On Tue, 2010-02-09 at 17:04 -0500, Andrey Gordon wrote:
Thx to all the folks replying off the list.
The more I trouble shoot the more I'm convinced that it's not the sites that are doing rate-limiting. I went to a website of one of my previous employers (a small company). Chances of them having a fancy reverse proxy with some sort of black list filtering are slim to none, yet their site barely opens up as well.
Must be something that either my firewall device is doing (which is what is doing the NATting) or I don't' know what else. I'm working with my firewall guy since f/w is his domain and I have no clue about that vendor of the firewalls (PaloAlto).
Thanks all for the suggestions. I'll keep digging.
A few months ago I was involved in a hard-to-troubleshoot intermittent problems similar to yours. I finally diagnosed a faulty or overloaded state table somewhere in one of the cheap plastic routers they were using. All problems ended when I replaced the cheap plastic stuff with a x86 hardware running pf or iptables, I forget exactly which (irrelevant). Could it be that you have some arp-poisoning going on? That was my first thought in the above situation, but Wireshark showed otherwise. The clue to the state tables - it was mainly SSL/TLS that was getting expired/dropped. Gord