VPN MTU Windows 2000 etc/etc..

[Vegito]

Ok heres the situation..

I got a office between CT (T1 @1.544) and London (E1 @ 2.00)

Site-2-Site VPN link. Problem is Windows copying lags out, ie copying large file. Certain application that constantly sends packet will lag out, ie too much data and program breaks connections.

Now according to my Netscreen FW FAQ
---
The MTU size cannot be modified on the NetScreen. The MTU is set to 1500.
The MSS value can be modified. The parameter for setting this is:
set flow all-tcp-mss <mss value>
Typically, you want to use a MSS value low enough so that the effective packet size falls below the MTU.
--

I have my MSS value set to 1300 I think, a little less than the 1400.

My question is.

All the server are currently in CT, UK people gets the data (DB) off the CT site, should I lower the UK MTU on the workstation since most of the connection are through the FW ? Would that help the timing out , etc. ? If anyone know, ie Spidey? hehe thanks

 

[Santa]

Sounds like you have an Internet latency problem.

Latency combined with Windows inefficient file transfer is a killer.

Do you have any way to monitor your usage of the links at each site?

If they are overutilized then that could definatly cause dropped packets without Internet even being an issue but if you are pretty clean and underutilized there isn't much in way of QoS when it comes to Internet dependent VPN links. If the internet burps your links feel it. Your hope should be that the communication is secure and comes back online when there is a drop in route.

If you need Database connectivity at a reasonable latency and response time you may need to invest in Frame Relay or Point-to-Point or even some sort of Citrix/Terminal Service solution.

g'luck

 

[Vegito]

the link either way goes through L3.. and at times.. almost all the time through out the day gets over 480ms !

Yeah.. a T1 to inet was around 999+tx a E1 to inet is around 1500 pounds

i got a quote for p2p and frame cloud of 1.54.. holy cow.. was over 6000 w/o inet..

too expensive for my blood..

i was thinking of switching to some dark fibre.. hehe

 

[Santa]

I don't think it will solve your database connection issues but perhaps switching how you move files from the windows copy/paste to some sort of FTP transfer may improve things there.

For the database try to look into some Terminial Service or Citrix Solution if the pipe can't be cleaned up anymore because of cost concerns.

 

[wlee]

I second the recommendation that you use Terminal Services. You can get a 180 day Trial ver of WinXP Server from http://www.microsoft.com/windows.netserver/preview/default.mspx I take it that you're using SBC/SNET for the T1 ? If you decide to transition to Terminal Services, you might look into getting a couple of 1.5Mbps SDSL lines from them. Could improve your bandwidth and save some $$$. I know a couple companies that switched from SNET 512k Frame to DSL and have better bandwidth at less cost. ( QoS seems to be no worse ) http://www.snet.com/DSL_new/content/0,,67,00.html

Have a look here for more DSL info DSL SNET Forum

http://www.dslreports.com/