How can I increase the rate limits of the firewall rules?
-
Hello!
We are sending data from a Bulgarian server (where our net app is) to a server in Germany (where our website is) for product update purposes. Recently, maybe a few weeks ago, the transfer time increased from 7-12 mins to ~45-60 mins. And 2 days ago we receive a timeout error in the net app. We have contacted the hosting provider in Germany and our internet provider in Bulgaria because we think it might be a network issue. The guys from Germany have replayed that the packets loss (checked with MTR report and it is ~4-5%) is probably because of the rate limits that the firewall has, however, they said they are not very familiar with Cloudron and aren't 100% sure. While we are still investigating the cause of this error and the increased sending time, I am willing to increase the limits for test purposes. Do you guys think that this might be the issue?
-
@vova Let me double check but Cloudron has no rate limits for outbound connections. Only for incoming connections. If it's interesting, the full firewall and rate limits are here - https://git.cloudron.io/cloudron/box/-/blob/master/setup/start/cloudron-firewall.sh
-
@vova Also, maybe you can just upload a random large file from one server to another via scp or something. That would be a good way to check if it's a Cloudron issue or some general networking issue.
-
@girish said in How can I increase the rate limits of the firewall rules?:
Only for incoming connections
Thank you. The connections are incoming, I think. We send packets from server 1 to server 2 (server 2 is where Cloudron is). The packets are product data like updated prices, discounts, quantities (100 products per packet), and the packet is 40-50kb, the total number of products is ~4100.
-
@vova So, it's coming to a Cloudron app (if so which app is this?) or some program you have installed external to Cloudron? If it's related to cloudron firewall, you will see a log message in
dmesg
(https://git.cloudron.io/cloudron/box/-/blob/master/setup/start/cloudron-firewall.sh#L55). There will be a "IPTables RateLimit" log message. Do you see something like that? -
Hello, I had to replay from this profile (in my office) as I forgot which email I have used for the other profile at home
Anyway, please find the log below - I can't exactly see IPTables RateLimit, but I see some drops which maybe are some limits also? This log is when we try to send 100 product data per batch - it gives an error at 100-200. When we send 50 products data per batch it is okay but kinda slow.
-
@Vladimir Quick question: so if you upload something from the server to your main destination (any random data), is it fast? How about if you upload the same data via the Web Terminal of the app?
-
@girish Since yesterday we can't even send 50 products per batch (which is 30-40kb) without an error - it is super slow and there is a timeout error. We have tried to send very small data (the data for only 1 product, which is under 0,7kb) and there was an error again.
-
@Vladimir Can you send me a mail on support@cloudron.io? Let's try to figure where it's failing.
-
-
Follow up from the customer: "The issue here turned out to be that in Wordpress, WP Rocket caching plugin was used. This plugin automatically starts to preload the cache of each page once something in the site has been updated. The preload itself causes some stress on the CPU and maybe some other processes. Turning off the plugin, the products were sent for less than 2 mins."
They are working with the WP Rocket team to find a workaround.