Solved

Optimal configuration for a Cisco Router over Satelite

Posted on 2010-08-17
5
618 Views
Last Modified: 2012-05-10
We have a number of remote sites that only have internet access via satelite. Obviously the internet will never be excellent but we would like to squeeze as much performance out of them as possible.

Anyone know any tricks or configuration changes that will improve performance over satelite connections using stock Cisco routers?

Is it best to run detailed or simple QoS policies?

Does the overhead of running a VPN tunnel over the connection add much latency? Is there any way to optimize this?
0
Comment
Question by:PerimeterIT
  • 2
  • 2
5 Comments
 
LVL 24

Accepted Solution

by:
rfc1180 earned 250 total points
ID: 33464449
Having a point to point satellite system you can use:

http://www.mycisco.info/en/US/prod/collateral/modules/ps2797/solution_overview_c07-525404_ps5853_Products_White_Paper.html

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t7/feature/guide/gt_rbscp.html

However, there is not much that you can do with a direct satellite connection to the Internet; the physics limiting what you can actually do. Using VPNs does add overhead, but not enough to notice the difference, and obviously, using TCP on a very long BDP you will notice a degradation in performance, especially with any type of packet loss.

Billy
0
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 250 total points
ID: 33465063
As rfc1180 stated, the overhead of a VPN does not add enough to notice.

However, latency of the satellite could cause problems with the VPN.  Some VPN's technology does not work well with high latency and satellites have HIGH latency.

The issues you will encounter really have nothing to do with the type of router you have, its all about the latency of the satellites.  Minimum RTT for a satellite connection is going to be 500ms.
0
 
LVL 1

Author Comment

by:PerimeterIT
ID: 33468870
Giltjr: Yeah sadly there is no router currently in production (that I'm aware of) that can send data faster than light. :)
We have some existing AES256 VPNs in production over satelite and they're stable, but the performance isn't great. Most of that is the latency, but I would like to squeeze as much out of performance as I can.

RFC1180: Have you used the Cisco solution before? How is it?
We already use Citrix branch repeaters in house, but it isn't really worth it for us to install $10000 worth of hardware for a site that has 1 user...


Has anyone tried using smaller MTU sizes over satelite? I heard that can help.

Any answers to my question on QoS?
0
 
LVL 57

Expert Comment

by:giltjr
ID: 33471135
I don't think that smaller MTU's would help.  Now smaller window sizes may help if you have a lot of dropped packets.

What type of traffic are you sending?  The only way I can think that QOS could help is if you are doing voice, but even then it may not help that much.  Especially if there is only 1 user.

I believe that the 2800's have some WAN optimization bundles.

http://www.cisco.com/en/US/prod/collateral/routers/ps5854/prod_qas0900aecd8033e8f9_ps5855_Products_Q_and_A_Item.html
0
 
LVL 24

Expert Comment

by:rfc1180
ID: 33471160
>Most of that is the latency, but I would like to squeeze as much out of performance as I can.
As stated, there is not much you will be able to do (Even with QoS), changing the MTU will not have much of an affect; in short, what you need to be concerned with is the BDP, RWIN (Window scaling and autotuning); You want the largest maximum MTU, based on the MSS, RWIN, CWIN, etc will maximize the efficiency end to end large BDP paths.

Untested:

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t7/feature/guide/gt_rbscp.html
You can try to utilize RBSCP via the VPN; the protocol (RBSCP) does work ok, better without it. I am not sure how it would work via a vpn. (Both ends to need to be Cisco and and the tunnel mode rbscp


Billy
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Access shared drive during VPN session 9 63
GRE Trunnel with IPsec Encryption Issue 3 34
NSD FAIL 2 22
VPN doubts 4 25
Let’s list some of the technologies that enable smooth teleworking. 
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now