[olug] Network performance analysis

Bill Brush bbrush at gmail.com
Tue Nov 25 14:07:28 CST 2014 

Well I tried a firmware update for it last weekend, and it restarted
as part of that.  A full powerdown would have been when we had a big
power outage summer of '13.

As an update, I have done a lot more testing.

I have tested 3 vlan's, with different results.

DMZ logging into the web page in the DMZ,  no retrans, no errors, fast
response, as expected.
LAN to DMZ, same operation, retrans errors, duplicate ACK's, slow response.
WLAN to DMZ  same operation, no errors, fast response.

The kicker is that the WLAN is a VLAN on the same switch as the LAN,
so at least in that area, the switch is fine.

I also moved the firewall link so that it goes through a separate
switch.  Theoretically a client plugged into that switch,
communicating with the DMZ would have no traffic going through the
main switch.  The performance and packet capture on the client showed
the same symptoms however.

All of this makes me suspect that something is misbehaving on the LAN
but nothing obvious is jumping out at me in the traces.

Bill

On Tue, Nov 25, 2014 at 1:54 PM, Rob Townley <rob.townley at gmail.com> wrote:
> Care to share how long it has been since the switch was powered down?
>
> On Sun, Nov 23, 2014 at 10:43 AM, Bill Brush <bbrush at gmail.com> wrote:
>
>> Hey guys,
>>
>> Thanks for the input.  I have done some wireshark sessions and it
>> appears as though there are a number of retransmission packets on my
>> tests.  On this test we're just logging into a web page.
>> Interestingly enough it doesn't seem slow if I login from the
>> internet.  Next week I'm going to do some more packet captures.
>>
>> I beginning to suspect that my main switch may be having issues.
>>
>> Bill
>>
>>
>> On Fri, Nov 21, 2014 at 5:08 PM, Matthew G. Marsh
>> <olug4mgm at paktronix.com> wrote:
>> >
>> > Links internally work fine?
>> >
>> > Links to ISP website work fine?
>> >
>> > Basically if the "perceived" issue is slowness opening a link, and you
>> > suspect networkish issues (DNS, Proxy, Inet, etc) then start local and
>> work
>> > towards remote.
>> >
>> > If even local opens up slow then you have either DNS or security software
>> > issues.
>> >
>> > Also - try multiple methods:
>> >
>> > http://10.1.1.1/index.html  ; if you suspect DNS
>> >
>> > ftp://ftp.kernel.org  ; if you suspect proxy/security setings
>> >
>> > and of course you can play around with:
>> >
>> > smb://10.1.1.1/myfile
>> >
>> > just for kicks...
>> >
>> > BTW - better than any speedtest is to download a recent kernel from
>> > kernel.org and use a watch... seriously provides a real world latency
>> and
>> > speed test unless of course you are on the 10G direct fiber link...
>> >
>> > The other lurking issue is latency. That is best addressed after you rule
>> > out DNS/security/proxy/routing issues.
>> >
>> > in latency some easy tests are:
>> >
>> > ping -n -v -M time {your local gateway}
>> >
>> > then move outwards (also good for diagnosing ISP traffic patterns)
>> >
>> > And of course there is always tracepath if you suspect async routes...
>> >
>> > HTH.
>> >
>> >
>> > On Thu, 20 Nov 2014, Bill Brush wrote:
>> >
>> >> Rob I'm painfully (agonizingly) aware of how many variables I'm
>> >> dealing with here.
>> >>
>> >> To go into a little more detail, the raw speed seems fine for the most
>> >> part.  We're seeing some traffic spikes on the internet link up to the
>> >> limit, but it's rarely sustained.  A speed test at speedtest.net
>> >> usually comes back at around 90% of our nominal speed for our link.
>> >>
>> >> The main "symptom" seems to be a lag in things starting to move.  So
>> >> if you click a link it sits there and thinks about it, then moves.
>> >> Sometimes this is a few seconds, sometimes it's over a minute.
>> >>
>> >> I'm going to set up a 30 day trial of Solarwinds bandwidth analysis
>> >> pack and hopefully it will show me something.  My forays with
>> >> Wireshark have not turned up anything obvious.
>> >>
>> >>
>> >> On Thu, Nov 20, 2014 at 2:22 PM, Rob Townley <rob.townley at gmail.com>
>> >> wrote:
>> >>>
>> >>> Bill,
>> >>>
>> >>> i feel your pain.
>> >>>
>> >>> Keep in mind "slowness" can be caused at many layers of the network.
>> >>>
>> >>> -physical tests to verify Cat6 compliance from (PC) patch cable to wall
>> >>> plate thru cable run back to patch panel thru another patch cable (
>> >>> network
>> >>> switch).  This could be an electrician with a ~$2500.00? Cat6 tester.
>> >>> $per
>> >>> wall plate
>> >>>
>> >>> -firmware on NIC / motherboard
>> >>>
>> >>> -device driver version
>> >>>
>> >>> -10Mbps half-duplex vs 1000Mbps FullDuplex
>> >>>
>> >>> -switch
>> >>>
>> >>> -vPro / IPMI
>> >>>
>> >>> -IPv6 vs IPv4 issues
>> >>>
>> >>> -DNS slowness or timing out
>> >>>
>> >>> -router
>> >>>
>> >>> -wireless channel (1 ,6, 11)
>> >>> On Nov 20, 2014 12:20 PM, "Bill Brush" <bbrush at gmail.com> wrote:
>> >>>
>> >>>> Hello all.
>> >>>>
>> >>>> I don't post much, but I've been lurking around here for many years.
>> >>>>
>> >>>> I'm looking for help investigating complaints that our network is
>> >>>> "slow".  I have a rudimentary knowledge of doing packet captures, and
>> >>>> the basics, but an in-depth investigation is beyond my current skills.
>> >>>>
>> >>>> I inherited this network a couple years ago, and I will freely admit
>> >>>> that prior to this I had never had to worry about my infrastructure so
>> >>>> I have not checked for pre-existing issues.
>> >>>>
>> >>>> So is anyone in the Omaha area an expert at network analysis?  If it's
>> >>>> your day job we can discuss your hourly rates.
>> >>>>
>> >>>> Thanks!
>> >>>> Bill
>> >>>> _______________________________________________
>> >>>> OLUG mailing list
>> >>>> OLUG at olug.org
>> >>>> https://lists.olug.org/mailman/listinfo/olug
>> >>>>
>> >>> _______________________________________________
>> >>> OLUG mailing list
>> >>> OLUG at olug.org
>> >>> https://lists.olug.org/mailman/listinfo/olug
>> >>
>> >> _______________________________________________
>> >> OLUG mailing list
>> >> OLUG at olug.org
>> >> https://lists.olug.org/mailman/listinfo/olug
>> >>
>> >
>> > --------------------------------------------------
>> > Matthew G. Marsh
>> > Special Email Addr for OLUG ;-}
>> > Phone: (402) 932-7250
>> > Email: olug4mgm at paktronix.com
>> > WWW:  http://www.paksecured.org
>> > --------------------------------------------------
>> >
>> > _______________________________________________
>> > OLUG mailing list
>> > OLUG at olug.org
>> > https://lists.olug.org/mailman/listinfo/olug
>> _______________________________________________
>> OLUG mailing list
>> OLUG at olug.org
>> https://lists.olug.org/mailman/listinfo/olug
>>
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> https://lists.olug.org/mailman/listinfo/olug

More information about the OLUG mailing list