Rsync over Ipsec issue SOLVED!
-
Just in case someone else has similar trouble. We have wasted a lot of time and money on this issue and the problem was a bad filter installed in the cable pedestal at the street.
Background:
Business connection with Timewarner 10x1.5 cable internet service. We run nightly backups via rsync through an IPSEC tunnel to a NAS at my home. Home has TW 20x2 cable service.
We also have a Hosted PBX (asterisk) here at the business. About 1 year ago we switched routers from cisco to Pf, then to pfSense. At that time we started having trouble with rsync failing on some huge files. The error was usually:
"rsync: writefd_unbuffered failed to write 4092 bytes to socket [sender]: Connection reset by peer (104)
rsync: read error: Connection reset by peer (104)"There were never any errors in the Ipsec logs, and the outages were short enough that the tunnel never dropped. Web browsing seemed always ok. But yet rsync would always choke.
About a month ago it started getting worse; the backups would giveup after ten errors. Timewarner replaced the modem twice. Then we started dropping phone calls. TimeWarner insisted everything was fine (surprise)! The interesting thing is that the modem showed no "uncorrectable errors" but a lot of "correctable errors", more than 300 per hour. TW said that was "normal" and that the modem uses an algorithm to correct these errors but too many is too many.
I used ping plotter to show TW that there was indeed an issue. I finally told them that we were switching to a wireless solution. They sent out the tech for the third time. The tech started checking every connection starting at the modem, something he should have done the first visit. In the pedestal at the street he found and removed a TV filter. He said they no longer install them as they are known to cause problems.
Three backups have completed successfully since then and the modem shows only two "correctable errors" in the last 48 hours. Backup times are about 20% shorter and web browsing is noticeably faster.
-
Unfortunately not an uncommon issue with cable, and tends to be difficult to get the cable company to track down or even admit there's a problem. Glad you were able to get them to find and fix it.