<div dir="ltr">Not that I'm seeing. Normal looking window sizes(to me), no packet loss that I can see. I'll send along a set of captures from the tap.</div><div class="gmail_extra"><br><br><div class="gmail_quote">
On Fri, Jan 24, 2014 at 12:01 PM, Matt Simmons <span dir="ltr"><<a href="mailto:bandman@gmail.com" target="_blank">bandman@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">When you tcpdump, are you seeing any chicanery with the TCP window size? I assume you would have mentioned things like retransmitted packets and so on. No packet loss? <div><br></div><div>--Matt</div></div>
<div class="gmail_extra">
<br><br><div class="gmail_quote"><div><div class="h5">On Fri, Jan 24, 2014 at 11:57 AM, Nick Cammorato <span dir="ltr"><<a href="mailto:nick.cammorato@gmail.com" target="_blank">nick.cammorato@gmail.com</a>></span> wrote:<br>
</div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div class="h5">
<div dir="ltr">Hi everyone,<div><br></div><div><div>I thought someone here might have some ideas, because I'm currently stumped. For some background: I recently consolidated all of our "inside" layer 3 onto our Juniper SRX 1400. Prior to this everything was scattered across a few different devices with some point to point links. For the most part, everything works as expected - pretty well. The exception being why I'm mailing the list - VPN connections(via our ASA) to our internal instances of atlassian confluence are suddenly excruciatingly slow.</div>
<div><br></div><div>We have 2 confluence instances: a development/test instance and a production instance, each of which live on a different VLAN/has a different gateway. The exhbited behavior is: page loads of up to 30-40 seconds, almost all most of which is a single batched ajax JS load - which is about 300 -> 500kb or so and loads at a rate of 10kbps. This is new behavior.</div>
<div><br></div><div>Traffic not over VPN is perfectly normal.</div><div><br></div><div>Current topography looks as follows:</div><div>ASA(inside) --> SRX (ge-x/x/x.0)</div><div>Clients -(Ge)-> Client Distribution Switch --(2XGe VPC)--> Nexus Switches --(2XGe VPC)--> SRX(ae0.1)</div>
<div>Confluence1 -(Ge)-> Distribution Switch --(2XGe VPC)--> Nexus Switches --(2XGe VPC)--> SRX(ae0.2)</div><div>Confluence2 -(Ge)-> Distribution Switch --(2XGe VPC)--> Nexus Switches --(2XGe VPC)--> SRX(ae0.3)</div>
<div><br></div><div>And I've tested the following:</div><div>- The ASA was at one point cabled off the Client Distribution Switch with the vlan dwelling on the agg interface, moving it had no effect.</div><div>- I've monitored traffic via an inline tap, tcpdumps at both ends, and a tcpdump on the router itself looking for fragmentation, out of sequence packets, etc. and seen nothing.</div>
<div>- I've done the above looking for DNS traffic to see if maybe there is an nslookup issue somewhere, and nada.</div><div>- iperf shows normal bandwidth to the confluence servers themselves - 10mbps or so from home.</div>
<div>- There don't appear to be any autonegotiation issues.</div><div>- No errors on any involved interface.</div><div>- No errors in apache, confluence or tomcat logs, regardless of log level.</div><div>- Software version of confluence has no effect.</div>
<div><br></div><div>Now here's an odd thing, if I do a curl on one of the slowly loading scripts, in isolation it loads at 10kbps or so - this is repeatable too, daisy chain 10 loads of the same script and they will all load at 10kbps. If I fork and run the curl twice or more in parallel, however, it loads instantly.</div>
<div><br></div><div>Anyone have any ideas before I start opening TAC/JTAC cases?</div><div><br></div><div>Thanks,</div><div>--Nick</div></div><div><br></div></div>
<br></div></div>_______________________________________________<br>
bblisa mailing list<br>
<a href="mailto:bblisa@bblisa.org" target="_blank">bblisa@bblisa.org</a><br>
<a href="http://www.bblisa.org/mailman/listinfo/bblisa" target="_blank">http://www.bblisa.org/mailman/listinfo/bblisa</a><span class="HOEnZb"><font color="#888888"><br></font></span></blockquote></div><span class="HOEnZb"><font color="#888888"><br>
<br clear="all"><div><br></div>-- <br>"Today, vegetables... Tomorrow, the world!"
</font></span></div>
</blockquote></div><br></div>