Request time-outs on leased line Point-to-Point link (2Mbps)

Unanswered Question
Nov 22nd, 2008

Topology:

There are three sites (3 routers) within radius of 30 kilometers.

Site A connects to Site C via Site B. Site A has 2600 Rtr, Site B has 2821 Rtr and Site C has 2821 as well.

For connections initiated from Site A for destination in Site C, natting is performed on Site B Rtr. I am running continuous ping test from Site A to various hosts in Site C. The ping time is constantly 26ms which I believe is good. However, approx every 400-500 pings I notice a single packet drop (Request Timed-out).

Is this normal ? And how do applications react to these kinds of drops.

Also please advise some of the troubleshooting points in the given topology in case increased packet drops are experienced.

Thanks.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.7 (3 ratings)
Loading.
Giuseppe Larosa Sat, 11/22/2008 - 02:47

Hello New,

ICMP provides reachability tests and some indications of performance.

I would suggest you to test using an FTP transfer for example.

TCP based applications can tolerate if some packet is lost because TCP provides flow control and retransmission capabilities.

Hope to help

Giuseppe

Joseph W. Doherty Sat, 11/22/2008 - 06:04

Normal, perhaps not, or perhaps so. Pings rely on the cooperation of the echoing host, so some failures could be the host not responding, i.e. your network might be not dropping at all.

As to one failure in 400-500 ping requests, realize there's a request and a response. Assuming the network is dropping one or the other, which is it dropping? If it's dropping both directions equally, you're losing one packet in 800-1000, if just one direction, you're losing one packet in 400-500.

As a general rough rule, most traffic will tolerate up to a 1% drop rate without adverse impact, and yours might be as low as .1%.

If the drop rate does jump up, further investigation is usually warranted, but troublshooting such can involve a lot and you may find it's something as simple as not having enough bandwidth or complex as someone turning on another device that causes interference on a copper cable.

Ping monitoring is very simple monitoring, but much more can be done with your equipment, either alone, or with other monitoring equipment. SLA tests between the routers would be more accurate and informative than ping alone; a SMTP monitoring device could poll your routers for many detailed stats.

new_networker Sat, 11/22/2008 - 06:33

Could you please mention more about SLA tests and how can I perform them.

What kind of SMTP monitoring device could I use.?

Joseph W. Doherty Sat, 11/22/2008 - 10:22

SLAs can get involved. Lots of information on Cisco's site. You might start with:

http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/44sg/configuration/guide/swipsla.html

http://www.cisco.com/en/US/tech/tk920/tsd_technology_support_sub-protocol_home.html

Oops, provided wrong aconymn. What you want to investigate is SNMP. Again, lots of information on Cisco's web site, e.g.:

http://www.cisco.com/en/US/tech/tk648/tk362/tk605/tsd_technology_support_sub-protocol_home.html

Monitoring is usually done by a computer running a special management application. Believe CiscoWorks can do some of this. There's also 3rd party packages. Full featured ones can be very expensive, but some will let you look as just the information that's most want to watch and aren't too expensive or are even free. For instance, MRTG (http://oss.oetiker.ch/mrtg/) is often popular. If you post a question in the Network Management Topic, you should receive many suggestions.

Actions

This Discussion