|
Question : Slow VPN Performance
|
|
I was trying to transfer a few very small (10 KB) word docs over the VPN today, and it kept failing after a few minutes. There was very little network activity. I wonder if it is an MTU issue. I used wireshark to get the following:
No. Time Source Destination Protocol Info
1 0.000000 00:ff:b4:9b:b3:e5 Spanning-tree-(for-bridges)_00 STP Conf. Root = 32768/02:ff:b4:9b:b3:e5 Cost = 0 Port = 0x8000
Frame 1 (52 bytes on wire, 52 bytes captured)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol
No. Time Source Destination Protocol Info
2 0.841445 10.69.69.4 10.69.69.255 NBNS Name query NB <01><02>__MSBROWSE__<02><01>
Frame 2 (92 bytes on wire, 92 bytes captured)
Ethernet II, Src: AppleCom_9f:1c:06 (00:16:cb:9f:1c:06), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Internet Protocol, Src: 10.69.69.4 (10.69.69.4), Dst: 10.69.69.255 (10.69.69.255)
User Datagram Protocol, Src Port: 52013 (52013), Dst Port: netbios-ns (137)
NetBIOS Name Service
No. Time Source Destination Protocol Info
3 2.000320 00:ff:b4:9b:b3:e5 Spanning-tree-(for-bridges)_00 STP Conf. Root = 32768/02:ff:b4:9b:b3:e5 Cost = 0 Port = 0x8000
Frame 3 (52 bytes on wire, 52 bytes captured)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol
No. Time Source Destination Protocol Info
4 4.000199 00:ff:b4:9b:b3:e5 Spanning-tree-(for-bridges)_00 STP Conf. Root = 32768/02:ff:b4:9b:b3:e5 Cost = 0 Port = 0x8000
Frame 4 (52 bytes on wire, 52 bytes captured)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol
No. Time Source Destination Protocol Info
5 5.503809 10.69.69.49 10.69.69.51 TCP [TCP segment of a reassembled PDU]
Frame 5 (1390 bytes on wire, 1390 bytes captured)
Ethernet II, Src: 02:ff:b4:9b:b3:e5 (02:ff:b4:9b:b3:e5), Dst: 00:ff:02:2d:ce:4f (00:ff:02:2d:ce:4f)
Internet Protocol, Src: 10.69.69.49 (10.69.69.49), Dst: 10.69.69.51 (10.69.69.51)
Transmission Control Protocol, Src Port: microsoft-ds (445), Dst Port: 3119 (3119), Seq: 0, Ack: 0, Len: 1336
No. Time Source Destination Protocol Info
6 5.683029 10.69.69.51 10.69.69.49 TCP 3119 > microsoft-ds [ACK] Seq=0 Ack=1336 Win=17368 Len=0 SLE=4008 SRE=4160
Frame 6 (66 bytes on wire, 66 bytes captured)
Ethernet II, Src: 00:ff:02:2d:ce:4f (00:ff:02:2d:ce:4f), Dst: 02:ff:b4:9b:b3:e5 (02:ff:b4:9b:b3:e5)
Internet Protocol, Src: 10.69.69.51 (10.69.69.51), Dst: 10.69.69.49 (10.69.69.49)
Transmission Control Protocol, Src Port: 3119 (3119), Dst Port: microsoft-ds (445), Seq: 0, Ack: 1336, Len: 0
No. Time Source Destination Protocol Info
7 5.738669 10.69.69.49 10.69.69.51 TCP [TCP segment of a reassembled PDU]
Frame 7 (1390 bytes on wire, 1390 bytes captured)
Ethernet II, Src: 02:ff:b4:9b:b3:e5 (02:ff:b4:9b:b3:e5), Dst: 00:ff:02:2d:ce:4f (00:ff:02:2d:ce:4f)
Internet Protocol, Src: 10.69.69.49 (10.69.69.49), Dst: 10.69.69.51 (10.69.69.51)
Transmission Control Protocol, Src Port: microsoft-ds (445), Dst Port: 3119 (3119), Seq: 1336, Ack: 0, Len: 1336
No. Time Source Destination Protocol Info
8 5.884234 10.69.69.51 10.69.69.49 TCP 3119 > microsoft-ds [ACK] Seq=0 Ack=2672 Win=17368 Len=0 SLE=4008 SRE=4160
Frame 8 (66 bytes on wire, 66 bytes captured)
Ethernet II, Src: 00:ff:02:2d:ce:4f (00:ff:02:2d:ce:4f), Dst: 02:ff:b4:9b:b3:e5 (02:ff:b4:9b:b3:e5)
Internet Protocol, Src: 10.69.69.51 (10.69.69.51), Dst: 10.69.69.49 (10.69.69.49)
Transmission Control Protocol, Src Port: 3119 (3119), Dst Port: microsoft-ds (445), Seq: 0, Ack: 2672, Len: 0
No. Time Source Destination Protocol Info
9 5.926810 10.69.69.49 10.69.69.51 TCP [TCP Previous segment lost] [TCP segment of a reassembled PDU]
Frame 9 (206 bytes on wire, 206 bytes captured)
Ethernet II, Src: 02:ff:b4:9b:b3:e5 (02:ff:b4:9b:b3:e5), Dst: 00:ff:02:2d:ce:4f (00:ff:02:2d:ce:4f)
Internet Protocol, Src: 10.69.69.49 (10.69.69.49), Dst: 10.69.69.51 (10.69.69.51)
Transmission Control Protocol, Src Port: microsoft-ds (445), Dst Port: 3119 (3119), Seq: 4008, Ack: 0, Len: 152
No. Time Source Destination Protocol Info
10 5.926844 10.69.69.51 10.69.69.49 TCP [TCP Dup ACK 8#1] 3119 > microsoft-ds [ACK] Seq=0 Ack=2672 Win=17368 Len=0 SLE=4008 SRE=4160
Frame 10 (66 bytes on wire, 66 bytes captured)
Ethernet II, Src: 00:ff:02:2d:ce:4f (00:ff:02:2d:ce:4f), Dst: 02:ff:b4:9b:b3:e5 (02:ff:b4:9b:b3:e5)
Internet Protocol, Src: 10.69.69.51 (10.69.69.51), Dst: 10.69.69.49 (10.69.69.49)
Transmission Control Protocol, Src Port: 3119 (3119), Dst Port: microsoft-ds (445), Seq: 0, Ack: 2672, Len: 0
No. Time Source Destination Protocol Info
11 5.999866 00:ff:b4:9b:b3:e5 Spanning-tree-(for-bridges)_00 STP Conf. Root = 32768/02:ff:b4:9b:b3:e5 Cost = 0 Port = 0x8000
Frame 11 (52 bytes on wire, 52 bytes captured)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol
No. Time Source Destination Protocol Info
12 7.999410 00:ff:b4:9b:b3:e5 Spanning-tree-(for-bridges)_00 STP Conf. Root = 32768/02:ff:b4:9b:b3:e5 Cost = 0 Port = 0x8000
Frame 12 (52 bytes on wire, 52 bytes captured)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol
No. Time Source Destination Protocol Info
13 9.999523 00:ff:b4:9b:b3:e5 Spanning-tree-(for-bridges)_00 STP Conf. Root = 32768/02:ff:b4:9b:b3:e5 Cost = 0 Port = 0x8000
Frame 13 (52 bytes on wire, 52 bytes captured)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol
No. Time Source Destination Protocol Info
14 11.999763 00:ff:b4:9b:b3:e5 Spanning-tree-(for-bridges)_00 STP Conf. Root = 32768/02:ff:b4:9b:b3:e5 Cost = 0 Port = 0x8000
Frame 14 (52 bytes on wire, 52 bytes captured)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol
No. Time Source Destination Protocol Info
15 13.999322 00:ff:b4:9b:b3:e5 Spanning-tree-(for-bridges)_00 STP Conf. Root = 32768/02:ff:b4:9b:b3:e5 Cost = 0 Port = 0x8000
Frame 15 (52 bytes on wire, 52 bytes captured)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol
No. Time Source Destination Protocol Info
16 15.999500 00:ff:b4:9b:b3:e5 Spanning-tree-(for-bridges)_00 STP Conf. Root = 32768/02:ff:b4:9b:b3:e5 Cost = 0 Port = 0x8000
Frame 16 (52 bytes on wire, 52 bytes captured)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol
No. Time Source Destination Protocol Info
17 17.998949 00:ff:b4:9b:b3:e5 Spanning-tree-(for-bridges)_00 STP Conf. Root = 32768/02:ff:b4:9b:b3:e5 Cost = 0 Port = 0x8000
Frame 17 (52 bytes on wire, 52 bytes captured)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol
No. Time Source Destination Protocol Info
18 19.999737 00:ff:b4:9b:b3:e5 Spanning-tree-(for-bridges)_00 STP Conf. Root = 32768/02:ff:b4:9b:b3:e5 Cost = 0 Port = 0x8000
Frame 18 (52 bytes on wire, 52 bytes captured)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol
No. Time Source Destination Protocol Info
19 21.999241 00:ff:b4:9b:b3:e5 Spanning-tree-(for-bridges)_00 STP Conf. Root = 32768/02:ff:b4:9b:b3:e5 Cost = 0 Port = 0x8000
Frame 19 (52 bytes on wire, 52 bytes captured)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol
No. Time Source Destination Protocol Info
20 23.999534 00:ff:b4:9b:b3:e5 Spanning-tree-(for-bridges)_00 STP Conf. Root = 32768/02:ff:b4:9b:b3:e5 Cost = 0 Port = 0x8000
Frame 20 (52 bytes on wire, 52 bytes captured)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol
|
Answer : Slow VPN Performance
|
|
We probably need more information about the network setup. Type of VPN devices, Internet connection on both ends(T1, DSL, cable) and is this a new problem, in that it worked just fine in the past but today it is crawling. Looking at your packet cap, 75% of the entries was Spanning Tree, which indicates your switch is spending 75% of it's time looking for the best route to send data. However, it could be that you had just plugged a device into your switch when you started your capture and it was learning. I would give it a couple minutes after plugging anything into the switch, then start the capture, then start the VPN and transfer a couple files, then stop your capture. If STP is still accounting for 75% of your traffic, you could have a layer 2 problem.
|
|
|
|
|
