[NA] Network switch bandwidth?

[CJones]

My site's offics space is shared with the company's regional HR offices. Until a few weeks ago, HR piggy-backed onto our network connectivity as well. We kept having issues when they would host a class, our warehouse RF's would slow to a crawl, so we put in a request to have them get their own internet/network connections installed.

Our IT dept (no regional IT staff) contracted for an outside company to come in and 'install' a router and DSL line for the HR offices. They put in a 'AT&T' Motorola DSL router/modem which runs to a Cisco 1811 router which runs into our Cisco Catalyst 3560 switch. The switch handles all of the connections for the entire building before going out to our main line (not sure if it's T1 or ???). IT supposedly configured all of HR's computers to use their 'new' router, although they are still running through our switch.

Question: Is the switch acting as a bottleneck for our network? Even after HR went onto their own router, we didn't see much of a change in our network speeds, so I'm wondering if putting them on their own switch would help us out much.

 

[Areeda]

I doubt it Chris.

Most modern switches except the cheapest models are able to limit the impact of one connection on the other ports. For example if port 2 is talking to port 3 on the switch no traffic is put on #1.

My best guess would be not all HR are being configured properly. This is especially problematic if everybody is DHCP'ed. My first place to look is your DHCP server to see if you're assigning routes to anybody in HR.

Then I'd put a sniffer on the Internet connection and see who's using it.

Joe

Edit: Of course I'm just guessing since I have no clue how things are really set up.

 

[mikea]

IT supposedly configured all of HR's computers to use their 'new' router, although they are still running through our switch.

THERE'S YOUR PROBLEM. I'll bet they didn't.

Question: Is the switch acting as a bottleneck for our network? Even after HR went onto their own router, we didn't see much of a change in our network speeds, so I'm wondering if putting them on their own switch would help us out much.

The switch isn't the issue. It's the two router/servers.

Take a look at any of HR's PC's and yours. At a command prompt type "ipconfig"

Compare with yours.

If you see the same default router address (and you will) it's all wrong and they're still using your uplink.

With two DHCP servers handing out address and configs on the same network it would be a tricky thing to set up. You have to config the HR servers separately from yours. They'd have to do a goodly amount of manual work and I'll bet your average "network experts" didn't do it.

 

[jesse]

Pretty much impossible to answer this question without looking at it. You really need to figure out how the traffic is flowing. Switches do have a maximum backplane speed but it's pretty high. Cisco is pretty damn good about selling switches with reasonable backplane speeds. Generally they'll do whatever their ports is times the port speed. (48 port 1Gigabit 3750 Switch will have a backplane speed of about 47 gigabit). Cheaper switches are way worse. I really doubt you're bouncing off a switch back-plane speed. But perhaps you're bouncing off a port's maximum throughput.

What are you defining as network speed? Latency? Bandwidth? Inner-building? Another office? The internet? There are a lot of questions to ask to really grasp where the issue could be hiding. Corporate network can be extremely complicated and without an understanding of how everything comes together you're just playing a guessing game.

Is there any traffic going out the new link? Take a look at the port statistics for the ports that the modems plug into on the switch. This is where managed switches shine.

 

[Steve Foley]

Even after HR went onto their own router, we didn't see much of a change in our network speeds

Do the warehouse RFs still slow to a crawl when HR is hosting a class?

It sounds like that was the only problem being addressed with the DSL modem/router installation.

What are the RFs communicating with, and how? If they're communicating with something on the other end of your router, giving HR another reouter for hosting classes sounds like the correct approach.

I don't think you would see any increased speed, only fewer slowdowns.

 

[mantakos]

First you would have to determine what was the cause of your slowness before. Where was the bottleneck? Was it internal traffic or traffic via the internet? And if it's the latter (most likely), was the congestion due to outgoing or incoming traffic?

Sounds like the assumption was made that the congestion was due to traffic either going out onto or coming in from the internet, and so they installed a second DSL line, presumably with the intent that one half of the office would use that new connection, while the rest would continue to use the old one.

So the first question is "are the HR computers really using that new connection on the way out?" Presuming a fairly simple network setup, this may be as simple as setting the default route properly on those hosts.

Then the next questions are "how are addresses assigned on this network?" and "are you using NAT?" This matters because if the source of congestion is traffic incoming from the internet, then the rest of the world is going to route packets back to you based on the addresses they see. If your new DSL router is doing NAT, and its address was assigned by the DSL provider for this new DSL connection, then the outside world will route response packets back towards the same DSL connection. If you're not doing NAT, and the hosts are assigned routeable addresses, and these addresses are visible unchanged out on the internet, then the choice of return path will be dependent on the hosts' addresses. In other words, it's not impossible that all the incoming traffic is still coming in via the single, old connection.

If the problem is congestion of traffic going out or coming in from the internet, then we're talking about very low traffic speeds, nothing that's going to stress an ethernet switch. If the problem is congestion of intra-office traffic, then we'd have to be talking pretty high rates in order to stress an ethernet switch. In this case, getting a separate DSL connection would have made no sense.

Then again, it's also possible that the congestion has little to do with the new HR computers, and more to do with increased utilization from the existing ones, in which case putting HR onto its own connection would also serve no purpose.
-harry

 

[CJones]

All good points. Unfortunately, I don't have access to any sort of 'behind the scenes' network configuration like I have had at previous jobs.

What brought all of this one -- earlier this summer, we were having random episodes of our warehouse RF's slowing to a crawl. Finally, one day we had to call in a 'work stoppage' to our corporate Help Desk because the response time on ALL of the RF's was literally stopping our operations. 'Work stoppage' gets immediate response from support. Shortly after our call-in, we got a response that said "XYZ computer is sucking a ton of bandwidth today." We checked our computers on our side of the office and knew it wasn't us. We went to check HR, and they were doing some huge remote video training or something and it was sucking our bandwidth, which was pretty slim to begin with.

It finally got to the point that our General Manager said "Why can't they just have their own network connections!?" So we put the SR in to I.T. for HR to be put on their own dedicated network. IT's solution was to install another DSL line, route HR to the new DSL line, but still have them running through our switch. It seemed to my uneducated mind that it would make even more sense to have them running off of their own switch in the closet, which goes to their own router, which goes to their own DSL line - then it doesn't matter if they are configured correctly or not - they will be on their own physical network, so they can't bleed over on us.

From the responses here, it sounds like it is unlikely that the switch would be a bottleneck for us *if* the HR computers are configured to be routed to their own internet connection.

I think I'll still try to get them pushed onto their own switch (which we do have a spare mounted in the cabinet already), so at least if they aren't configured correctly, they'll have their own problems to deal with.

 

[mantakos]

... From the responses here, it sounds like it is unlikely that the switch would be a bottleneck for us *if* the HR computers are configured to be routed to their own internet connection...

Is the "video training" a 2-way thing, e.g. tele-conferencing between two sites, or is it mostly a one-way thing, with watchers in your office viewing video coming from outside? The distinction goes to the determination of whether your problem is incoming bandwidth or outgoing bandwidth. For DSL connections this is important, because ADSL has different incoming and outgoing bandwidth.

But as soon as you determined that the congestion is the result of traffic coming from the outside world, then you can stop worrying about the ethernet switch being a bottleneck.
-harry

 

[mikea]

The "RF" part is scary. There can be all kinds of interference problems with WiFi, and THAT is network that isn't switched - it's contended for. If they're doing video over wireless you've found your problem.

 

[jesse]

I imagine you all have some kind of larger corporate network you're talking to? Is that even going over the internet? If not perhaps your issue is with that private link.

It's pretty damn hard to figure any of this out without knowing the details. Put the burden of this task on your IT and if they won't take it then have the managers escalate it. The one guess that was taken to just add another DSL line didn't resolve it. The real issue needs to be communicated to IT and if they won't listen then it needs to go up the chain until they do. They're the only ones that will truly fix this.

 

[Areeda]

Jesse is right of course, you certainly want the IT people to maintain the setup.

An easy way to tell if things are set up properly is to check the external IP address when people hit a website. For example http://areeda.com/whoami is a small PHP script that shows what I know about a remote request. This is all in the server logs.

Joe

 

[TMetzinger]

Your catalyst 3650 switch can certainly put all the HR devices on one VLAN (Virtual LAN) and the warehouse stuff on another VLAN. That would allow DHCP to work properly and completely segment the traffic.

 

[CJones]

Not to bash IT (I have a degree in MIS, so there was a possibility of going to an IT career route), but our IT dept lacks the desire to 'do the job right'. As long as they can check 'complete' on the SR request, they are 'done' - regardless of if it really fulfills the true goal of the SR in the first place. So there really isn't any ownership of any projects, just a 'check the boxes and pass it on to the next glub' kind of mentality. It's sad, really - IT could play a HUGE competitive advantage in our business, but either 1.) They don't have the desire to be involved in business improvements or 2.) They are set up in a way that prevents them from being forward-thinking.

There is also the added component of our IT department sitting in Pennsylvania and our campus being in Atlanta without any sort of on-site IT support. So if I can show them that we have an empty switch in our cabinet and convince my management that we want HR on a separate PHYSICAL network, it is possible that IT will say "Fine. Do it."

Edit: OR, they will charge HR another $3000 to have a 3rd party contractor come out and plug in the ATT DSL modem, plug that in to the pre-configured router that was shipped from IT, and then plug that into the switch.

 

[TMetzinger]

Northrop Grumman IS would be happy to replace your IT department with a team that actually focuses on solving the problem, rather than closing the ticket.

My group follows the "too lazy to fail" strategy laid out in one of Heinlein's books - work really hard in the design and implementation stage so that the operations and maintenance stage is smooth sailing.

Hope you get your problem worked out.