[K12OSN] Experience with a thin client server connection getting throttled?
Terrell Prude' Jr.
microman at cmosnetworks.com
Tue Feb 12 00:32:37 UTC 2008
Todd O'Bryan wrote:
> My district has over 90,000 students and I have the only thin client
> lab. In my lab we're having a big problem with network connectivity as
> connections get lost pretty often, especially when lots of users are
> surfing. The network guy came out and saw how bad the connectivity was
> when we tried to connect to internet sites like Google, Yahoo, and
> CNN. We then tried surfing within the district and discovered there
> were no problems. He set us to bypass the filter box, a FortiNet
> appliance that filters the whole district, and we had no problems on
> the internet, so it's apparently the filter that's slowing things
> down. Unfortunately, for obvious reasons, we can't run without a
> filter. For political reasons too complicated to go into, we also
> can't set up an alternate filtering system for just my lab.
> I suspect that other users don't see this problem because the filter
> sees an unreasonable amount of traffic coming from what it thinks is a
> single computer and throttles the connection. (We also have the
> remnants of a November virus outbreak on the network that is flooding
> everything with stray packets, so the filter could be busier than it
> should be. They're still working on cleaning that up.)
> Does anyone have experience with this kind of thing, with either
> FortiNet or another filter appliance, where thin client labs see a
> performance degradation compared to single-user systems? If so, did
> you have any luck solving it?
Hmm...not familiar with specifically FortiNet, but I suppose any modern
filter could be set to auto-sense "too much traffic" from one IP
address. But that should be able to get turned off. Throttling's not
really something that you need unless you've got a major infection
problem, in which case you have bigger problems anyway (thottling's just
a Band-Aid then, and not a very effective one at that!). There are a
few other special "corner cases" for that, but those generally apply to
Web/FTP/email *servers*, not client boxes.
We don't throttle by IP address. We just block "bad" sites. Seems to
work out pretty well for us. And nope, the thin client demo I did (yep,
multiple users) was no slower than the single-user Windows thick clients.
More information about the K12OSN