Subnet Mask Effecting Performance?

We've been diagnosing our network trying to determine where we're having slowdown issues.  For example, from my desktop (Core Duo, 4gb ram, XP Pro) via a mapped drive letter to one of our servers, a copy & paste of a 4kb text file can take 10 seconds.  Other times it is fast.

Mapped drives are a combination of UNC (such as \\servername\sharedfoldername) and IP address (\\192.168.2.2\sharedfoldername)


We're on a 10/100/1000 switch with many servers & desktops running gigabit connections.

One thing is that we have a subnet on the network of 255.255.128.0.   We're wondering if changing this to 255.255.255.252 will help overall network performance.  I don't want to just experiment - we'll have to change about 200 IP addresses on 40 machines (some of which are web servers, email servers, etc.).  

I don't want to go for 255.255.255.0 if I can avoid it, as even more machines will need to be changed.  That said, if there are performance gains to be had, it may be worth the time.

Any thoughts would be greatly appreciated!
LVL 1
drgdrgAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

that1guy15Commented:
" We're wondering if changing this to 255.255.255.252 will help overall network performance. "

Do you mean 255.255.252.0?

Changing the subnet mask will not change anything with performance, just the number of IP's allowed on that subnet. If network congestion is the issue then you might look into splitting your network up into VLAN's to free up your network. With over 200 nodes (including servers and workstations) on the same network then VLANs will most likely be the way to go.



0
ciscoml320Commented:
" We're wondering if changing this to 255.255.255.252 will help overall network performance. "

Same question as above, do you mean a /23 instead of your current /25?

"I don't want to go for 255.255.255.0 if I can avoid it, as even more machines will need to be changed."
I am a bit curious on how the network is laid out.  You indicated you have a /25 currently - I am assuming that some of your hosts are on different subnets.  How is the routing being done between the subnets?  could that device then be your bottleneck?  post some more details...
thx
0
MiamiCoCommented:
We tried solve exact problem in our company, but didn't solve anything (even with help of external company that builds networks).

But I think it can't be impossible. So: First of all you must "discover" your network. Do you have some kind of network (traffic) monitor. //We have software from HP that monitor our switches.

1. check physical connection, monitor switches for errors.
2. where is the slowdown? check traffic on every switch
3. do not connect all servers to one switch , every switch has a maximum data transfer rate(I think for our HP 2524 is it about 6 GBit/s), but critical traffic must be redundant.
4. what type of data are send through the network? IP telephony, audio/video ???
5. and again check network traffic on every switch
 
and I agree with that1guy15, use VLANs.
0
Turn Raw Data into a Real Career

There’s a growing demand for qualified analysts who can make sense of Big Data. With an MS in Data Analytics, you can become the data mining, management, mapping, and munging expert that today’s leading corporations desperately need.

drgdrgAuthor Commented:
Sorry for the confusion ...

Our network is broken into several segments behind the firewall, with a subnet to each physical port coming out of the firewall itself (6 ports).

The one "large" one is currently with a 255.255.128.0 subnet and I was thinking of taking it to 255.255.252.0 (sorry for prior typo) or possibly 255.255.255.0)

We initially did that so that web servers would be in the 192.168.10.0 range, mail servers 192.168.12.0 range, etc... It was laid out about 6 years ago, so in hindsight, not necessarily the best way to go.

We can take it to 255.255.252.0  relatively easily - about 10 machines are effected.  If we take it to 255.255.255.0 with all in the 192.168.1.0 range, about 30 will have to be reconfigured (plus firewall NAT rules, load balancers, etc.)

We've got several active DB that many of the machines talk to.  The individual desktop users don't produce much network traffic, so putting them on a separate VLAN may not help.  Mail servers and web servers could potentially be on a separate VLAN or perhaps a different network segment off of the firewall.

I haven't worked with VLANs, but conceptually:

If web and mail servers moved to:  192.168.10.0    255.255.255.0
and databases and CRM were in: 192.168.11.0    255.255.255.0
and ad tracking servers were in: 192.168.12.0  255.255.255.0

how does this benefit me?  DO those servers look in a shorter "range" when interacting on the network?  And what happens if a tracking server needs to hit the database ... does it go back to the firewall (192.168.1.1 - the gateway) and then come back in, still inside, not going through the firewall rules, etc.?  

Sorry for the simpleton questions ... a networking expert I am not ...

Thanks
0
that1guy15Commented:
"If web and mail servers moved to:  192.168.10.0    255.255.255.0
and databases and CRM were in: 192.168.11.0    255.255.255.0
and ad tracking servers were in: 192.168.12.0  255.255.255.0"

This would be a good layout. Traffic will only flow on the subnet it belongs to and not congest the other VLAn's and subnets freeing them up. If traffic needs to get from one VLAN to another then it will need to go through a layer three device. I assume on your network that is your firewall. If any of your switches that connect to the firewall are layer 3 then it could handle the inter-vlan routing freeing up your firewall from this responsibility (this would be idea).

I agree with MiamiCo check to make sure there is no bottle neck in your network. You could be overloading your switch(s).
0
MiamiCoCommented:
I don't know if your firewall is PC / router with all in one (router, firewall, proxy etc.) but traffic between subnets is routed, so it goes always through the Router. It does not matter if addressing is 10.x.x.x to 100.x.x.x or else. With other words, traffic to another segment always go through the gateway. And again every router has a maximum transfer rate (it depend on model / series of the router). But I don't think that the router would be "slowdown issue".
0
drgdrgAuthor Commented:
I guess what I'm missing is this ... and forgive the oversimplification

If Web Server A is sending data to the web, going out through our enterprise firewall (it goes Router > Firewall > Switch > Servers) is that traffic being "heard" by the SQL server (I thought that was the case with hubs, we have a switch)?  If not, I'm not following why the switch is "congested".

Or are you saying that there may just be too much activity on the switch and we need to break it down.  If we VLAN it (which I believe is creating virtual lan segments on the switch) how does that relieve the load if the Switch still has to handle the same bandwidth?

Thanks
0
ciscoml320Commented:
DR:
in this case here, SNMP is your BEST FRIEND.  I highly recommend PRTG (there is free version which allows you to monitor a handfull of interfaces)
You need to have a picture of what the traffic flow is in your environment (in real-time).  I suggest you monitor the firewall and all 6 interfaces for 1 day to get a better idea of how traffic is flowing through it.
If you do not see any large traffic passing through the firewall, then start the same routine behind each interface (ie your switch ports for these segments - i am assuming you're already using vlans or separate switches).
Taking the subnetting route here may not yield favorable results, until you know exactly what's flowing through your network.  With that info, then you can start thinking of ways to more efficiently design the topology.
Hope this helps
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
drgdrgAuthor Commented:
Thanks.  We actually have a licensed copy of PRTG from a few years back.  I'll install that (hopefully the firewall will respond and not see it as a DOS attack) and see what insight I can gain.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Management

From novice to tech pro — start learning today.