[BBLISA] Odd Latency issues over VPN

John Stoffel john at stoffel.org
Fri Jan 24 16:36:03 EST 2014 

>>>>> "Nick" == Nick Cammorato <nick.cammorato at gmail.com> writes:

Nick> On Fri, Jan 24, 2014 at 12:39 PM, John Stoffel <john at stoffel.org> wrote:
>> 
>> Nick,
>> 
>> From looking at your description, it really sounds like you've got
>> some sort of caching in the middle which is slowing things down.  But
>> you don't explain the other side of the VPN well enough to know.
>> 
>> 
Nick> No caching, no application acceleration anywhere I'm aware of.


>> Can the client using the VPN got a simple FTP from either of your
>> Confluence servers at full speed?  Or can they pull http data from
>> other internal hosts over the VPN at full speed.
>> 

Nick> Installed vsftpd real quick, SCPed a test file over to the pub
Nick> directory - it started at 2.5 and went up to 3.5 MB/s on the
Nick> transfer up.

That's a good sign...

Nick> Pulled back down over FTP and SCP at 10kbps.

But that's bad.  So there's something between your Confluence server
and the device on the other side of the VPN that's choking things.
Hmm... can you do fast downloads from other systems via the VPN
connection, or are the Confluence the only ones slow sending data out
the VPN?  

Oh!  Have you checked the speeds of all your connections?  It's almost
like you have the dreaded 100mbit - 1GigE mis-configuration that the
old Sun hme (Happy Meal Ethernet) interfaces used to have at one time
with Cisco devices.  Autonegotiation would break down, etc.

Can you use 'iperf' on the Confluence side to see if you can push a
bunch of data to various other systems, to try and narrow down where
in the chain of network hops the slowdown happens?  Or even just doing
scp to/from the box from various spots sould help narrow it down.

Something is seriously wrong in the network.  Heck, it could be the
ASA is just hammered, or has a poorly written firewall rule or something.

Nick> The fact that serial access is slow, while parallel access is fast
>> is... surprising.  Does each access when done in parallel stay at
>> 10kbps, or do they all speed up to whatever the max the pipe to their
>> end supports.
>> 

Nick> The all speed up(to 200kbps or so) until one remains, then it drops back
Nick> down.  It's utterly bizzare.
Nick> _______________________________________________
Nick> bblisa mailing list
Nick> bblisa at bblisa.org
Nick> http://www.bblisa.org/mailman/listinfo/bblisa

More information about the bblisa mailing list