Latency Issues

[Hamins]

Hi,

I've just started administering a network of around 20 WinXP nodes, and one Win2003 server. The physical network structure is as follows :

We have a 256k Leased Line internet connection that comes to us via a leased line modem which is connected to the router, which is connected to a Watchguard X500 Firewall. There are 2 un-managed switches connected to the firewall. One is a 10/100mbps switch and the other is a Gigabit switch. However, none of the 20 nodes have a gigabit lan card. so the speed is 100mbps.

Now for the issue :

For the past 2 months or so, we've been facing some serious latency issues with the Internet connection, which is affecting productivity. Our ISP has checked the connection, and claims that the latency is due a problem in our LAN.

The users on the LAN don't face any latency when loggin onto their roaming profiles, accessing files from the server, or loggin out.

When I do a normal PING, TRACERT, or a PATHPING from one node to another on the LAN, the response time is 1ms, which is normal. However, when I PING with anything more than 15000bytes , then I receive Request Timed Outs, with packet loss of around 60%. Is this normal ? If not how do I resolve this problem, so that there is minimal or no packet loss when PINGing within the LAN, with large packets. Can someone recommend a good Freeware software that monitors LAN and Internet traffic, and identifies network bottlenecks.

Also, I have noticed that internet latency is only between 9:00am - 11:30am. This is when most employees come in and check their emails, download attachments, visit web-sites etc. Hence, I feel that the internet bandwith is been used to the max. Upgrading to 512k would be really expensive. Itwould cost a around a hundred thousand more per year to upgrade to 512k. So, is there a solution to reduce the internet traffic, without affecting the productivity ? I mean, we still want the users to come in every morning, and check email, download attachments etc. (work related, ofcourse).

Please I need some solutions, suggestions ASAP. I would really appreciate it.

Thanx

[InTheWayBoy]

Wow...I would seriously look into a different ISP.

Upgrading to 512k would be really expensive. Itwould cost a around a hundred thousand more per year to upgrade to 512k.

To me that is insane...now I might have my terms mixed up, but it sounds like you have a fractional T1...and if that's the case, then something is wrong. Cause I have two T1's for under $1000 a month...so $100,000 would be WAY too much!

Of course, this is all just me looking from the outside in. You might have situations that dictate that price...but even something as simple as a business class DSL/Cable connection would be better than a 256K leased line.

Oh, and one thing you might wanna look into is some kinda internal mail host that can sync with your external host. The idea is that your internal mail host would periodically download all the messages from your external host, and then distribute them to your clients from your internal server. This would save some bandwidth, as you would be downloading all the messages in one large chunk, instead of 20+ different sessions.

[chilifrei64]

definately go with atleast an internal mail server. Then, get a proxy server to cache web pages so to them.. the internet is faster and you are still keeping your internet bandwidth and this helps keep everyone happy.

Now.. you say 20 nodes and a win2k3 server... would that happen to be SBS server....?wouldnt that be convient if you used exchange with the pop3 connector for their external mail(if they use 3rd party mail(msn, hotmail, yahoo)) and you would also get ISA 2004 which is a proxy server

and yeah. I dont know what a fractional T1 cost out there.. but over 100,000 dollars sounds waayyyyy too expensive. however.. I dont know what is available out where you live.. bandwidth might be at a minimum where you live. but still 100,000 sound way too expensive.. heck.. if i has about 6,000 dollars worth of equipment at my house.. i could set up a few asynchroneous 56k dialup lines and give you twice the bandwidth you got now for much less. ... not sure what your situation is like... but somebodys gotta have a better price than 100,000 for 512k

[Hamins]

Hi Chilifrie/InTheWayBoy,

Thnx for the response guyz.

I'm from India. Sorry, I forgot to specify that it would Rs.1,00,000 ($1 = Rs.43) not $1,00,000 ...heheh. Bandwidth is expensive in India.

We're using a Win2003 Standard server, which unlike Win2003 SBS does not come bundled with Exchange.

Yes, I was thinking of implementing some kinda Internal mail server to sync with the external one periodically. However, a mail server like Ms-Exchange Standard would be beyond our budget. Is there any other decent mail-server solution that would be considerably cheaper ?

What effective/economical proxy server would you recommend, Chilifrie ?

Also, could someone recommend a good Freeware software that monitors LAN and Internet traffic, and identifies network bottlenecks.

Thnx

Edited October 21, 2005 by Hamins

[Hamins]

The users on the LAN don't face any latency when loggin onto their roaming profiles, accessing files from the server, or loggin out.

When I do a normal PING, TRACERT, or a PATHPING from one node to another on the LAN, the response time is 1ms, which is normal. However, when I PING with anything more than 15000bytes , then I receive Request Timed Outs, with packet loss of around 60%. Is this normal ? If not how do I resolve this problem, so that there is minimal or no packet loss when PINGing within the LAN, with large packets. Can someone recommend a good Freeware software that monitors LAN and Internet traffic, and identifies network bottlenecks.

Could someone please provide me with an answer/solution to this query ?

Thnx

[chilifrei64]

Sticking with strictly windows.. There is a full featured email server called mailenable located here http://www.mailenable.com/ that is actually free.. basically the free version means you ONLY get pop mail.. the professional version you get a web interface to view the mail. I have used this in a few places that dont want exchange but want an internal mail server. As for the proxy server still sticking windows.. CC-Proxy will support webcache proxy and is also fairly cheap. Both of these I have installed before.. fairly simple and straight forward and so far.. no major complaints. (every system has their bugs)

If you are familiar with Linux.. you can download the OS for free and you can use sendmail (http://www.sendmail.org/)as your mail server(built in to most distros) and you can also use squid (http://www.squid-cache.org/) as the proxy server(built into some distros.. downloadable freely otherwise) This requires a bit more linux knowledge as the interfaces are not helpful to people use to windows. Once again. I have implemented these also with no major complaints to date.

Hope this helps

[InTheWayBoy]

To add to the linux suggestion:

ClarkConnect

It's a neat little distro that turns any old machine into a sweat little network box. The free (Home) version is limited, but it has sendmail, squid, samba, ipchains, apache, etc. It's pretty lean on the system requirements, and you don't even need a monitor as all the config is done via web admin.

Probably the easiest way to play around with linux for network tasks.

[Hamins]

Hi Chilifrie/ByTheWayBoy

Thnx a ton guys, for all yer help.

Chili, Mailenable seems pretty neat. I think the Standard (free) edition would be fine. I just want the local mailboxes on the local email email server to be mapped to the mail boxes on net based email service.

I'll also check out CC-Proxy.

A Linux based implementation for email and proxy server seems pretty tempting, but I have'nt worked with any nix based platforms since me college days, so I'm pretty rusty. However, I would'nt rule out Linux based solutions in the future.

The users on the LAN don't face any latency when loggin onto their roaming profiles, accessing files from the server, or loggin out.

When I do a normal PING, TRACERT, or a PATHPING from one node to another on the LAN, the response time is 1ms, which is normal. However, when I PING with anything more than 15000bytes , then I receive Request Timed Outs, with packet loss of around 60%. Is this normal ? If not how do I resolve this problem, so that there is minimal or no packet loss when PINGing within the LAN, with large packets. Can someone recommend a good Freeware software that monitors LAN and Internet traffic, and identifies network bottlenecks.

Could someone please provide me with an answer/solution to this query ?

Thnx

[chilifrei64]

I just started lookin online for the latest and greatest in terms of proxy and what not.. one thing I came across is squid for windows.. you still have to fool around with .conf files but the setup is soooooo simple and it works pretty well so far with default installation.

Just thought I would add that to it since you arent too familar with *nix and squid is a very good proxy server.. this gives you the best of both worlds

http://www.acmeconsulting.it/pagine/openso...uid/SquidNT.htm

Edited October 22, 2005 by chilifrei64

[Hamins]

Hey Chilifrie,

Thnx once again, m8. You've been of super help.

I'll check out squid from Windows.

Also, if you someone could answer the question below....

The users on the LAN don't face any latency when loggin onto their roaming profiles, accessing files from the server, or loggin out.

When I do a normal PING, TRACERT, or a PATHPING from one node to another on the LAN, the response time is 1ms, which is normal. However, when I PING with anything more than 15000bytes , then I receive Request Timed Outs, with packet loss of around 60%. Is this normal ? If not how do I resolve this problem, so that there is minimal or no packet loss when PINGing within the LAN, with large packets. Can someone recommend a good Freeware software that monitors LAN and Internet traffic, and identifies network bottlenecks.

Could someone please provide me with an answer/solution to this query ?

Thnx

Edited October 23, 2005 by Hamins

[Hamins]

Hi Chilifrie,

I've setup Mailenable on a test server, and done some basic configuration after reading the configuration guide.

However, I can't figure out a way to configure Mailenable to sync, download and distribute mails from the external mail host.

Could you help me out with this, please?

Thnx

[chilifrei64]

I thought you were going to be moving your mail server inhouse from an external mail server not multiple domain accounts.. Mailenable will not sync with external 3rd party accounts. The only thing I have ran into that will do this is exchange server with a POP3 connector ( http://www.mapilab.com/exchange/pop3_connector/ )

I thought you were going to like say move domain.com from your ISP's mail server to inside your domain. It sounds to me now that you are planning on trying to sync yahoo.com, hotmail.com, msn.com and aol.com and other 3rd party accounts with internal accounts in mail enable.. As far as I have gotten into it with mailenable .. this isnt possible.

[Hamins]

I thought you were going to be moving your mail server inhouse from an external mail server not multiple domain accounts.. Mailenable will not sync with external 3rd party accounts. The only thing I have ran into that will do this is exchange server with a POP3 connector ( http://www.mapilab.com/exchange/pop3_connector/ )

I thought you were going to like say move domain.com from your ISP's mail server to inside your domain. It sounds to me now that you are planning on trying to sync yahoo.com, hotmail.com, msn.com and aol.com and other 3rd party accounts with internal accounts in mail enable.. As far as I have gotten into it with mailenable .. this isnt possible.

Nooo..... What I meant was that I need mailboxes on an internal mail server, simply to sync with mailboxes on an external (web based) mail server. I dont want a complete in-house mail-hosting server. The primary mail server will be external.

Yes, I know that exchange does that. However it's way over our budget, and would be an over-kill if we're just going to use it to sync internal mailboxes with external ones. I would like a freeware utility/server like Mailenable that does that. Any suggestions ?? Anyone??

Edited October 26, 2005 by Hamins

[chilifrei64]

You really got my wheels turnin on this one..

you could use Webmail 3.6 from http://iisworks.com

I used to use this over a year ago or so (with mailenable free version) to get a web interface for pop mail. Back then you could specify to only download headers (not full message) Now I am reading on theri website that a new feature in 3.6 is the option to "Sync with pop3 server" When I was messing around with this.. it was only 2.0 but it worked good... you could run the page on an internal weberver(the script is pretty lightweight) to save bandwidth then sync it will the pop mailboxes.. now you are still gonna be accessing the internet with this script.. but you would have to mess around with it to see if it will work for you. but already just by hosting it inside you are getting rid of tons of ads and extra graphics.. you just gotta hope that they dont download large attachments.

Doing this plus adding a web cache proxy should free up enough bandwidth.

Other than this.. unless anybody else has any good ideas.. if your infrastructure supports QoS, you could prioritize your network traffic.. I wont get into this if you dont understand it.. it wont be something you will just learn and configure.. its not that easy.

Then a major extream would be to rent Terminal Server access from a terminal server hosting provider. you have more than enough bandwidth to send TS images across the net.. this way everything is out on the net and never downloaded into your network. The old company that I used to work for hosted Terminal Services. As much as I hate to pimp my old employer.. it is a good idea.. now this may not work for you.. maybe find a local provider or maybe not.. your call..

here is the url

http://bluerocktech.com/BlueRockHosting.pdf

[mentalindustrie]

re your ping issues

does this occur during the early morning internet and email check or is this anytime of the day?

if it doesnt matter sounds like you may have issues with hardware.

faulty cable somewhere.

interference from something with the lan cable.

does this happen no matter which pc you ping? and no matter from what pc you ping the others?

I also suggest an application like http://www.ethereal.com/ to look at the packets on your network.