Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Optimize WAN built with Cisco 1700 series routers

Posted on 2008-06-24
6
Medium Priority
?
587 Views
Last Modified: 2012-06-21
We have a 2mb private line between our two offices and a Cisco 1700 series router at either end.   It's a little slow these days and was looking for some advice as to how to minimise unncessary network traffic such as broadcasts from passing other the WAN link.

Can anyone offer any suggestions?

0
Comment
Question by:tini1709
  • 3
  • 2
6 Comments
 
LVL 7

Expert Comment

by:BobintheNoc
ID: 21854133
Are the two sites on separate subnets?  That'd be the quick way to keep broadcasts from propagating.  
0
 

Author Comment

by:tini1709
ID: 21854147
Well, the HQ is on 172.16.16.0 and the Branch office is 172.16.32.0 both with subnet mask of 255.255.255.0

0
 
LVL 7

Expert Comment

by:BobintheNoc
ID: 21854289
That'd put you on separate subnets then, and a broadcast from either side, to 172.16.32.255 or to 172.16.16.255, by default, shouldn't travel across the router.  Are the 1700s the actual gateways  or are they used only to terminate the private circuit?  Whereever your actual router(s) are, you'll want to make sure someone hasn't turned on a 'Helper' rule that enables propagation of broadcasts.  Again, by default, most routers won't pass broadcasts.

Out of curiosity, how have you determined that traffic going across is broadcast based?

0
NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

 

Author Comment

by:tini1709
ID: 21854325
The 1700s are the gateways for each office and were installed by BT some years ago.

I haven't really determined that it's broadcast based.

The other possibility was Internet traffic as the branch office use the proxy server in the HQ for their internet access.
0
 
LVL 4

Accepted Solution

by:
fileinster earned 195 total points
ID: 21861591
You could enable QoS to prioritise traffic, if bandwidth is the issue. However, it's a complex configuration for someone not familiar with it. To black particular traffic apply an access-list to the interface with the interface lavel command "ip access-group 100 out" and configure ACL 100 to block whatever traffic and put a "permit ip any any" statement at the end.

Does that help any?
0
 
LVL 7

Assisted Solution

by:BobintheNoc
BobintheNoc earned 180 total points
ID: 21861832
I'm not much of an IOS person, and don't know if the 1700 allows you to dump packets--but perhaps it does have something along the lines of sho conn, to show the established connections?  Based on the destination and port, you might get a good idea of what the traffic is.

If you have the ability to get a packet capture running on either interface, it'd be pretty simple to identify the bandwidth hogs.  Dropping a hub inline, and then another PC on that same hub, with Wireshark or Netmon (or your favorite packet capture tool) running, you can capture every bit of traffic.  At 2mb, you won't be too worried about not being fast enough to capture, nor should you impact the existing traffic.  Putting a hub inline though, you might have to drop the 1700 interface to half duplex.  Again, not knowing much about the 1700, there may be a capture function built right in.  My PIX does, a simple CAPTURE command with some additional parameters, and I can get the pix to 'record' for a limited time, all traffic through.  Taking that capture and then loading it into WIreshark makes for an easy analysis without having to unplug and insert addtional hardware.  

The packet doesn't lie.  If you get accurate captures, you'll be able to see what's chewing up the bandwidth.  Packet capturing and analysis isn't exactly the simplest thing to do, especially if you've not done it before.  But, if you get the captures, we can help make the analysis.

Just one more note, 2mb is easy to consume nowadays.  A single user can eat that much up without blinking an eye.  What type of traffic are you EXPECTING to pass over the link?  Is it also the 'internet' connection for one of the offices?  

0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question