[K12OSN] Experience with a thin client server connection getting throttled?

Terrell Prude' Jr. microman at cmosnetworks.com
Tue Feb 12 00:32:37 UTC 2008

Todd O'Bryan wrote:
> My district has over 90,000 students and I have the only thin client 
> lab. In my lab we're having a big problem with network connectivity as 
> connections get lost pretty often, especially when lots of users are 
> surfing. The network guy came out and saw how bad the connectivity was 
> when we tried to connect to internet sites like Google, Yahoo, and 
> CNN. We then tried surfing within the district and discovered there 
> were no problems. He set us to bypass the filter box, a FortiNet 
> appliance that filters the whole district, and we had no problems on 
> the internet, so it's apparently the filter that's slowing things 
> down. Unfortunately, for obvious reasons, we can't run without a 
> filter. For political reasons too complicated to go into, we also 
> can't set up an alternate filtering system for just my lab.
> I suspect that other users don't see this problem because the filter 
> sees an unreasonable amount of traffic coming from what it thinks is a 
> single computer and throttles the connection. (We also have the 
> remnants of a November virus outbreak on the network that is flooding 
> everything with stray packets, so the filter could be busier than it 
> should be. They're still working on cleaning that up.)
> Does anyone have experience with this kind of thing, with either 
> FortiNet or another filter appliance, where thin client labs see a 
> performance degradation compared to single-user systems? If so, did 
> you have any luck solving it?
> Thanks,
> Todd

Hmm...not familiar with specifically FortiNet, but I suppose any modern 
filter could be set to auto-sense "too much traffic" from one IP 
address.  But that should be able to get turned off.  Throttling's not 
really something that you need unless you've got a major infection 
problem, in which case you have bigger problems anyway (thottling's just 
a Band-Aid then, and not a very effective one at that!).  There are a 
few other special "corner cases" for that, but those generally apply to 
Web/FTP/email *servers*, not client boxes.

We don't throttle by IP address.  We just block "bad" sites.  Seems to 
work out pretty well for us.  And nope, the thin client demo I did (yep, 
multiple users) was no slower than the single-user Windows thick clients.


More information about the K12OSN mailing list