Solved

Very Slow, sometimes no, routing on LAN

Posted on 2015-01-03
17
197 Views
Last Modified: 2015-01-11
Here is a simplified diagram of the network in question:

[ASA 5505] <-> [Server 2008 R2 (DC/AD/DHCP/DNS)] <-> [Switch (Nortel Business Ethernet Switch 1020-48T-PWR)] <-> [Patch] <-> [Drop] <-> [Computer/devices]

The problem seems to be at the switch. If I bypass switch, things work well. I thought I had a bad switch, so I swapped it out, and had the same issue.

The Nortel switch is straight out of the box (I have three of them, all acting the same), so it seems that I need to do some config on them to get it working correctly, but I have no idea what to start with. Nortel is gone, so I can't get a firmware update or support for this.

Any suggestions?
0
Comment
Question by:james_lict
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 4
  • 3
  • +2
17 Comments
 
LVL 96

Expert Comment

by:Experienced Member
ID: 40529288
Please try a different product. I had a Nortel box in a business 15 years ago when they were alive. Their firmware was buggy and I had to return it. With Nortel gone, you need to put the Nortel boxes into recycle and get modern gear. Sorry.
0
 

Author Comment

by:james_lict
ID: 40529290
I agree John.

The situation here is that the client is a non-profit with little (really, no) money. I need to run POE switches to support their phones and security cameras.

Given price sensitivity, do you have any POE switches that you can recommend?

Thanks!
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 40529293
Layer 2 switches typically don't require any configuration for basic layer 2 functionality.

If bypassing the switch resolves the issue then that points to something about the switch.  Replacing the switch with one that new in box would seem to indicate that some configuration is needed.  It could be a duplex mismatch.  That can create issues.  But auto negotiation of duplex is pretty reliable these days. Then again, I don't know how old those switches are.

Do have access to any other type of switch (even a small, generic one) just for a short-term test?
0
Percona Live Europe 2017 | Sep 25 - 27, 2017

The Percona Live Open Source Database Conference Europe 2017 is the premier event for the diverse and active European open source database community, as well as businesses that develop and use open source database software.

 

Author Comment

by:james_lict
ID: 40529298
Don,

These Nortel switches are brand new (purchased a few months ago, hence can't be returned to the retailer)

The previous switches worked fine, but I need a POE switch across the network. As I mentioned to John above, budget is a driving factor here. Any suggestions for an affordable POE switch would be appreciated.

Thanks!
0
 
LVL 96

Expert Comment

by:Experienced Member
ID: 40529317
Take a look at the 3-Com line (was HP). Their stuff is good and we use it for the Not-for-Profits we serve. Dell have some POE switches (I am not a big Dell fan). Look also at TrendNet. Their stuff looks to be reasonably priced for POE switches.

http://www.trendnet.com/products/products.asp?cat=83
0
 
LVL 6

Expert Comment

by:Matt
ID: 40529459
Check also DLink. I have them at one of my customer's site. In front is ASA 5505, behind two DLINK switches, one is POE for video surveillance, the other is just for PC's and other network devices which don't need POE capability.

DGS-1210-28P

http://www.dlinkmea.com/site/index.php/site/productDetails/164

http://www.dlinkmea.com/site/index.php/site/products/83/21?product_category_id=79&name=gigabit
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 40529495
I've been having good success with the HP Procurve POE switches.  The 1900 series can be found for around $500 for a 24-port POE version.
0
 
LVL 46

Expert Comment

by:Craig Beck
ID: 40531338
Saying change the switches is not solving the issue...

Can you try to draw us a diagram of how everything is connected?  Do you have one or multiple links to your switches? Etc...
0
 

Author Comment

by:james_lict
ID: 40531349
Hi Craig,

The network diagram is as stated above:
[ASA 5505] <-> [Server 2008 R2 (DC/AD/DHCP/DNS)] <-> [Switch (Nortel Business Ethernet Switch 1020-48T-PWR)] <-> [Patch] <-> [Drop] <-> [Computer/devices]

I think the other commenters have convinced me that the Nortel POE is the problem. I am purchasing a different brand POE to see if that gives us better results. Will have it later this week.

Just to answer your question: no, only one link into the switch.

Thanks and Happy Monday.

J
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 40531352
So you're saying that the user computers connect to the switch, then go through the Server to the ASA?
0
 
LVL 46

Expert Comment

by:Craig Beck
ID: 40531361
I saw that but wanted a bit more (like interfaces, etc).

So your firewall connects directly to your DC, then the DC connects to the switch?  Does that mean everyone has to go through your DC to get to the firewall??

Why did you decide to change the switches?  Was it purely for PoE?
Are you aware that you can buy multi-port power injectors (look just like a switch) so you don't have to change your switches.  These are usually a couple of hundred.

What kind of testing did you do in terms of the switch?  Did you try with everyone disconnected apart from one client, for example?  Like I say, it's not a great solution to say use a different vendor.
0
 

Author Comment

by:james_lict
ID: 40531362
@Don, the problem with ASCII drawings...

No, the server is just providing DHCP/DNS. The switch is connected directly to the ASA. My bad diagramming skills. Thanks for asking for the clarification.
0
 
LVL 46

Expert Comment

by:Craig Beck
ID: 40531364
@Don - you beat me to it :-)

@James -
@Don, the problem with ASCII drawings...
That's EXACTLY why I asked for a drawing ;-)
0
 

Author Comment

by:james_lict
ID: 40531367
@Craig, injectors are not an option. No power easily available on the user end.

I had a bad diagram above -- traffic does not need to go through DC.

Yes, the switch change was specifically for POE. The old switches (3COM) were working fine, just needed POE.

Testing of switch was as you suggested; only a link and one device.
0
 
LVL 46

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 40531474
The injectors I'm talking about are just like a switch - one PSU for 24 ports (for example).  It would fit in a rack just like a 1U switch.

...something like this...

http://www.cmsplc.com/gigabit-12-24-port-poe-injector-hubs.html
0
 

Author Comment

by:james_lict
ID: 40531492
@craig -- I had not considered that. That is a great solution. I will purchase one and see if it will be good for us.

Do you have a recommendation for the hardware to purchase?

Thanks so much!
0
 

Author Closing Comment

by:james_lict
ID: 40543584
You never know what you don't know, until you speak to an expert like Craig! Thanks so much.
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is focussed on erradicating the confusion with slash notations. This article will help you identify and understand the purpose and use of slash notations. A deep understanding of this will help you identify networks quicker especially w…
If you are thinking of adopting cloud services, or just curious as to what ‘the cloud’ can offer then the leader according to Gartner for Infrastructure as a Service (IaaS) is Amazon Web Services (AWS).  When I started using AWS I was completely new…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Suggested Courses

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question