Skip to Content
FAQOthers

Other Questions

I find that there is severe packet loss at a certain hop using MTR or traceroute. Does it mean that your network line quality is very poor?

According to the principle of traceroute, if the packet loss at the (N + 1)th hop is less than that at the Nth hop, it indicates that the packet loss at the Nth hop is caused by the router’s ICMP restrictions or other policies, rather than a network issue. If the packet loss shows a continuous increase after a certain hop, it might be a network problem. Please contact technical support for assistance.

After optimizing the tw_recycle parameter, the connection to the cloud host often times out

Please check if the result of the following command is 1:

sysctl -a | grep tw_recycle

When the result is 1, it may cause situations such as timeouts when the client behind the NAT tries to connect to the cloud host. Currently, most Internet access scenarios involve NAT, for example, accessing the Internet at home (through a wireless router) or in the company (through a gateway). The reason for the timeout is that Linux’s tw_recycle is incompatible with NAT. Linux has certain requirements for the timestamp value in the socket that uses the timestamp feature. The reason why there is no problem with Windows is that Windows does not utilize the TCP timestamp function.

Do I need to add other routes after using a cloud host as an external network gateway?

The traffic of the cloud host can be divided into vertical traffic: external network traffic and the access traffic to ULB, UDB, and UMem. And horizontal traffic: the internal network communication between cloud hosts.

After the default route is modified to the cloud host serving as the gateway, all traffic will turn into horizontal traffic, which not only affects the efficiency of vertical traffic but also leads to the inability to communicate with ULB, UDB, and UMem (because the security rules forged by internal network IPs will not be passed). The solution is to add static routes.

Example of adding routes in Linux :

# The gateway is 10.4.0.1
ip ro add 10.255.0.0/16 via 10.4.0.1
ip ro add 10.4.0.0/16 via 10.4.0.1
echo "ip ro add 10.255.0.0/16 via 10.4.0.1" >> /etc/rc.local
echo "ip ro add 10.4.0.0/16 via 10.4.0.1" >> /etc/rc.local

note:

The method of writing the above content into rc.local is ineffective under CentOS 7. You need to directly write it into /etc/sysconfig/network-scripts/route-eth0.

Example of adding routes in Windows :

# The gateway is 10.4.0.1
route add 10.255.0.0 mask 255.255.0.0 10.4.0.1 /p
route add 10.4.0.0 mask 255.255.0.0 10.4.0.1 /p

What are cloud security protection strategies?

The cloud security system will conduct real-time monitoring of the cloud platform. The monitoring mechanism mainly discovers external attack behaviors by monitoring the volume of network packets.

When the security system detects that the volume of packets for a resource’s external access exceeds the normal threshold, the system will conduct a behavioral analysis of the network packets of that resource. If the analysis result indicates the existence of an attack behavior, it will trigger the security protection mechanism for the resource, that is, the resource will enter the protection period.

Note:

When the protection mechanism for a resource is triggered, the resource will still operate normally and provide external services. However, network fluctuations may occur. Therefore, when you receive a security alert, please handle it in time. If you have any questions, please contact technical support.

Sometimes, I find that some internal network addresses scan the TCP port 11 on my cloud host. What is the reason for this?

The operation and maintenance system of the public cloud will scan specific ports of the cloud platform to detect connectivity and confirm whether the network services of the public cloud platform are normal. This kind of inspection will not cause any harm to the cloud host, nor will it affect your business.

Why can’t the EIP resource I created connect to the SMTP server of a third-party email service provider via TCP port 25 to send emails externally?

For security reasons, by default Genesis Cloud blocks EIP’s email service, that is, your resource cannot connect to external addresses through the TCP25 port. It is recommended to use the official default ports of SMTPS 587 or 465. If you must use the TCP25 port for external connections, you need to submit a ticket or contact Genesis Cloud technical support. Genesis Cloud will handle the application you submit.

EIP usage relatedNewFeature