Cisco VPN Client and system responce time
Hi,
I have a problem with Cisco VPN Client. When I'm in my company everything works fast and nice. When I'm using Cisco VPN Client remotelly regartless if it is a 512k or 5Mbps internet connections I always get very long responce time from the system. Starting from opening my documents (folder redirected to network share but also it is a "offline folder"), my computer, everyting. What can be done to make it work faster? I see that things get better when I use csccmd.exe to force offline mode. But when I have to access a network share I do have to make myself online and the problem is back.
Can you suggest something?
Thanks
I have a problem with Cisco VPN Client. When I'm in my company everything works fast and nice. When I'm using Cisco VPN Client remotelly regartless if it is a 512k or 5Mbps internet connections I always get very long responce time from the system. Starting from opening my documents (folder redirected to network share but also it is a "offline folder"), my computer, everyting. What can be done to make it work faster? I see that things get better when I use csccmd.exe to force offline mode. But when I have to access a network share I do have to make myself online and the problem is back.
Can you suggest something?
Thanks
ASKER
how slow is slow? hmm... i can agree that when i'm listening remote share that have 100 or 500 files it will be slow. But it takes about 20 to 30 secunds to open "my computer" which has 4 shares maped to drive letters and that is slow and i thing based on this that it should work faster.
As for connection speed i've tested connections from wimax which is asymetric 1 Mbps down and 128kbps up with latency about 150ms and professional "pipe" wirh symetric 10Mbps.
As for connection speed i've tested connections from wimax which is asymetric 1 Mbps down and 128kbps up with latency about 150ms and professional "pipe" wirh symetric 10Mbps.
What I would suggest is getting a packet capture (I use wireshark, www.wireshark.org) and do a packet capture on the VPN's virtual interface and see what is going on. This will show how much traffic is flowing and hopefully where the delays are.
I will say in some of my VPN testing it can take 5-10 seconds to open my desktop with 3 mapped shares and that is in a LAB where the client, VPN server, file server, and DC's are all on 100 Mbps LAN connection with 1-2 ms latency.
Client <-- switch 1 --> VPN server <-- switch 2 --> File server and DC.
So with it taking 5-10 seconds in the above setup, I can see it take 20-30 going across WAN connections that are slower and have higher latency, especially with 150 ms.
I will have to check, but I believe it takes 10-15 seconds for one of our remote offices to open "my desktop" with 2-3 mapped shares over a 768 Kbps symmetrical link and 100ms of latency.
Windows does a lot of "stuff" under the covers, which end up generating a lot of small little requests that really get bogged down when latency is anything above 50ms.
I will say in some of my VPN testing it can take 5-10 seconds to open my desktop with 3 mapped shares and that is in a LAB where the client, VPN server, file server, and DC's are all on 100 Mbps LAN connection with 1-2 ms latency.
Client <-- switch 1 --> VPN server <-- switch 2 --> File server and DC.
So with it taking 5-10 seconds in the above setup, I can see it take 20-30 going across WAN connections that are slower and have higher latency, especially with 150 ms.
I will have to check, but I believe it takes 10-15 seconds for one of our remote offices to open "my desktop" with 2-3 mapped shares over a 768 Kbps symmetrical link and 100ms of latency.
Windows does a lot of "stuff" under the covers, which end up generating a lot of small little requests that really get bogged down when latency is anything above 50ms.
ASKER
ok will test tomorrow with wireshark. is it generally possible to make windows less "chatty" on slow links?
Unfortunately there is no way to make Windows (NETBIOS) less chatty that I am aware of.
ASKER
what about turning off netbios in a active directory environment?
Well, "NETBIOS" does not always mean "NETBIOS". When Windows disables "NETBIOS" it only disables pieces of it. The piece is really turns of is the way that "NETBIOS" finds resources. Turning this off tells the computers not to use NBNS (NETBIOS NAME Seaches) broadcasts or WINS to looks up names, only use DNS.
It still uses NETBIOS, well technically CIFS which is MS implementation of Server Message Block (SMB, a.k.a SAMBA) to get information about files and to transfer files using network shares.
Here is the Wikipedia on Server Message Block, which is SMB which is "pronounced" SAMBA, which is really what most people mean when they say NETBIOS. It gives brief description of SMB and where NETBIOS, WinNFS, and CIFS come into play.
It still uses NETBIOS, well technically CIFS which is MS implementation of Server Message Block (SMB, a.k.a SAMBA) to get information about files and to transfer files using network shares.
Here is the Wikipedia on Server Message Block, which is SMB which is "pronounced" SAMBA, which is really what most people mean when they say NETBIOS. It gives brief description of SMB and where NETBIOS, WinNFS, and CIFS come into play.
ASKER
ok so turning off netbios will only allow me to find computers, shares using FQDN (or hosts file) but on the other hand will reduce broadcasts?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Going over a VPN connection via a WAN will be slower than when you are on a LAN. Your LAN is most likely 100 Mbps. Even if your Internet connection is a "fast" 5 Mbps it is much slower than 100 Mbps. They you have other factors that slow it down. On your LAN latency is probably around 1ms. On a Internet connection it will vary depending on how may hops there are between site you are at and the server site. The higher the latency the slower the response will be. You also have the overhead of encrypting and decrypting the traffic, which slows things down also.
When you have a 5 Mbps connection it is a true 5 Mbps or is it a broadband connection? If broadband, then you have to also realize that most likely your speed is asymmetrical. The 5 Mbps is from the Internet to you, the speed from you to the Internet is most likely somewhere between 384Kbps - 768 Kbps. Which will affect your speed.
When you are using a shared folder, all the traffic must go over the WAN and using shared folders has a lot of overhead.
It also sounds like you have these files in a "brief case", which means there is a copy locally and remotely. When this is done, there is a constant stream of traffic to keep the files updated. When you go to offline mode only the local files are accessed, the remote files are left untouched. When you go back online, the remote files must be synced with the local files. If your upstream speed (from you to the Internet) is low and you have big files, it will cause performance problems.
Also, the VPN server could be setup to throttle how much bandwidth you use so that a single VPN user does not use up all of the bandwidth.
To put it bluntly, remote access to files will be slower than local access. Depending on a LOT of factors it could be a little slower or a LOT slower.
To do a directory listing on a shared folder the client (your PC) tells the server to give you a list of all the files in the folder. Then for each file within the folder, it tells the server to tell you the information about the file (create date, last modified date, last access date, attributes, ect.). There is a unique request for EACH file in the directory. So if you have 100 files, there are 100 unique requests.