|
|
To print: Select File and then Print from your browser's menu
-------------------------------------------------------------- This story was printed from ZDNet Australia. --------------------------------------------------------------
|
10 ways to improve network performance By Stephen Withers, ZDNet Australia February 11, 2005 URL: http://www.zdnet.com.au/insight/communications/soa/10-ways-to-improve-network-performance/0,139023754,139180329,00.htm
 When your car starts to get sluggish you pop the bonnet and check the individual components underneath. So why is it that when our networks start to run slow the components are often the last thing considered? We take the blame off the network itself by giving you 10 ways you can improve network performance.
1. Understand your network Without having an understanding of what's actually happening on your network, you are likely to fail at any attempt to address performance issues. Peter Prichard, marketing director Asia-Pacific at Compuware, says people tend to blame the network for poor performance, but the PCs and servers can also be the cause. "The first thing to do is make sure the network really is the problem," Prichard says. "Even if it's not the network, IT spends a lot of time proving it's not." Tools such as Compuware's Vantage suite can isolate problems such as a slow client, excessive latency on a WAN link, or poorly written SQL on a back end server. An application might be developed on a LAN and then deployed over a WAN with disappointing results due to an excessive number of database calls. This sort of analysis may reveal things you didn't know about your network, such as a 1.5Mbps WAN link when you're paying for 2Mbps, says Peter Owen, territory manager at Packeteer. Collecting the right information also lets you take an active stance, identifying and dealing with problems before they impact on users. Many people will blindly add bandwidth in an attempt to solve a perceived problem -- this tends to be one of the biggest mistakes people make, Prichard says. "You've got to have facts -- application-based facts," he says. David Gibb, technical consultant with Vanco Australasia agrees. He says that what may dramatically improve performance in one environment could hinder performance in another. Scott Atkinson, managed LAN services practice leader at Netforce, points out, there are a variety of free, cheap, and expensive tools that singly or in combination can show what's happening and why. MRTG (Multi Router Traffic Grapher), a free utility from http://people.ee.ethz.ch/~oetiker/webtools/mrtg/, is one that can help you gain an understanding of your network.
A network analyser itself will only show the aggregate traffic, and won't deliver the information you need. Prichard says to "start with the premise that the application is king", rather than checking individual aspects of the infrastructure. When it comes to things such as radio frequency, monitoring is important for good wireless LAN performance, says Mark Hayes, manager of consulting and solutions at CSC. "The RF environment is not static," he says. According to Hayes, a WLAN coming online on a close neighbour's premises can affect the performance of your network. One way of improving perceived performance is to ensure that the most important applications get priority. Typically, applications are allocated to classes of service (typically platinum, gold, silver, and bronze), and then policies are set for each class. For example, platinum traffic might be guaranteed at least 50 percent of the available bandwidth. Three or four categories are typical, says Danny Price, solutions manager at Vanco Australasia, but some organisations use as many as six. A larger number is too hard to manage, he says. Some category decisions are easy, such as blocking or severely limiting peer-to-peer file sharing, says Owen. Packeteer's software supports auto-discovery and auto-configuration, after which priorities can be fine-tuned to suit the needs of the organisation. The traffic shaping capabilities of routers are "generally all that you need to get you started," says Atkinson. "A lot of places don't take the basic steps." If further improvements are needed, the Packeteer PacketShaper is a good product, he says.
Hayes warns that people don't always understand the impact of packet shaping, which can be negative if not done correctly. "We understand the applications and how to configure the [Packeteer] devices to provide the appropriate performance for the applications [along with detailed reports that the network administrator needs]," Hayes says. Satellite links involve an additional round-trip latency of approximately one second, and this limits the speed of TCP/IP communication. Wastie cites a real-life example of a 1Mbit/sec line with a latency of 1.1 seconds that achieves a maximum throughput of 100Kbit/sec. TCP acceleration removes that bottleneck and allows the line to run at its nominal speed. Adjusting packet sizes can also help, says Gibb. As mentioned above, large file transfer packets can block small packets from interactive applications. The problem is that even if the small packets are prioritised, they may be delayed for the time it takes to send a large packet. The answer is to split the large packet into smaller pieces. This can be achieved by configuring the client, server or router. Increasing the window size so the sender doesn't wait for an acknowledgement of one packet before sending the next can reduce the effects of high latency, and incorporating error-correction information can reduce or eliminate the need for retransmission when an error does occur, explains Gibb. 5. User involvement and education Poor performance can occur as a result of bad user behaviour, but it may be more effective to get your colleagues onside through participation and education rather than imposing harsh standards and technical lockdowns. Prichard relates a situation where a mining company in WA experienced network slowdowns at lunchtime. The cause was traced to Doom sessions between staff at the minehead and down the shaft. Once the problem was explained, play ceased. "It's education, not Big Brother. People don't understand [the effect they can have on the network]," he says.
Similarly, encouraging people to save PowerPoint files on a shared drive instead of e-mailing copies to everyone concerned can help. Hayes notes that user education may be required to discourage people from doing things like unnecessarily replicating e-mail databases from a server to their PCs. An overnight backup process that spills into working hours can easily clog up a network. This can be reduced through user education or by taking technical measures, suggests Atkinson. For example, locking down PCs to prevent users installing software will reduce the number of files that change from one day to the next. Backup software may respect a time window and prioritise any missed files during the next run if correctly configured. For greater flexibility, look for software that will limit itself to a certain fraction of the available bandwidth during particular hours, that way it can run at full speed during quiet times, and throttle back to a trickle feed during the working day to complete the backup as soon as possible without causing disruption. This can also be implemented through QoS features. It's important to ensure that your hardware is fast enough for the job. Can the backup server do virus checking and compression in real time? Can it write to tape at least as fast as the data is arriving? The network isn't the bottleneck if you're using a 2Mbps link but the drive is only running at 1Mbps, Atkinson says. Other processes can occur at the wrong time. Atkinson mentions a situation where Dell's OpenManage systems management tool had been configured to discover all devices at 10am each day, flooding the network and slowing real work to a crawl. There was nothing wrong with the software, he says, just the way it was configured. Something similar can happen with automatic updates to antivirus and other software if too many PCs try to update at the same time. For example, the plan might be to update branch office computers primarily from a local server, with a head office server (or even the vendor's web site) as the secondary. It's easy to clog a WAN link if the branch server is down and all the PCs in the building try to update simultaneously. "You need to be a little bit careful about the way you configure things," Hayes says, adding that organisations with international networks need to pay particular attention to timing, especially when moving bulk data between regions, as one area's quiet time can coincide with the other's peak. 8. Citrix/thin client Webifying enterprise applications may make for a more consistent user interface overall, but it can also degrade network performance. According to Hayes, some analysts report it can consume five times the bandwidth while delivering only one-quarter the performance. One solution is to use Citrix-based thin client technology to reduce the amount of data flowing through the network, says Phil Osborne, senior consultant, enterprise, at Citrix Systems Australia. He says it even makes sense to run the browser on central servers -- "that's a trick we see a lot of companies doing" -- otherwise the application may run more slowly than the previous client/server architecture. "Just don't move the traffic around the LAN or WAN unless there is a real need to do so," says Osborne. For example, large files attached to e-mails remain inside the data centre unless they are explicitly copied to a PC. He points to Flight Centre as an example, where branches have been equipped with Wyse terminals to access centralised Citrix servers over relatively low-bandwidth connections. Print traffic can put a significant load on a network in some environments, says Osborne, but the combination of Citrix's recent print drivers and products such as Exceed, Spinifex and ThinPrint reduce the traffic and increase printing speeds. Citrix offers software that supports streaming video to a thin client, and has acquired a company with technology that will enable the use of VoIP softphones with thin clients. It's a question of looking at the data that's being sent, and identifying a smarter way of sending it, Osborne says. Switching to Citrix isn't the end of the story. Gibb points out that various tweaks -- such as tuning the caching of large bitmaps or the appropriate segmentation of packets or frames at the data link level -- may make an appreciable difference to overall performance. Antivirus software, spam filters and firewalls all help prevent the generation of junk traffic within your network, so make sure they are enabled and kept up-to-date. Modesto says it is worth considering outsourced antispam and antivirus services, as they typically use multiple products to provide ongoing protection on the occasions when a vendor takes an extra day to provide an update for the latest virus or worm. Atkinson also suggests blocking e-mail attachments to the extent that is feasible, and configuring software so that large attachments are held on the server as long as possible. Just because 10 people are sent copies of a multi-megabyte PowerPoint deck, that doesn't mean they are all going to open it. User education comes into this too, as it would probably have been better to store the file in a shared folder, and send a link to those 10 people. Atkinson also recommends disabling the "All" group in e-mail -- it typically comes at the top of the list, so users will accidentally select it from time to time. It's also a sitting target for mail viruses and worms.
"Make patch management... and laptop security a priority," advises Modesto, though updates should be performed at night or staggered throughout the day to avoid congestion. He also warns that some popular printers run cut-down versions of old operating systems and can be affected by worms. Monitoring tools such as MRTG can reveal unexpected traffic: "a little bit of graphing goes a long way." A network can be perfectly designed and implemented to a specification, but requirements change. New applications are added, traffic patterns change, staff are moved between locations and so on. Nortel's Lee points out that older LANs were often designed with an aggregation layer between the wiring closets serving individual floors and centralised resources, reflecting the use of physically distributed departmental servers and other workgroup infrastructure. It also reduced the number of ports required on the core switches. The consolidation trend seen over the last few years means that the majority of traffic now flows from desktop PCs to central servers, so removing the aggregation layer will improve performance. This may mean increasing the number of ports on the core switches, but the improvement will be especially noticeable with voice traffic, Lee says. Hayes says that too often, those deploying an application do not consider the effect it will have on the network, while those responsible for the network do not always understand the effect changes will have on applications. The placement of servers should be optimised in terms of network resources, cost and performance. For example, it may make sense to move an application server closer to the users -- but what effect will that have on communication between the app server and the database? It might be better to move to a thin client architecture, or to rearchitect the entire application, he suggests.
Similarly, the use of spanning tree protocols to handle redundant network links is no longer appropriate, says Lee. Not only does it require the "backup" link to sit idly in reserve, but it also takes between eight and 50 seconds for individual sessions to reconverge on the other link following a failure. That is no great drama for most applications, but it is hopeless for VoIP traffic. Nortel's Split Multilink Trunking (SMLT), an extension of the 80213ad standard, enables simultaneous use of both links and has a reconvergence time of less than one second, he says. The Department of Employment and Workplace Relations (DEWR) uses several of the techniques described in this feature to get the best performance from its network. Among its other functions, DEWR provides IT services to the Indigenous Coordination Centres (ICCs). These centres were previously regional and state offices of the Aboriginal and Torres Strait Islander Commission (ATSIC) and Aboriginal and Torres Strait Islander Services (ATSIS). Ian Rowe, director of communications and IT security at DEWR, says a Citrix thin client arrangement was adopted for performance and operational reasons as some of the ICCs are in remote locations. He says Citrix delivers better performance across the WAN, and it is much easier to maintain centralised servers. The data centre also provides better environmental control and physical security than is available at remote sites.
There were initially some performance issues, such as a noticeable lag between pressing a key and the character appearing on the screen. This was overcome by using the Network-Based Application Recognition feature of the Cisco routers to give Citrix traffic top priority. This arrangement was fine-tuned using a Packet Description Language Module to assign the highest priority to Citrix KVM (keyboard, video, mouse) traffic along with real-time video streams. Conversely, Citrix printing packets (for example) are given a low priority. "That's been very successful for us," says Rowe.
Some user retraining has also been required, such as the teaching that opening a file via Internet Explorer is a lot quicker than doing so through My Computer.
This article was first published in Technology & Business magazine.
Copyright © 2009 CBS Interactive, a CBS Company. All Rights Reserved. |
|||||||||||||||||||||
