some firewall or router in between your machine and the other machine that is very overloaded and/or very misconfigured.
Time for a "war story" about missing communication between departments.
In my first job, there were two IT departments for historic reasons. The bigger one took care of what you would expect from an IT department. Wiring, power, cooling, fileservers, mailservers, print servers, printers, computers, data links between the offices. I worked for the smaller IT department, formally a part of the knowledge management department. We had our own servers, a database, a few webservers, and a load balancer for a document management system a.k.a. intranet, plus some smaller servers for data research.
One day, our intranet servers were moved from a dark corner in the old office building to a small datacenter in the new office building, together with all other servers. The "wiring IT" people did a good job, after the expected downtime, everything just worked smoothly. A few weeks later, people complained that they could not download Powerpoint presentations from the intranet. All other file formats were ok. Uploads were ok. But you could not download any powerpoint file.
What do you think when you hear that story from a user? Right, "layer 8 problem". Too stupid to download a file from a webserver. But it was really the problem. It seemed like the document management software had a severe problem with downloading Powerpoint files. We could upload Powerpoint files, they appeared in the shared filesystem of the webservers as expected, no bits harmed. We could remotely login to one webserver and download powerpoints from localhost just fine. We had several people search for a problem for almost the entire day, digging even deep into the progam code of the document management, searching for a place were Powerpoint files were handled in a different way than other files. We did not find a single location, of course.
"Oh yes, we have installed content filtering firewalls between the servers and the corporate network to improve server security" said one of the "wiring IT" department, who happended to come into our office room for a different reason. "So our servers become secure if you prevent that users DOWNLOAD potentially malicious files from the server that your F---ING firewall did NOT prevent from being UPLOADED to the servers in the first place? What did you smoke? And why the hell did you hide that information from us? Our servers are hardened, they form an isolated network and expose only HTTP and an API port to the corporate network. How do you expect an unidirectional content filter on only the HTTP port to improve security?"
I don't remember the answers any more, but they were on the level of "Um, yes, but our boss ..." The boss that could hardly tell the difference between a mouse and a rack server had decided to spend a lot of money on useless firewalls. I also don't remember if the firewalls were removed or just had their content filter disabled and thus only prevented access to TCP and UDP ports that were never open on the intranet servers.
A lot of money was burned, but money was no problem during the time of the dot-com-bubble. And we actually had a lot of fun digging though the software and network layers almost all the way down to the bare copper wire while searching for the problem.
Alexander
In reply to Re^4: DBI and FEDERATED table slowdown
by afoken
in thread DBI and FEDERATED table slowdown
by misterperl
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |