Core switch overloaded?

My network has been running slow for the past couple of months. I am trying to track down the issue. I do not believe it is just one issue but a couple of them. I have a HP 2900-24G switch as the core switch in my network. All resources are plugged into it. Internet, database server, file servers, VM server, PDC, Exchange server and a couple workstations. I have an Adtran 1234 POE that also plugs into it. Connected to the Adtran is the fiber for 2 other buildings and our MPLS router for 3 other locations. The other locations also utilize out internet at this time and access the other servers previously mentioned.

I have ran wireshark on a mirrored port on the HP. What is returned is out-of-order, DUP acks, resets and retransmits. They don't all come from the same source so it is hard to track down. The switch doesn't show any errors.

Is it possible that the HP is over burdened since everything is accessing it? It kind of seems like a bottle neck to me. I can't figure out if that is the cause of the issue or not. Do you have any suggestions to help with traffic flow?
jhawk3Asked:
Who is Participating?
 
emilgasCommented:
Trunks are completely different things. Those are ports that connect two switches together. More specifically and formally TRUNKS carry multiple VLAN traffic whereas a regular port carries only a single VLAN traffic.

Think of it like this: regular switch port belongs to a certain VLAN, but once a port becomes a TRUNK then it needs to be connected to another switch.

Let's go back to your original topic. I assume that by now you realized that you need to segment your network. Right?
Well, this is where things get complicated, challenging and interested at the same time, Oh, and don't forget that it might get expensive LOL.

I can give you some directions but ultimately you need to do some research on this and figure out which route you want to take.

The subject you want to research on is "InterVLAN routing". Basically you Need to either have a LAYER 3 switch or multiple routers if you current router does not have available ethernet ports. Sometimes you can even get away with "Router-on-a-stick" model which could be OK if you are a small network.

The Best solution is to have a Layer 3 switch but that's the most expensive solution because Layer 3 switches cost a lot more. "Router-on-a-stick" model is the cheapest:
Here take a look: http://www.networkstraining.com/cisco-router-on-a-stick-with-switch/

and everything else falls in between.

I think this is a good start for you to start your research. If you are new to all this you might get confused but that's why we are here on Experts-Exchange.
0
 
emilgasCommented:
How many nodes on that Network in total including the Servers?
Do you have VLANs?
0
 
jburgaardCommented:
Does it show high CPU ?

You could make yourself a report and look at dropped pacekts via a CLI-command where you copy all sort of info to a TFTP-server:

copy command-output "show tech all" tftp <IP_of_your_TFTP_server> <filename_of_report.txt>
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
jhawk3Author Commented:
Total nodes on the network including servers about 150. The company uses a lot internet resources. The MPLS connection from the remote sites is 2.0mps at one location and 1.5mps at the remaining two. The main location were the switch is located has a connection of 4.5mbps.

Yes, there are two VLANS. One for VOIP and another for data.

The switch shows about 30 - 40% cpu usage on average. The switch itself doesn't show any drop packets. Only when I run wireshark can I see the errors. You wouldn't no there were issues besides the extreme latency. However, the nic (SNMP) of the servers do show a massive amount of resets and retransmissions. If it was one server I could narrow it down. But all the servers show errors.
0
 
emilgasCommented:
I see one major problem here, you said you have two VLANs. Well your second VLAN which is DATA holds 150 nodes which is quite big. That should be broken down even more.

I could imaging all the traffic in that DATA Vlan.

Break it down to 3 Vlans of around 50 nodes.
0
 
jhawk3Author Commented:
Sorry,  I guess I was miss leading. There is a VLAN for VOIP and then there is the default VLAN for data.
0
 
emilgasCommented:
Well that's the Same Thing. Default VLAN is still a VLAN that holds all 150 Computers
0
 
jhawk3Author Commented:
Yes, it holds all of them total. There are four different sites each with their own switches. If I didn't have a VLAN for voice wouldn't that be the same thing?
0
 
emilgasCommented:
I'm not sure If I understand your question.
We are talking about your Default VLAN, right?
0
 
jhawk3Author Commented:
Correct, lets take the VOIP out of the picture. If I just had a network with 150 nodes on it, is it still recommended that I split them into VLANs. If so why?
0
 
jhawk3Author Commented:
Nevermind, I googled it and found a site that explained why I should have a segmented network instead of a flat one. (Learn something new everyday.) http://www.dslreports.com/faq/15009 

If I switch over to a segmented network do I just put the resources (Servers, internet) as trunk ports so all vlans can access them?
0
 
jhawk3Author Commented:
I will admit that I am new to VLANS. We started out as a small network and have grown to a large one with multiple locations. Unfortunately, I did not let the network evolve at the same time. So now I am here. So, I need to research inter VLAN routing solutions.

Will segmenting the network help with latency and congestion? I know VLANs segregate the traffic but it's still on the same switch. The switch can only work so fast. Am I thinking of this wrong? I am thinking of it like a PC that can only process a certain amount of information at a time. Unless, it has threading or multi-cores. Does a switch not function like that?
0
 
emilgasCommented:
You are thinking right but at the same time it is a bit different. You are right that a switch can handle so much, but at the same time when you segment the network you are sort of partitioning the traffic.

Here is an analogy: if you have a Freeway that has 6 Lanes, and you have a Freeway that has 6 Lanes but there is a wall in between lane 2 and 3 and another wall between lane 4 and 5. Basically you have 3 mini 2 lanes freeways. The freeway still has total of 6 lanes, but the traffic flows more efficiently and independent from one another. An accident on lane 2 will effect the first freeway which has lanes 1 and 2, but the other two freeways are clear.

Does it makes sense? Basically total amount of cars would still be the same, that's your Switch's power, speed and capabilities, but the performance would be better.
0
 
jhawk3Author Commented:
So a server or nic that is slowing down my network now and causing all the resets, etc. would only harm the vlan it is in and not effect the flow of the other vlans. Even thought they are running over the same switch.

Okay, when I convert my network into a segmented network, where do I put my internet and resources that would be used by all vlans? I read online that I should put then in there on vlan. Does that sound correct or am I creating a bottle neck?
0
 
emilgasCommented:
To answer the question in part one, a slow server will not slow down a network. It will slow down whatever the server's function is. Servers and data have nothing to do with the physical network. So if you have a slow server and 10 computers are using the services offered by that server all 10 computers will seem slow, and that should not be confused with a slow network.

If that's your case then you are troubleshooting something else. You have to upgrade your servers. So if you had a super fast NEW Server, and only one computer is using that server and the PC is also a fast one and is only accessing that server then it's your network, But having a fast and optimized and tuned network will not make server issues go away.

Second Part of your question:
Your internet is always the outside therefore you configure that separately, and that is not part of the segmentation. Now your servers, resources and everything else on your network is part of your LAN and that's what you separate from each other.

Your router ("INTERVLAN ROUTING") or your Layer 3 switch will take care of taking data from one VLan to another. That's your challenge to set up.
0
 
jhawk3Author Commented:
The servers are not running slow. Every thing on the network is. I think segmentation is the way to go and will help greatly. I will start there. Thanks for the help. 500 points doesn't seem like enough.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.