Solved

small tcp session packet on phone line

Posted on 2014-03-13
12
336 Views
Last Modified: 2014-03-22
we have a 200mb connection to our office from XO communications and my home office has a 25/3mb connection from AT&T. when I connect to office using VPN I only get 1 - 3 mb connection. using iperf and working with the phone company we found that the bandwidth to each end is what it is suppose to be but the tcp session from XO comm. main office to my home office is only about 3mb at max and have to create 7  sessions to fill the bandwidth. of course VPN only uses 1 session so I only get 3mb at the most. can any one tell me what would cause the tcp session to max out at such a low rate?
0
Comment
Question by:advancedmd
  • 6
  • 3
  • 3
12 Comments
 
LVL 3

Expert Comment

by:Mutogi
ID: 39926870
what are the VPN devices? how many connections are running thru the office to a faster downlink? your residential service is NOT sla guarantee and shared with the neighborhood, that's a variable. I use Comcast Biz class, with 100/25, i only get from the office that is SLA fiber of 100/100 and a cisco 5505a. the VPN thruput is about 7-10MB full, which is most i get. you may only get 2-3MB max on a good day. also the encrpyt the data over the VPN is a mild hit too.

would a SFTP be better?

what is the data that is transferred? Sensitive?


Going over UNKNOWN space is a challenge and is tricky with variable of the "internet",
0
 

Author Comment

by:advancedmd
ID: 39926890
we are using a sslvpn and the data is sensitive so it must be encrypted.
as for the bandwidth, we were able to prove we were getting at least 20mb by running 7 sessions simultaneously so it is not a bandwidth issue. the problem is I need a single tcp session that will not be so small.
0
 

Author Comment

by:advancedmd
ID: 39926922
more info: we did some tests from a home office only 3 hops on phone line from office and he was able to get 90mb tcp session (of course he has a 100/100mb). But others we tested seem to have the same problem I did of getting anything from 1 - 3mb tcp session (more than 3 hops) . is it possible that a NNI (network to network connection) could cause this? and if so, is there any way to track it?
0
 
LVL 3

Expert Comment

by:Mutogi
ID: 39926955
what kind of hardware is at each site?
0
 

Author Comment

by:advancedmd
ID: 39926997
at the main office we have 2 sslvpn websites. one is using a juniper sa2500 and for the other we are using a Juniper mag410. at my home office I am just connecting to the internet using a AT&T uverse 2wire modem. the sslvpn sends some software to the pc and then they connect on the vpn.  but laying all that aside, the test I was doing with the XO phone company, we just used the software iperf from the phone company main office to my house and that is where we saw the problem.
0
 
LVL 3

Expert Comment

by:Mutogi
ID: 39927023
hmmm,

try a unrestricted packet from ofc to home, see what the speed is. also try from alt location to your home over the ssl packet.

are you sure att doesnt restrict a session of ssl to level out the cpu lead on there network, when they hand off the load.

if you can nail to ofc and home then bang.

if you can nail down your alt location to home and get 20MB you know its the home connection.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 57

Expert Comment

by:giltjr
ID: 39930840
O.K, first can we all use the same speed specifications?  Little 'b' is bits and big "B" is bytes.  Some of you are using big B and some are using little 'b'.  Example: 20MB is 20 million bytes per second, which is about what you would get on a 200 Mbps link.

Your home connection is 25mbps/3mbps and you stated the best you can get is 3mbps.  I am assuming that is uploads as your upstream speed is limited to 3 Mbps.

If you ping a host on the other end of the VPN tunnel, what is the rtt latency?
Do you know what the MTU is on the VPN tunnel?
0
 

Accepted Solution

by:
advancedmd earned 0 total points
ID: 39934601
first I want to apologize, I am getting 6mbps instead of 3mbps. second when I connect to the vpn locally I can get up to 100mbps. as for the upload or down load, I am testing on the download side where I can get up to 25mbps. But I think I found the answer about low rate on the session. I found an article on low bandwidth per thread. it show if you do the math, you will see that if you have latency of 75ms and you are transmitting window size of 64,512 bytes, you will only get approximately 6mbps on a single thread.  http://www.networkworld.com/community/node/35620#disqus_thread
0
 
LVL 57

Expert Comment

by:giltjr
ID: 39934973
No need to apologize.  However what OS are you running?  The newer Windows OS should be configured to use sliding TCP window sizes and not fixed at 65K, which improves through-put on high latency high speed link.s
0
 

Author Comment

by:advancedmd
ID: 39935006
on office side I am running windows 8 pro and on home side I am running windows 7sp1. if it is sliding, how do you find out what size of packet you are transmitting?
0
 
LVL 57

Expert Comment

by:giltjr
ID: 39935065
First  packet size and window size are two different things.  

For packet size typically the default is 1500 bytes.  To verify this you can issue the command:

     ping -f -l 1472 x.x.x.x

where the x.x.x.x is the remote host's IP address.  If you get a message about df bit being set and packet must be fragmented, or you get nothing back, then lower the 1472 by 2 until you get a successful ping.

For Window size that gets a bit more complex because it is a sliding window size.

You can look at:

http://technet.microsoft.com/en-us/library/cc938219.aspx

The information there should be the same for the two versions of Windows you are running.  

The only issue is that your VPN client/server could be altering the TCP Window size, so you need to check both your real Interface and the VPN tunnel interface.
0
 

Author Closing Comment

by:advancedmd
ID: 39947238
the math confirms the bandwidth of 6mbps with latency of 75ms.
0

Featured Post

Network it in WD Red

There's an industry-leading WD Red drive for every compatible NAS system to help fulfill your data storage needs. With drives up to 8TB, WD Red offers a wide array of solutions for customers looking to build the biggest, best-performing NAS storage solution.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Cable Modem Provisioning from DPoE compliant server  This Article is to support CMTS administrators to provide an overview of DOCSIS compliance configuration file, and to provision a cable modem located at customer place from a Back office serve…
Let’s list some of the technologies that enable smooth teleworking. 
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

26 Experts available now in Live!

Get 1:1 Help Now