Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4822
Views
5
Helpful
5
Replies

Slow transfer of large files via VPN

ekrogh
Level 1
Level 1

‎08-28-2006 10:27 PM - edited ‎02-21-2020 02:35 PM

Hi

I have 2 sites one in the US and one in the UK.

Both sites have Gigabit Internet connection.

Firewalls are ASA devices.

We have a VPN connections between the 2 sites.

The ping turnaround time between 2 servers are 100 - 110 msec.

We do log file replication between 2 windows 2003 servers, one at each site, using Robocopy.

Problem is that the actual transfer speed cannot exceed 800 kbps.

Any ideas what I should look for ?

Thanks

Erik

Labels:
0 Helpful
5 Replies 5

leonvd79
Level 4
Level 4

‎08-28-2006 11:59 PM

Hello Erik,

From a application layer perspective, are you seeing TCP retransmissions?

From the network layer perspective, are you seeing any abnormalties in the logging of your firewall. For instance MSS exceeds.

What ASA model do you have in place. Can you give more details on the topology.

HTH

--Leon

0 Helpful

ekrogh
Level 1
Level 1
In response to leonvd79

‎08-30-2006 11:41 PM

The ASA's are 5520 in a failover configuration. LAN are dualized switches. Unfortunately I cannot include any drawings.

We will look for any information in the log files.

Thanks

Erik

0 Helpful

roluce
Level 1
Level 1

‎08-29-2006 12:43 AM

Personally, I would look for out of order packet receipt. We've seen this increase steadily over the past two years with Internet traffic, in particular with international links.

The issue is that packets are being delivered with the order mixed up. Packets 1 through 10 are being received 2 6 4 1 5 7 8 3 10 9 (example). This causes a problem with TCP flows, and will normally choke transfer speeds to practically nothing (similar to what you are seeing). If you run a sniffer on the traffic to and from your servers, you should see the packets being received out of order, and large numbers of TCP Fast Retransmits being issued from the the receiving system.

I don't know if the carriers are doing this deliberately, or there is some other explanation, but it's a difficult situation to correct for, and Cisco doesn't have a product that will do it. Other companies do have products which will reorder packets on the receiver end.

One benefit of this is that it chokes Bittorrent down to nothing.

You -will- need a sniffer to properly diagnose this issue. If you don't have a professional network sniffer, Ethereal does the job in a pinch.

Rob

0 Helpful

mheusinger
Level 10
Level 10
In response to roluce

‎08-31-2006 04:29 AM

Hi,

there are two things I would look for first. One could be MTU related issues, which would result in retransmissions. on a Cisco router those can be sorted out with the command "ip tcp adjust-mss 1300".

The second thing I would look for are TCP related problems, besides reordering mentioned above, also window size.

TCP throughput is approx. (TCP window size)/(round trip time). Given the numbers from your post RTT=0.11 sec and throughput 800000 bps one would get a window size of about close to 16 kByte, which is default on some Microsoft operating systems. Make sure you get at least 64 kByte or more to allow for higher throughput. The calculation only holds, when there are no dropped packets. Retransmissions lead to a reduced window size (half of previous value) and therefore reduced throughput.

Regards, Martin

patrickkuiken
Level 1
Level 1
In response to mheusinger

‎07-31-2019 07:33 AM

This is exactly what i needed and works for SMB over IPSec
My settings was 1452 and strangly works with a lot of our customers with the same Cisco 867vae model.

Thanks,
0 Helpful
Customers Also Viewed These Support Documents