Need help diagnosing network performance issues

Posted on

Need help diagnosing network performance issues – Managing your servers can streamline the performance of your team by allowing them to complete complex tasks faster. Plus, it can enable them to detect problems early on before they get out of hand and compromise your business. As a result, the risk of experiencing operational setbacks is drastically lower.

But the only way to make the most of your server management is to perform it correctly. And to help you do so, this article will share nine tips on improving your server management and fix some problem about networking, performance, router, switch, windows.

I am currently working in a developing country as a system analyst for a government department. My area of expertise is software projects, but I’ve come across a few issues with the network setup in my office. (Unfortunately, being a developing country, there’s not a lot of professional help available for this sort of thing.)

Most recently, I am trying to diagnose a problem with slowness on the network. Our office is connected to the internet via an ADSL wireless modem/router (called Router). The modem is connected via ethernet to a switch (called Switch). The modem also acts as a wireless access point (called Wireless1), though because it is in a room at the end of the floor, it’s range is limited. There are ethernet ports installed around the office. The cables of these all lead back to the same switch. In closer vicinity to the bulk of the client computers, there is another wireless router that acts as an access point for those clients (called Wireless2). That router is connected via ethernet to a wall port, and therefore to Switch. There is also a Windows server which acts as a DNS server (called DNSBox) which is located in the same room and is connected directly to Switch.

---Internet----------|
               Router/Wireless1
               192.168.10.1 ---------------|
                                           |----|=========| 
               DNSBox                           |         |--------------------
               192.168.10.4 --------------------|  Switch |---Other clients----
                                                |         |--------------------
                                           |----|=========|    
               Wireless2 ------------------|
               192.168.10.198

One final thing to mention about the network setup. All clients are configured with manual IP addresses. Their router/gateway is set to the IP address of Router, and their DNS server is set to the IP address of DNSBox (with a secondary IP set to an external IP – that of our ISP’s DNS server).

Here are the symptoms we are experiencing:

  • Clients connected to Wireless2 AP experience slow and unstable connections to the internet. (Slow here is defined as speeds of ~1KB/s, though ping response times seem to be as normal.)
  • Clients connected via ethernet to Switch also experience the same slowness.
  • Clients connected to Wireless1 AP (i.e. connecting via wireless directly to the ADSL modem) experience normal connections to the internet.
  • Clients connected via ethernet to Router (i.e. connecting via ethernet directly to the ADSL modem) also experience normal connections to the internet.

I also tried to gauge the connection performance between two machines on the network via ethernet:

  • A file transfer between two clients who were both directly connected to Switch was the fastest;
  • A file transfer between one client directly connected to Switch, and one client directly connected to Router (which is directly connected to Switch) performed much slower;
  • A file transfer between two clients directly connected to Router also performed slowly.

Things I have attempted to diagnose the problem:

  • Restarted Switch — no change.
  • We tried unplugging ethernet jacks from Switch 4 at a time and testing the internet connection. The thought here was that perhaps a client on the network has contracted a virus, and is possibly spamming the network with traffic? (Not very technical, I know.) Unfortunately we couldn’t get any significant increases in performance using this method. There were a couple of times when it seemed to be better, but then the connection speed quickly dropped back to slow/dead pace. I didn’t want to unplug all jacks from Switch because I was concerned that users might be affected or that I would re-plug in the jacks incorrectly (should I even be worried about that? a port is a port on a switch, right?)
  • I tried swapping the ethernet cable used to connect Router to Switch — no change in performance.
  • I tried swapping the port used on Switch for Router — no change in performance.

Anyone got any ideas on what this could be? Should I be mentioning specific brand names/models of the hardware used? Virii outbreaks are common in this country/office — what could I be doing to figure out if a virus is at fault? If it is a virus, it doesn’t seem to be generating a lot of traffic to/from the internet, because a) I can still get a good speed if I am directly connected to Router / Wireless1 and b) our ISP data usage has not risen suspiciously.

Thanks for your help!

Update #1

Here are the specs of some of the hardware:

  • Switch is an Edimax ES3132RL 32-Port 10/100 Rackmount Switch
  • Router is a D-Link DSL-G604T

Update #2

I just tried unplugging everything except a laptop and Router from Switch. Speeds are still slow. I guess that means that Router / Switch are not being flooded?

It seems more and more likely that the cause is something to do with the interaction between Router and Switch. However, I still can’t find any useful resources on setting the LAN speed for either (and I’m not well-versed in these advanced networking configurations).

Solution :

All but 1 of the problems you’ve described and all but 1 of the tests you’ve conducted appear to have the switch/router link in common (if I read and understood your post correctly). I know you’ve tried a different cable and switch port but have you looked at the configuration of the switch port and router port for that link? Check the speed and duplex setting on both ends and make sure they match.

Most probable cause is a duplex mismatch. 100 Mbit ethernet has a fault where occasionally one end will be running at full duplex while the other at at half. Check the lights on the switch and router for the duplex setting – both should be full. The characteristic symptom is the network seems to work well with only one computer attached for one way heavy data flow, but when using two-way heavy data flow or with multiple computers attached it falls apart. (Gigabit ethernet is much less prone to this fault due to improved duplex signaling). Solve it by forcing 100 Mbit & full duplex on both the router and switch ports connected to each other.

Cheap routers can have their CPU overloaded by performing NAT across too many connections, generally caused by bittorrent. Unfortunately it’s hard to detect, and depends on the specific model of router.

For Wireless2’s speed issues, is Wireless2 set up to act solely as an access point? Double NAT can be a problem in this case: if everything under your gateway (Router) has a NAT address, and if your second wireless is creating its own private network (even worse: if it’s attempting to do so in the same subnet as your primary network) you can get some nasty behavior.

Could also be that your switch is overworked. How many clients have you got on it at any given time, and what make/model switch is it?

I guess that either the link between the switch and the router is being flooded OR your MTU is being set incorrectly.

You can check for MTU setting by following the instructions here: http://groups.google.com/group/blogger-help/web/how-to-check-the-mtu-setting-on-your-computer?pli=1

Flooding of the connection would probably be obvious (a solid network traffic light rather than blinking). This wouldn’t slow down copies from one machine to another on the switch, because its a switch and not a hub.

Also the firewall in the router can get overloaded if it is asked to do a lot of NAT port mappings. Eg. when a torrent client tries to establish lots of connections to other clients.

Leave a Reply

Your email address will not be published.