Solved

Optimal configuration for a Cisco Router over Satelite

Posted on 2010-08-17
5
623 Views
Last Modified: 2012-05-10
We have a number of remote sites that only have internet access via satelite. Obviously the internet will never be excellent but we would like to squeeze as much performance out of them as possible.

Anyone know any tricks or configuration changes that will improve performance over satelite connections using stock Cisco routers?

Is it best to run detailed or simple QoS policies?

Does the overhead of running a VPN tunnel over the connection add much latency? Is there any way to optimize this?
0
Comment
Question by:PerimeterIT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 24

Accepted Solution

by:
rfc1180 earned 250 total points
ID: 33464449
Having a point to point satellite system you can use:

http://www.mycisco.info/en/US/prod/collateral/modules/ps2797/solution_overview_c07-525404_ps5853_Products_White_Paper.html

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t7/feature/guide/gt_rbscp.html

However, there is not much that you can do with a direct satellite connection to the Internet; the physics limiting what you can actually do. Using VPNs does add overhead, but not enough to notice the difference, and obviously, using TCP on a very long BDP you will notice a degradation in performance, especially with any type of packet loss.

Billy
0
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 250 total points
ID: 33465063
As rfc1180 stated, the overhead of a VPN does not add enough to notice.

However, latency of the satellite could cause problems with the VPN.  Some VPN's technology does not work well with high latency and satellites have HIGH latency.

The issues you will encounter really have nothing to do with the type of router you have, its all about the latency of the satellites.  Minimum RTT for a satellite connection is going to be 500ms.
0
 
LVL 1

Author Comment

by:PerimeterIT
ID: 33468870
Giltjr: Yeah sadly there is no router currently in production (that I'm aware of) that can send data faster than light. :)
We have some existing AES256 VPNs in production over satelite and they're stable, but the performance isn't great. Most of that is the latency, but I would like to squeeze as much out of performance as I can.

RFC1180: Have you used the Cisco solution before? How is it?
We already use Citrix branch repeaters in house, but it isn't really worth it for us to install $10000 worth of hardware for a site that has 1 user...


Has anyone tried using smaller MTU sizes over satelite? I heard that can help.

Any answers to my question on QoS?
0
 
LVL 57

Expert Comment

by:giltjr
ID: 33471135
I don't think that smaller MTU's would help.  Now smaller window sizes may help if you have a lot of dropped packets.

What type of traffic are you sending?  The only way I can think that QOS could help is if you are doing voice, but even then it may not help that much.  Especially if there is only 1 user.

I believe that the 2800's have some WAN optimization bundles.

http://www.cisco.com/en/US/prod/collateral/routers/ps5854/prod_qas0900aecd8033e8f9_ps5855_Products_Q_and_A_Item.html
0
 
LVL 24

Expert Comment

by:rfc1180
ID: 33471160
>Most of that is the latency, but I would like to squeeze as much out of performance as I can.
As stated, there is not much you will be able to do (Even with QoS), changing the MTU will not have much of an affect; in short, what you need to be concerned with is the BDP, RWIN (Window scaling and autotuning); You want the largest maximum MTU, based on the MSS, RWIN, CWIN, etc will maximize the efficiency end to end large BDP paths.

Untested:

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t7/feature/guide/gt_rbscp.html
You can try to utilize RBSCP via the VPN; the protocol (RBSCP) does work ok, better without it. I am not sure how it would work via a vpn. (Both ends to need to be Cisco and and the tunnel mode rbscp


Billy
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question