How to help speed up the network?

[Internexus]

I have been getting some complaints about the network getting slower and this is my first network so I am not the most familiar with what to do here...

We currently have multiple servers, 2 cisco switches, a cisco firewall, router, and about 16-20 user machines.

I have gone through a couple weeks ago and cleaned off unnecessary data on the servers and then defragged them and restarted them all. Each user machine is shut down each night by habit of all of the users.

Do I need to physically reboot the router/switches/firewall each night or week or anything? Also on our switches they have 2 ports each on them for ethernet links that we have gigabit cards for. Currently each one has one card in it and a cat5 cable linking them. I have 2 more cards available, if I were to put them in and link them via cat5 cable would this automatically detect the change and help speed up the network any? I currently do not have any kind of budget for updating so I have to use what we have here...

I could really use some advice here guys. Thanks for any ideas!
-sean

 

[I21st]

You should not have to restart any of your infrastructure equipment. It's meant to be running 24X7 unless you have to make some code update to it or something. What you need to get is a detailed explanation from your users. Troubleshooting "slow" is not realistic. What is slow? When do you experience "slowness?" Is it a LAN or WAN issue? Is everyone seeing the same thing or is it just one or two people? "Slow" must become "When I access the File Server at 9:00AM, it's much worse than when I access it at 3:00PM" for instance. If you have Gb uplinks between your switches and your users/servers are connected at 100Mb, I doubt setting up EtherChannel (combining multiple uplinks as you suggested) will help. However, you need more data before you can make that decision.

 

[Internexus]

Hey I21st thanks for the response. I will try and clarify a little bit.

Yesterday we were actually having internet and network outages which I couldnt figure out why those were occuring. We were literally losing access to servers and the like as if a network cable were unplugged. I personally don't feel like the network is becoming slower but the boss is stating that it is and im not really going to argue with him as I really like being in IT.

I personally feel a lot of it has to do with his system more than anything, but I could very well be wrong. So I am personally looking at this as a good time to learn what kind of proper maintenance I need to know. Is there a routine maintenace I should do each week or month and the like to make sure everything is up to par?

He is complaining about things I need to be doing and covering but not giving me any kind of budget to go off of to insure proper functionality here so I have to stretch everything I have and make sure we stay 100% as much as possible. You are also correct that the users are only connected at 100mbs. Is it possible to actually speed them up without having to purchase new ethernet cards rated at higher speeds etc? Any ideas?
-sean

 

[I21st]

You probably could do with a couple different things here.

First, you need to put some hard numbers behind all this perception. Statistics from your switches, routers, firewall, and servers would be very helpful in figuring out if there truly is a problem or not. I'm going to assume that you don't have any kind of SNMP monitoring here but that would be very helpful. If you were having Internet AND LAN outages, then your switches and routers are where you should start. Pull port statistics from your switches and keep an eye on the lights to see if any of them change to orange at any time (sign of signal loss and/or convergence). Most Cisco switches do offer a http interface for redimentary monitoring. This can help bring up the visibility into your network and that what it sounds like you really need most at this point.

Second, as far as routine maintainance, I'd recommend keeping up to date on security updates, hotfixes, etc from all your vendors. Sign up for their update alerts. Provided you do proper testing before deployment, that will help increase your uptime and security environment. Most routers, switches, etc require regular monitoring more than maintainance (hopefully).

Lastly, I'd suggest maybe creating some simple scripts that give you basic functionality since buying solutions doesn't seem to be an option. Simple ping monitoring of your systems from a network management server is better than nothing to begin to understand what happens and when. Also, create yourself a checklist of things to observe daily. Performance/fault numbers from your infrastructure, disk space usage, security exposure, server uptime, etc. Again, raising your exposure level is the key.

Hope this helps.

 

[Internexus]

To my knowledge we do not have any kind of SNMP monitoring. What would be the bets way to go about getting the statistics for my cisco equipment off the bat? I do try to keep security updates for windows and the antivirus software more than anything on some of the systems but I am needing to get a network wide policy going of all machines staying on 24hrs a day so that I can have updates downloaded/installed each night and then weekly virus scans etc... Also I am not familiar with scripting either :/ Thanks!

 

[BobDcruz]

If your network was bigger then perhaps looking at increasing comms speeds at critical points on the network could/would be a consideration. However you have 16 to 20 users so unless you have some very heavy weight (and badly written) apps this should not be necesary.

As requested earlier in the thread, what is the users perception, is it slow at particular times of the day?, are there certain activities that are slow?, whats happening at the same time?. Is this a degradation in performance or has it always been like this?. If it is a degradation, when did it start, what else happened at that time?.

Sometimes problems like this can be resoved very quickly and easily, others can take weeks to find as I am sure you are starting to realise, networking is not as simple as plugging some PC's together with cat5.

A recent network performance problem I looked at was the result of a fairly minor and insignificant DNS change, but the result was many complaints about poor performance that although demonstrable took many days of analysis with a network monitor to narrow down. So the more information you can collect and provide the better.

 

[I21st]

You'll want to go to the command line through telnet (or better ssh) and use the show commands to display info. Try "show ?" and it will list a set of parameters you can specify. "show port" will list out the status of ports, errors, and more that should help. "show version" will show the switch's uptime. Play around in there until you get comfortable with the interface and the commands. The command line on most of your cisco gear will be similar.

On a windows command prompt, type "ping /?" and it will list out some options for ping. For example, you can type "ping (enterIPhere) -t -l 1" and it will ping the IP you've selected indefinitely with only 1 byte of data. Simple continous pings maybe not a very elegant way of testing connectivity but in your situation, it's a good place to start. tracert, netstat, nbtstat, and arp are also good commands to become familar with. You can use these to assist you in your testing. *nix tools like nmap, nessus, and hping are great for testing networks too.

 

[technome]

Find out if your network switches are "managed" or "unmanaged", by referring to the manufacturers literature. If it is a managed find out how you access the switch. Managed switches can tell you a great deal about a network, most important the number of errors produced by each attached machine. If you have unmanaged switches, but have access to a high quality cat 5 cable tester, I would run a test of all the wiring throughout you network; if you have a telephone contractor , they generally have a cat 5 cable tester.

Down load TCP optimizer, check you MTU on all your routers, local and remote. Most firewalls/routers cannot maintain VPN connections if packets are being discarded along the route.

http://www.speedguide.net/downloads.php

Pathping your remote machines through the VPN tunnels, you should have few if any lost packets. Type pathping a space then the ip address.

UPS on all routers, modems etc which form the VPN tunnels
Slight voltage variations will cause firewalls/routers to drop connections or freeze up.

 

[pgerth]

If the speed issue is only at one station then I'd have a close look at that station for spyware/malware. This could also be clogging the network . You can get one if the free sniffer type programmes like Ethereal or Packetyzer , monitor the port going to your router by using a monitor/span port on thje switch.

---p

 

[bcastner]

http://support.microsoft.com/?kbid=315237

 

[pgerth]

It wouldn't be collisions on a switched network unless there were hubs as well. Ok there could be if the switches were set to half duplex instead of full. Check the switch interfaces stats , sh int ... do you see collisions, or other likely errors?

---p

 

[technome]

I thought the MS article was a bit strange, as to the collision part, since few networks have hubs anymore. I would definitely try the TcpWindow size. TCP Optimizer will set this for you.

Do a search on SMB signing at the Microsoft site, turn it off, not really a network tweak but any affected machines become CPU intensive.. if they are having a problem with it, it causes delays and sometimes errors. Turn off on wks and server. On all networks I setup, I turn this off from the beginning.

You might play with the flow control settings. On cleanly wired networks which will pass cat 5 certifications I have been able to turn it off completely (not always), with very good results. Having it on on both the switches and the NICs is redundant. If it is necessary, have it enable on the switches or the NICs, having it on the enabled on the switches is the most manageable. Seen >50% speed difference depending on the setting. It will be necessary if cable segments produce many errors.

If any of your cables need to be at, or drop to, half duplex suspect a cable which would not pass cat 5 testing, most of the time a poorly terminated cable, or a crushed patch cord.

 

[pgerth]

>>Do I need to physically reboot the router/switches/firewall each night or week or anything?<<

No just leave them alone!

>> Also on our switches they have 2 ports each on them for ethernet links that we have gigabit cards for. <<

Are these Cisco 3550 switches with GBICs ? Again shouldn't be an issue. You can check the interfaces for errors though as I said before, sh int .. either with the specific interface number as in sh int fas 0/1 or just the sh int command and you'll see all of them sequentially.

>>were to put them in and link them via cat5 cable would this automatically detect the change and help speed up the network any?<<

Unless you were seeing congestion between the switches it wouldn't make any difference and if you were to just populate them without creating a trunk spanning tree would kick in and disable one of them. Again look at the interfaces for errors , the switch will tell you a lot.

One thing though, I've seen a lot of installations where the inter switch connections were cascaded in a daisy chain fashion. Ths isn't the best way to connect, think about it, traffic from a device on the last switch to one on the forst has to traverse all the switch connections and switches. I prefer to have the newest and fastest switch at the top of a hierarchal tree. Have the resources that users access as close to each other as possible.

Throwing $ at a problem isn't the best way to resolve it. To expand what I said in my firt reply, look at the station that is reporting performance issues. The problem may be in that device. If there are other users complaining then what is common? I had a site with several users in a council chamber, all were on a small 10/100 switch connected to the core by fibre. The issue came down to fibre to copper convertors. Also as I sid check for spy/malware using something like AdAware or Spybot search and destroy.

Best of luck

---p