avidya
ID: 11873612

Maybe you can use the troubleshooting options:
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/mod_icn/fwsm/fwsm_2_2/fwsm_cfg/monitor.htm
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/mod_icn/fwsm/fwsm_2_2/fwsm_ref/df.pdf

From wath I read it looks like a problem with the settings in combination with the dmz.
Maybe you are better of reallocating your question in the Networking or security area?
0
 
LVL 1

Accepted Solution

by:
chabuhi earned 0 total points
ID: 11953721
Turns out there were a number of contributing factors -- filter ties to the old webserver, firmware out of date on the server NIC, etc. No points awarded as solution was discovered internally.
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

876 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question