Solved

Slow LAN

Posted on 2014-03-03
18
941 Views
Last Modified: 2014-04-20
Hi

I was at a client site today and was surprised at how slow file transfert was.

I had simply copied a 4.5MB file over to the server, a Windows Server SBS 2008 R2, and had to wait an unusually long span of time for its completion.

I installed 'Lan Speed Test' together with the LST Server module and ran some tests.

The XP PC, on which I had first noticed the sluggishness during the file copy, the test utility never made it to the end of its 10 packet cycle. I tried various packet sizes but the issue was always the same after two or three packet I got an "error writing to the server"

I then ran the same test from a W7 PC, at 1, 10 and 100MB packet sizes. The average writing (upload) throughput hovered close to 1 Mbps, while the reading (download) average was around 70 Mbps.

My opinion is that this situation is the result of bad cabling,

What is your opinion ?

Thanks
yann
0
Comment
Question by:Yann Shukor
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
  • 3
  • +4
18 Comments
 
LVL 58

Expert Comment

by:Gary
ID: 39901854
So it is a wired and not wireless network.
Firewall, AV?
0
 
LVL 8

Expert Comment

by:Mandeep Khalsa
ID: 39901856
Is there a switch connecting the servers with the workstations? That might be your bottleneck.
0
 
LVL 17

Assisted Solution

by:Brad Bouchard
Brad Bouchard earned 125 total points
ID: 39901860
Bad cabling or a switch.  Try tracing the cabling to see if there is a bad connection, or reboot the switches in the building.
0
Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

 

Author Comment

by:Yann Shukor
ID: 39901886
It is a wired lan
Yes there is a switch
Hmm, no, I didn't think of rebooting it. Darn.
It's a 16 port D-Link switch
I'll get a user to restart it tomorrow
Thanks
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 39901895
A good reboot is always one of the best solutions.  Also, if the reboot doesn't fix it, try testing from a different workstation.  Make sure that the workstations NIC is set to the network speed/duplex setting of the switch.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 39902099
Not nearly enough information.

How many computers are on the network?

Is is a single IP subnet?

Brand, model, and number of switches.

NIC speeds.

If you think it is cabling, then make sure you have CAT5 if everything is 100 Mbps, or CAT5E or better if 1000 Mbps.

If all switches are unmananaged, then all computers should be set to auto speed and auto duplex.

If switches are managed, then the switches and the computers should be configured the same as the port they are connected to.  Either both auto/auto, or both fixed speed and fixed duplex.
0
 
LVL 10

Expert Comment

by:Scott Thomson
ID: 39902312
1. Restart the machine
2. Restart the switch
3. go into the nic properties and make sure as above it's set to duplex auto.
3. try testing after each of these settings has been adjusted to see the improvement after each one

because you said the other machine had been ok i would possible assume that the issue was the machine itself has not been restarted.. you can use pstools or check network status to see how long the machine has been up
0
 
LVL 17

Assisted Solution

by:pergr
pergr earned 250 total points
ID: 39902627
Probably one bad device is flooding the network with 'crap'.

Two ways to test.

1) Run Wireshark on your laptop, and see what packets you see. There should be loads of packets that seems strange.

2) Disconnect one PC at a time from the switch, and see when the speed increases - to figure out which one is causing the problem.

The actual problem, could be a bad NIC, or a bad cable, or a bad port on the switch.

Of course, the NIC/Cable of the server itself could be the problematic one.
0
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 125 total points
ID: 39903041
Running Wireshark  as pergr suggested will help identify what, if anything, is flooding the network.

Since the switch 16 port D-Link it is more than likely unmanaged, which means no switch statistics.
0
 

Author Comment

by:Yann Shukor
ID: 39904230
We restarted the switch this morning

And tonight I'm running Wireshark on the server

I noticed during a file copy between a PC and the server I get pile load of "TCP DUP ACK"
a spattering of "SMB TCP RETRANSMISSON", and "TCP ACKed unseen segment"

I also noticed before the file copy that there were a nimber of TCP KEEP-ALIVE

I swimming in uncharted territory here; I know, you've got to start somewhere

yann
0
 
LVL 57

Expert Comment

by:giltjr
ID: 39904349
If you can you may want to run a packet capture on both the server and client and then copy a file.

"TCP ACKed unseen segment" can be normal if it appears at the start of a capture and it is on a TCP connection that was already established.

"TCP DUP ACK" means that either that a packet was received out of order, or the receiver waited "x" amount of time for the next packet, it did not come, so it is resending the ACK.

I will to read up o the "TCP KEEP-ALIVE".  I know what it is supposed to be used for, but I'm not sure why it would be used on a file copy.
0
 
LVL 17

Expert Comment

by:pergr
ID: 39904422
RETRANSMISSION points at some packet loss being there, forcing the sender to re-transmit.

What does a simple ping show?
Any packet loss?

Can you try with just the client and server connected (unplugg all other ports)?
0
 

Author Comment

by:Yann Shukor
ID: 39904762
I updated the LAN drivers on both the server and the workstation from which I was testing the filecopy : no difference.

I ran another file copy and the
Dup ACK (...) sddp > microsoft-ds [ACK]
reappeared in similar abundance

PINGs are fine, no visible packet losses

I ran LAN SPEED TEST from another workstation with 1 and 10 MB packets and got more or less the same result as before : 0.5Mbps Writing (Upload) and 80 Mbps Reading (download)

During the speed test Wireshark was full of the following lines :
TCP Previous segment not captured
TCP Fast Retransmission
TCP Out of Order
TCP Keep-ALive
I beginning to believe that the switch could be the source of our problems.
0
 

Author Comment

by:Yann Shukor
ID: 39907168
Apparently the TCP Dup ACK are the result of brute force attacks on the server's port 3389 (Terminal server)
0
 

Author Comment

by:Yann Shukor
ID: 40009798
The sluggishness was finally due to Ethernet wiring issues
0
 

Author Comment

by:Yann Shukor
ID: 40011214
I've requested that this question be closed as follows:

Accepted answer: 0 points for azurtem's comment #a40009798
Assisted answer: 0 points for azurtem's comment #a39907168

for the following reason:

situation is fixed
0
 
LVL 10

Expert Comment

by:Scott Thomson
ID: 40009964
What was the fix.?
0
 
LVL 17

Accepted Solution

by:
pergr earned 250 total points
ID: 40011215
Several experts, including myself, suggested the issue was due to bad cabling.
0

Featured Post

Create the perfect environment for any meeting

You might have a modern environment with all sorts of high-tech equipment, but what makes it worthwhile is how you seamlessly bring together the presentation with audio, video and lighting. The ATEN Control System provides integrated control and system automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question