Small problem some sites

Mar 17, 2012 at 2:57 AM

Hello, first of all thank you for your great software ,Im using it without any problem , high speed download ,.. Everything works ok  but specific site is not working at all or sometimes  it takes ages for for incomplete loads of the page,  sites like Facebook,code project, ....are among those not working.  However, if you reset both client and server and those sites where among the first you visit then they load without a problem .


There is another thing I noticed that sometimes server reports 0 connection count and for example, client do not agree to say it has 5 or  10 ,...
connected. 

In all of this situation including when site is not opening vpn is connected and vpn gateway is traceable through the tunnel ie one hop
away. 

The last one I have tried to set the max file size, but it didn't work in a way it was ignored

please advise if you know of any work around for this

Thank you . 

 

Coordinator
Mar 17, 2012 at 3:18 AM

Hi

>>but specific site is not working at all or sometimes  it takes ages for for incomplete loads of the page

Did you install WinpkFilter? I had same problem when using WinpkFilter driver. Some sites does not open via VPN, it does not relate to BarbaTunnel even with direct VPN connection I have same issue. After I uninstall WinpkFilter runtime I found the problem solved. Use WinDivert and uninstall WinpkFilter completly.

>> However, if you reset both client and server and those sites where among the first you visit then they load without a problem 

Please let me know what is your barbatunnel version. It reported in first line of log file. Make sure you have latest version. In Version 5.1 and upper I fix custom keep alive mechanism so the loosed connection will be dropped in 2min by default and new connection established.

>>There is another thing I noticed that sometimes server reports 0 connection count and for example, client do not agree to say it has 5 or  10 ,..

Make sure the Max Connection Count in client is less than server Max Connection Count, other wise the new connection from client will drop the old connection and it loop infinity.

Please let me know if you have still more issue. I test it over 15 client now and have not such issue. don't forget to let me know what is your barbatunnel version. It reported in first line of log file, it is important for me.

Mar 17, 2012 at 7:55 PM

 Thanks for the information I never would have suspected to the driver,  unfortunately our servers are 2003 and  there is no WinDivert support for that. I'll try a 2008 setup and test again.  How  ever meanwhile  there was limited in tcp parameters as like per server connection when I lifted those(in windows registry ) I feel it's working longer before the problem starts to happen. It might not be true. The software  version is 5.1. with WinDivert on client and WinpkFilter on the server and max connection count is 15 on the  8 on the client.I'll Report shortly when 2008 server was ready later today.
One last question is there   problem that if I try to close and reopen the connections regularly ?When there is atleast one idle connection.  That doesn't mean protocol disconnect dose it?

Thanks again.

Coordinator
Mar 17, 2012 at 8:12 PM

>>One last question is there   problem that if I try to close and reopen the connections regularly ?When there is atleast one idle connection.  That doesn't mean protocol disconnect dose it?

Sorry I don't understand your English maybe one of our English language not good. by the way if connection dropped without end connection notification  (suddenly drop by modem restart or firewall drop it without any notification), BarbaTunnel keepalive mechanism should drop that connection after 2 min (if you don't change the keepalive timeout option), but it may have still issue that I didn't find it yet.

Also I recommend you to set max-http connection to 5 and not more. (its enough for 4Mbit connection)

Regards

Mar 18, 2012 at 1:56 PM

Sorry for my poor English  what I meant was that its seemingly works ok with WinpkFilter until a short time after both client, and server restart,   so what I was asking  was like this scenario:  we have five connections. Number 1 and 2 is active transferring data and connection 3,4,5 is idle.
If we keep connection 3 as backup and disconnect and reconnect the  other 2 is that breaks the pptp protocol? 
Is any other thing (except for socket's operations) happening during restart in client or server mode?  for example kind of driver reset?

Thank you .

 

 

Coordinator
Mar 18, 2012 at 6:22 PM

Hi

What do you mean by connection? HTTP-Connection that created for each user? or you meam the connection by separate users in different machine?

How you know the connection 3,4,5 is idle?

Do you have same issue when using direct VPN without BarbaTunnel?

I already test it with 7 users via HTTP-Connection so 7*10 socket connection established to server without such issue.

I don't think the issue is relate to driver reset or so on. How many IP address you have? I think you many have issue to NAT or lack of IP address so only two of users can access to your server internet. Ensure your NAT work properly other wise each client assign an IP address and after all of your IP assinged, the new users does not have valid IP and they could not browse internet. see following link:

How to setup and configure PPTP VPN tunnel on Windows Server 2008 to share internet traffic?

Regards

Mar 19, 2012 at 12:37 AM
Edited Mar 19, 2012 at 12:43 AM

Hello,

What do you mean by connection? HTTP-Connection that created for each user? or you meam the connection by separate users in different machine?

Http connections for each session Id(single user). by far I tested it only with  one client .
I'm testing it, because a fiewall which blocks all the secure protocols like https ,...and ssh,pptp are extremely slow,to not working at all  

 

How you know the connection 3,4,5 is idle?

What I meant was from inside the source code. for testing .

 Do you have same issue when using direct VPN without BarbaTunnel?

 

Without barba tunnel can connect but not working for all the sites alike.
I have no problem with barbatunnel in general as I said it works ok. The problem is mostly with specific sites which according to your advice its most probably the WinpkFilter problem being used on the server side.  However, I have limitations on  choice of the operating system .and there is no WinDivert support for windows 2003 . I was interested to find a way for windows 2003 and WinpkFilter configuration to work.  

 

 

I don't think the issue is relate to driver reset or so on. How many IP address you have? I think you many have issue to NAT or lack of IP address so only two of users can access to your server internet. Ensure your NAT work properly other wise each client assign an IP address and after all of your IP assinged, the new users does not have valid IP and they could not browse internet. see following link:

There are 32 internet visible ip addresses for this server .one ip is used for server public network card and others for pptp-vpn users ,which is only one user for tests right now .with fixed ip address without NAT. barba tunnel is listening on server public ip address on port 80 seemingly using its own virtual address pool to seprate clients in a NAT like senario .

In above mentioned configuration ,when I  restart the server and then start the client it works for all the sites without any problem. but as the time passes it stops working for some sites while still working for some others with likely performance downgrade. That's why it would be good to know that what exactly happening during restart proccess specially in the server mode which is solving the problem . I should add that restarting only the client is not helpful in this case. 

Thank you.

 

 

Coordinator
Mar 19, 2012 at 8:59 AM
Edited Mar 19, 2012 at 9:19 AM

I just recommend you to test it with WinDivert too, I don't have any more idea. 

I also recommend you to test Version 5.3 too.

Would you tell me which firewall you behind of? I mean China Firewall or if you know the name of firewall?

Regards

Mar 20, 2012 at 3:46 PM

HI
my guess is that these sites are using some kind of time or mac address sensitive cookies along with http packet,
which may cause no response from the destination site if for example mac-address not matching the cookie value .
inside http packet cookie data .its just a guess might not be true but most of not working sites having a form of http cookie in them
and after sending the HTTP-GET request the only packet is received in client side is a tcp-ack for the request
and no hhtp response packet. btw when wireshark is active on server side barba tunnel (WinpkFilter) packet filter is not working.