MPLS speed issue
-
@ambarishrh you definitely have something going on if latency on an MPLS circuit is that high. I would start out by trying to test the network when it is not in use to ensure that the normal workload is not causing the latency.
If you are filling up the pipe the latency will increase.
-
2Mb/s is incredibly slow. That's an E1 equivalent. Imagine using an E1 for file transfers.
And then the latency on top of that. That might be caused by the distance but I'd expect that it should be closet to 40ms.
-
Thanks for the feedback I posted a ticket to the network team on the latency issue. And the Ping was done when no one was in the office during the night.
-
@ambarishrh Could be that the link is going a very long route, maybe through Europe. We get pings from Virginia to Toronto without MPLS of 19ms for comparison.
-
That does sound like a very high ping time for a dedicated link.
-
So after the initial investigation, we just knew that the main office here is connected on MPLS, and the branch office in India also on MPLS, but the main datacenter connecting these two locations are on IPSEC!
So not to expect the latency improvement as thought.
One question on the SMB transfer. what will be the optimal latency for SMB file transfer access over these network?
-
May be we should look for some products like riverbed which might help us solve this. Still checking on possible solutions
-
@ambarishrh said:
So after the initial investigation, we just knew that the main office here is connected on MPLS, and the branch office in India also on MPLS, but the main datacenter connecting these two locations are on IPSEC!
I am not sure that I understand this one. So the branch offices connect via MPLS to which other offices (not each other?) And the main datacenter uses IPSec to connect to where? And where is the main office? If the main office is not in the middle of the Indian Ocean it must be adding latency simply by making the packets take longer physically to get between locations but also adding hops. If there is MPLS from each office to the datacenter, where does the IPSec come into play?
-
@ambarishrh said:
One question on the SMB transfer. what will be the optimal latency for SMB file transfer access over these network?
SMB is latency sensitive so you'll want it as low as possible. It will "work" over 120ms but it won't be a great experience. NFS is less sensitive to latency.
-
@ambarishrh said:
May be we should look for some products like riverbed which might help us solve this. Still checking on possible solutions
Riverbed cannot fix latency, it helps with bandwidth. It will improve things but the latency will remain an issue. Not a cheap way to solve the problem, those are quite expensive units.
-
We use SMB over a link of roughly 50ms and it works pretty decently. But it is a 100Mb/s link, not 2Mb/s. And we don't use it very heavily.
-
@scottalanmiller said:
We use SMB over a link of roughly 50ms and it works pretty decently. But it is a 100Mb/s link, not 2Mb/s. And we don't use it very heavily.
That's only 40% of the latency of this link with fifty fold the bandwidth. The difference will be very noticeable.
-
@Reid-Cooper Sorry for not explaining the whole situation on my initial post.
We are part of a global company now. Now for maintaining IT, each locations has their own offices which centralises that regions agency/acquired companies. In our case India comes under the IT company of APAC (Asia pacific) which connects to their datacenter in asia and UAE managed by this regions IT company connecting to a different datacenter.
I think we are the first one who has branches of companies which comes under different IT setup/regions. So India users connecting to the asia datacenter on MPLS, same here in UAE connecting to the other datacenter. But the connecting between these two datacenter are not MPLS, but on IPSEC, not sure why this was done this way.Riverbed, as I've seen from their demo video, caches the files once accessed, so even though it might not fix the latency issue, users will have faster access to the files. We are still in touch with their IT teams to find a possible solution
-
@ambarishrh said:
Riverbed, as I've seen from their demo video, caches the files once accessed, so even though it might not fix the latency issue, users will have faster access to the files. We are still in touch with their IT teams to find a possible solution
You can do that with Windows Branch Cache too.
-
@ambarishrh So you have MPLS to one datacenter, then IPSec between datacenters on the open Internet and then MPLS to the last office? So three legs instead of two? That could easily explain the latency. It's not the IPSec that is likely the issue but that you are doing three hops instead of one. That's not a trivial amount of extra communications and depending on the locations you might have a lot of latency at any given point.
You could pretty easily measure each hop's latency to see where things are a problem.
-
That is a very complicated setup. Since they have the MPLS, why aren't they using it? MPLS is not a technology for point to point connections but for making a mesh behind the scenes. If they are not using the MPLS to connect all of the points together it sounds like someone in the networking department is confused as to how MPLS works.
-
well no comments on that!
-
Let me throw a monkey wrench into all of this, are you sure that the IPSec isn't going over the MPLS network?
Showden provided documentation that proved that the NSA was jacked in at the carrier level, so if you aren't encrypting your traffic when it travels over someone else's physical network, even a carriers, expect it to be snooped on. (stepping down).Anyhow, so the IPSec might be running over the MPLS network.
-
@Dashrender said:
Let me throw a monkey wrench into all of this, are you sure that the IPSec isn't going over the MPLS network?
Showden provided documentation that proved that the NSA was jacked in at the carrier level, so if you aren't encrypting your traffic when it travels over someone else's physical network, even a carriers, expect it to be snooped on. (stepping down).Anyhow, so the IPSec might be running over the MPLS network.
This isn't in the US.
-
@scottalanmiller said:
@Dashrender said:
Let me throw a monkey wrench into all of this, are you sure that the IPSec isn't going over the MPLS network?
Showden provided documentation that proved that the NSA was jacked in at the carrier level, so if you aren't encrypting your traffic when it travels over someone else's physical network, even a carriers, expect it to be snooped on. (stepping down).Anyhow, so the IPSec might be running over the MPLS network.
This isn't in the US.
Like that matter.