RegisterLogin
docs
unet
FAQ
Others

Other Questions

Is the quality of your line very poor because a certain hop packet loss is serious when using MTR, traceroute?

Principle of traceroute, if the packet loss of the N+1 hop is less than that of the N hop, it indicates that the packet loss of the N hop is caused by the router's ICMP limit or other policies, not a network problem. If there is a continuous increase in packet loss after a certain hop, it may be a network problem. Please contact technical support for handling.

After optimizing the tw_recycle parameter, the connection to the cloud host often times out

Please check if the result of the following command is 1:

sysctl -a | grep tw_recycle

A result of 1 can cause timeouts and other conditions when a client behind NAT connects to a cloud host. Currently, most Internet scenarios are NAT, for example, home Internet access (through wireless routing), company Internet access (through gateway) The reason for the timeout is that Linux's tw_recycle is not compatible with NAT. Linux has requirements for the timestamp value in the socket using the timestamp. The reason Windows has no problem is that Windows does not use the TCP timestamp feature.

Do I need to add other routes after using a cloud host as an external network gateway?

The traffic of the cloud host can be divided into vertical traffic: external network traffic and ULB/UDB/UMem access traffic. Horizontal traffic: internal communication between cloud hosts. After the default route is modified to the cloud host as a gateway, All traffic will become horizontal traffic, which not only affects the efficiency of vertical traffic, but also can't communicate with ULB/UDB/UMem (because the security rules of the forged internal IP will not pass). The solution is to add static routes.

Example of adding routes in Linux :

# The gateway is 10.4.0.1
ip ro add 10.255.0.0/16 via 10.4.0.1
ip ro add 10.4.0.0/16 via 10.4.0.1
echo "ip ro add 10.255.0.0/16 via 10.4.0.1" >> /etc/rc.local
echo "ip ro add 10.4.0.0/16 via 10.4.0.1" >> /etc/rc.local

note:

The method of writing to rc.local is invalid in CentOS 7, you need to write directly to /etc/sysconfig/network-scripts/route-eth0

Example of adding routes in Windows :

# The gateway is 10.4.0.1
route add 10.255.0.0 mask 255.255.0.0 10.4.0.1 /p
route add 10.4.0.0 mask 255.255.0.0 10.4.0.1 /p

What is cloud security defense policy?

The cloud security system will monitor the cloud platform in real time, and the monitoring mechanism mainly discovers outward attack behaviors by monitoring the packet volume.

When the security system detects that the outbound access packet volume of a resource exceeds the normal threshold, the system will analyze the network data packets of this resource. If the analysis results indicate the existence of an attack behavior, the security defense mechanism for the resource will be triggered, that is, the resource will enter a protection period.

Note:

When a resource triggers a protective mechanism, the resource will still operate normally and provide services to the outside. However, there may be network fluctuations, so if you receive security alerts, please handle them in time. If you have any issues, please contact technical support.

Why sometimes I find some intranet addresses scanning the TCP 11 port on my cloud host?

The public cloud operation system will scan specific ports of the cloud platform to check the connectivity and confirm whether the network service of the public cloud platform is normal. This kind of check does not harm the cloud host and will not affect your business.

Why can't my created EIP resources send emails to external SMTP servers through TCP25 port to third-party email service providers?

For security reasons, SurferCloud will default to blocking EIP's email service, that is, your resource cannot connect to external addresses through TCP25 port. It is recommended to use the official default ports of SMTPS 587 or 465. If you must use the TCP25 port for external connections, you need to submit a work order or contact SurferCloud technical support feedback. UCIoud will handle the application you submitted.

EIP usage related
support01@surfercloud.com
FollowUS
  • Company
  • ContactUs
  • Blog
Copyright © 2024 SurferCloud All Rights Reserved