Tried to Blame my ISP

[Mike McCall]

...but it's clearly an internal problem. My wife started complaining about her (wired) PC running slow on the internet, then I began seeing signs of slowness on my office PC. I'm supposed to be getting 110Mb/s down & 10Mb/s up. However, from my wife's wired PC I'm getting download speeds consistently 1/2 or less, while upload are quite consistent.


Recent Results

11/17/2016 5:40 PM GMT 76.14.xxx.xxx 17.87 Mb/s 11.22 Mb/s 18 ms McMinnville, OR
11/17/2016 5:39 PM GMT 76.14.xxx.xxx 22.96 Mb/s 11.54 Mb/s 21 ms McMinnville, OR
11/17/2016 5:38 PM GMT 76.14.xxx.xxx 77.15 Mb/s 11.33 Mb/s 11 ms McMinnville, OR
11/17/2016 2:41 AM GMT 76.14.xxx.xxx 23.51 Mb/s 11.92 Mb/s 21 ms Portland, OR
11/17/2016 2:17 AM GMT 76.14.xxx.xxx 30.83 Mb/s 11.55 Mb/s 21 ms McMinnville, OR
11/12/2016 11:28 PM GMT 76.14.xxx.xxx 14.10 Mb/s 11.51 Mb/s 20 ms Portland, OR
11/11/2016 7:35 AM GMT 76.14.xxx.xxx 98.55 Mb/s 11.77 Mb/s 13 ms Portland, OR
11/8/2016 11:51 PM GMT 76.14.xxx.xxx 40.54 Mb/s 11.58 Mb/s 11 ms McMinnville, OR
11/8/2016 11:33 PM GMT 76.14.xxx.xxx 53.57 Mb/s 8.43 Mb/s 23 ms Portland, OR
10/22/2016 5:02 PM GMT 76.14.xxx.xxx 103.69 Mb/s 11.49 Mb/s 9 ms Portland, OR
10/21/2016 5:21 PM GMT 76.14.xxx.xxx 115.28 Mb/s 11.67 Mb/s 15 ms Portland, OR
10/19/2016 8:32 PM GMT 76.14.xxx.xxx 45.80 Mb/s 11.56 Mb/s 11 ms McMinnville, OR
10/17/2016 3:34 PM GMT 76.14.xxx.xxx 28.20 Mb/s 11.56 Mb/s 14 ms McMinnville, OR
10/16/2016 11:40 PM GMT 76.14.xxx.xxx 28.56 Mb/s 11.42 Mb/s 19 ms McMinnville, OR
10/16/2016 11:11 PM GMT 76.14.xxx.xxx 30.03 Mb/s 11.47 Mb/s 17 ms McMinnville, OR
9/20/2016 7:50 AM GMT 76.14.xxx.xxx 101.83 Mb/s 11.79 Mb/s 12 ms McMinnville, OR
7/9/2016 5:02 PM GMT 76.14.xxx.xxx 20.16 Mb/s 11.70 Mb/s 12 ms McMinnville, OR
7/9/2016 5:01 PM GMT 76.14.xxx.xxx 21.10 Mb/s 11.63 Mb/s 11 ms McMinnville, OR

So, after emailing Tech Support asking them to look into it, they replied that everything checked out at their end. They suggested I connect a computer directly to the modem and test the speed again. Once I convinced myself it was a reasonable approach (I don't connect anything directly to the net), I plugged my laptop into the modem and tested my speed again. Guess what? 116Mb/s down & 13Mb/s up! So, I can't blame my slow speed on the ISP...the problem lies with my internal network.

I'm using a Motorla SB6141 Cablemodem



Off on that is an Edgerouter X.



Behind that is a Meraki MS220-8P managed switch.


A packet capture on the Edgerouter up-link doesn't show anything obvious (to me) that would give me a direction to go in. The devices have the current firmware, I'm just not seeing the obvious. I use my wife's PC for all speed tests as it's wired to the Meraki. But everything seems to be slow, even the Roku often buffers lately.

Ran a Tracert to OpenDNS, then one to Google. Results below.


Tracing route to resolver2.opendns.com [208.67.220.220]
over a maximum of 30 hops:

1 10 ms 3 ms 1 ms 10.58.58.1
2 36 ms 18 ms 22 ms 10.102.64.1
3 15 ms 19 ms 11 ms 24-113-39-233.wavecable.com [24.113.39.233]
4 21 ms 20 ms 25 ms 24-113-39-73.wavecable.com [24.113.39.73]
5 22 ms 20 ms 17 ms cr1-pdx-be-200.bb.spectrumnet.us [216.243.25.29]
6 29 ms 25 ms 28 ms cr2-tuk2-te-0-0-0-15.bb.spectrumnet.us [174.127.138.76]
7 36 ms 21 ms 21 ms cr2-tuk2-te-0-0-0-12.bb.spectrumnet.us [174.127.138.72]
8 24 ms 27 ms 17 ms six.opendns.com [206.81.80.53]
9 41 ms 21 ms 21 ms resolver2.opendns.com [208.67.220.220]

Trace complete.



Tracing route to google-public-dns-a.google.com [8.8.8.8]
over a maximum of 30 hops:

1 14 ms 1 ms 1 ms 10.58.58.1
2 18 ms 12 ms 11 ms 10.102.64.1
3 11 ms 23 ms 17 ms 24-113-39-233.wavecable.com [24.113.39.233]
4 19 ms 15 ms 26 ms 24-113-39-73.wavecable.com [24.113.39.73]
5 22 ms 26 ms 12 ms cr1-pdx-be-200.bb.spectrumnet.us [216.243.25.29]
6 25 ms 17 ms 20 ms cr2-tuk2-te-0-0-0-14.bb.spectrumnet.us [174.127.138.74]
7 17 ms 23 ms 32 ms cr2-sea-a-te-0-1-0-12.bb.spectrumnet.us [174.127.138.82]
8 16 ms 18 ms 18 ms 216.243.15.243
9 42 ms 17 ms 25 ms 108.170.245.97
10 32 ms 30 ms 18 ms 209.85.249.251
11 33 ms 15 ms 27 ms google-public-dns-a.google.com [8.8.8.8]

Trace complete.

What am I missing?

 

[TurricanII]

Standard suggestion would be the MTU on the WAN of the Edgerouter. Find the optimum setting using these steps: http://kb.netgear.com/app/answers/d...-test-to-determine-optimal-mtu-size-on-router

If you have an MTU problem then you get much packet fragmentation that causes slow Internet and dropouts.

Could you be doing so much traffic inspection that throughput is being limited on the Edgerouter?

I would also test speed across the Edgerouter using iperf https://iperf.fr/iperf-download.php:

Because your cable modem has only one LAN port, I would disconnect it and put your laptop into the WAN on the Edgerouter. Give it a proper IP address so you can access it from the LAN. Run iperf in server mode on the laptop. On a PC on the LAN, run iperf in client mode to connect to your server IP (i.e. the laptop). Do you get full speeds?

Then patch LAN PC into the edgerouter LAN ports which takes the managed switch out of the equation. Test speed to your laptop that is on Edgerouter WAN port.

Then put laptop on the LAN into the Edgerouter X LAN port, patch workstation back into managed switch and test from workstation to laptop again. The LAN on Edgerouter and managed switch are effectively uplinked switches so you should presumably expect > 800megabit.

One of these may show a slow speed and highlight a problem such as quality of service on the managed switch or a problem with the port setting on the managed switch. Also check duplexity. Some devices do not auto detect nicely - I would set managed switch port and Edgerouter LAN port to 1000 Full Duplex and same on Edgerouter WAN/cable modem.


Edited to add - of course if any other device is downloading then your speed test will be reduced by the amount the other device is using.... Have you tested multiple times from the LAN with everything else disconnected?

 

[Mike McCall]

Standard suggestion would be the MTU on the WAN of the Edgerouter. Find the optimum setting using these steps: http://kb.netgear.com/app/answers/d...-test-to-determine-optimal-mtu-size-on-router

If you have an MTU problem then you get much packet fragmentation that causes slow Internet and dropouts.

Could you be doing so much traffic inspection that throughput is being limited on the Edgerouter?

I would also test speed across the Edgerouter using iperf https://iperf.fr/iperf-download.php:

Because your cable modem has only one LAN port, I would disconnect it and put your laptop into the WAN on the Edgerouter. Give it a proper IP address so you can access it from the LAN. Run iperf in server mode on the laptop. On a PC on the LAN, run iperf in client mode to connect to your server IP (i.e. the laptop). Do you get full speeds?

Then patch LAN PC into the edgerouter LAN ports which takes the managed switch out of the equation. Test speed to your laptop that is on Edgerouter WAN port.

Then put laptop on the LAN into the Edgerouter X LAN port, patch workstation back into managed switch and test from workstation to laptop again. The LAN on Edgerouter and managed switch are effectively uplinked switches so you should presumably expect > 800megabit.

One of these may show a slow speed and highlight a problem such as quality of service on the managed switch or a problem with the port setting on the managed switch. Also check duplexity. Some devices do not auto detect nicely - I would set managed switch port and Edgerouter LAN port to 1000 Full Duplex and same on Edgerouter WAN/cable modem.

Thanks! Project for tomorrow.

 

[Markverhyden]

To add to @TurricanII's excellent suggestions.

Remember that all of this runs through a DNS server in end user mode. If you are using a LAN DNS server that might impact things. So I always start with testing the FQDN and the corresponding IP address when testing speeds.

 

[TurricanII]

Regarding DNS, once the speed test is underway and definitely showing too slow a speed then DNS would have done it's job at the start of the test and should not cause the slow speed reading.

If the speed test value is OK but browsing experience is slow and intermittent then definitely check DNS!

 

[YeOldeStonecat]

You have DPI/Traffic Analyses enabled? Try disabling it and running tests, for comparison.
How about any QoS settings?

Plug a PC right into one of the LAN ports on the ER...and run tests. This eliminates the switch and additional cabling and uplinks
For cable and T's...MTU should be 1500. Usually routers come with MTU set to "auto"..which should default to 1500, but..with some ISPs...sometimes Auto doesn't work right and manually setting it is better. I usually always manually set for older type DSL due to the PPPoE overhead which required the MTU to be dropped to 1492.

Have you run any 3rd party TCP/IP "tweaks" on the computers? Or are they bone stock? Years ago those tweaks helped...a with Windows 95 TCP/IP settings such as RWIN were set for dial up or LAN. When broadband came out, tweaks were needed and really helped. Hence why we saw tweaking programs such as from my buddy Philip from Speedguide.Net But I'm just curious if you've run tweak utilities...my recommendation would be to undo those and start benchmarks over bone stock.

Anyways...unplug the switch from the ER and test from there. Disable DPI if you turned it on, disable QoS if you set those...start with a bone stock ER. Produce results...compare...and if good, add the Meraki switch, plug computer into that..leaving all else disabled..and test again. Keep adding devices until you see a drop in benchmarks...and they put the magnifying glass on the last device added that brought the drop.

 

[Mike McCall]

After futzing around with this for awhile I spent some time generally cleaning up the wife's machine. I flushed the DNS cache among other things and noticed that both 1st & 2nd DNS servers are OpenDNS. I tested the speed on her machine again and for the last 3 tests have been seeing 97 - 112Mb/s. So, I remembered the discussion in this thread:

https://www.technibble.com/forums/threads/unable-to-join-domain.63430/
...and am beginning to think the problem is related to my misconfiguring the network. The difference between now & then is that my server is no longer on the network mitigating the domain complications. The Edgerouter X is controlling DHCP and forwarding DNS to the OpenDNS servers:



After going back and reading the previous thread again, it seems that the devices on the network should be looking to the Edgerouter for DNS, which will be forwarded on to the OpenDNS servers. Could bypassing the Edgerouter and pointing the devices directly to OpenDNS cause the slow speeds, or was it likely something in the cache on the machine itself?

 

[trevm999]

I didn't read that whole other thread, but I think I read enough. It shouldn't be a problem handing out OpenDNS directly to the clients for DNS IPs since you no longer have a domain, unless you want to access resources on your LAN. If you want to use names to access resources on your LAN, you are currently relying on NetBIOS to figure that out.

 

[Mike McCall]

I didn't read that whole other thread, but I think I read enough. It shouldn't be a problem handing out OpenDNS directly to the clients for DNS IPs since you no longer have a domain, unless you want to access resources on your LAN. If you want to use names to access resources on your LAN, you are currently relying on NetBIOS to figure that out.

So, it's probably not the cause of my slow network, but pointing my devices to the Edgerouter for DNS would be best practice?

 

[trevm999]

So, it's probably not the cause of my slow network, but pointing my devices to the Edgerouter for DNS would be best practice?

I wouldn't do it for residential, just another thing there could be problems with on the customer's end. I would set it up for a business though, if they didn't already have a DNS server, since they are more likely to have resources on the network, and where being able to access them by name would be better (I don't put trust in NetBIOS names, it actually does what it is supposed to do pretty well, you just don't have much control over it)

 

[Mike McCall]

I wouldn't do it for residential, just another thing there could be problems with on the customer's end. I would set it up for a business though, if they didn't already have a DNS server, since they are more likely to have resources on the network, and where being able to access them by name would be better (I don't put trust in NetBIOS names, it actually does what it is supposed to do pretty well, you just don't have much control over it)

Well, my network serves multiple purposes. It is residential, and it is business with networked resources. I also think that learning to do things properly & making a habit of it is the best approach to most things. Fortunately, mine is also a flat LAN which make things generally easier, though I'm not opposed to dividing it up if appropriate. My server may not currently be on the network but it will put into service from time to time. My point is that maybe I should point my devices to the Edgerouter for DNS given my LAN being more complicated than a typical residential one.

 

[YeOldeStonecat]

DNS...doesn't affect download speeds. DNS allows the client to resolve an address. So DNS performance affects how quickly a client finds the address. But once the client finds the address (such as modem.speedtest.net)...once the benchmark download begins...DNS has nothing to do with it anymore. Until you type in the next website to go to.

 

[trevm999]

Well, my network serves multiple purposes. It is residential, and it is business with networked resources. I also think that learning to do things properly & making a habit of it is the best approach to most things. Fortunately, mine is also a flat LAN which make things generally easier, though I'm not opposed to dividing it up if appropriate. My server may not currently be on the network but it will put into service from time to time. My point is that maybe I should point my devices to the Edgerouter for DNS given my LAN being more complicated than a typical residential one.

There's multiple ways you could have your network set up that wouldn't conflict with your goal of following best practices. So you should consider other goals first, and then design your network to meet those goals and also follow best practices along the way.

So I'm going to pull out a goal that I think is one you might want. You want to get hands-on experience in business IT solutions. Right now you have a Windows server with AD that services one client as your lab. While labs are good for learning and experimenting, you don't get real hands-on experience until you actually put something into production and have to deal with the consequences of how you set something up.

To achieve the goal of getting hands on experience, you should consider your whole network as your 'company' network, and you should get an AD Domain setup for all your 'company's' devices. Now this is where you might be thinking about your budget. Having a full time server is more expensive than just a lab server because there is the cost of having a Windows Server licences and for the cost of power consumption. If this is an issue, there are cheaper ways to achieve similar goals.

(to tie this into the question of setting up DNS. I'd say that pretty much the same point that a local DNS server becomes useful on a network, is the same time AD becomes useful, so DNS would be set up on the server, not the router. However, budget often plays an issue, and maybe the business is all for shelling out $100 for a new router, but don't want to go ahead with an AD setup. It can be useful to know the cheapest route for AD in these situations. Setting up DNS on the ER is kind of a weird inbetween measure.)

Another issue is your LAN. We're saying your residential computers are also part of your company for the purpose of creating a production environment. But what about smartphones? Do you consider them company issued? Do you have a mobile management solution? If not, then you might want to consider them personal devices and set up a separate VLAN for them. You should also be looking at a separate VLAN for the client computers that you work on, you don't want them spreading malware on your company's network.

 

[Mike McCall]

DNS...doesn't affect download speeds. DNS allows the client to resolve an address. So DNS performance affects how quickly a client finds the address. But once the client finds the address (such as modem.speedtest.net)...once the benchmark download begins...DNS has nothing to do with it anymore. Until you type in the next website to go to.

[Insert lightbulb here]

Of course. The difference being that in the other discussion I referenced a domain was involved where currently there isn't one. I was thinking as though the same DNS issues applied. Without a domain, pointing devices directly at a public DNS server makes no difference.

 

[Mike McCall]

There's multiple ways you could have your network set up that wouldn't conflict with your goal of following best practices. So you should consider other goals first, and then design your network to meet those goals and also follow best practices along the way.

So I'm going to pull out a goal that I think is one you might want. You want to get hands-on experience in business IT solutions. Right now you have a Windows server with AD that services one client as your lab. While labs are good for learning and experimenting, you don't get real hands-on experience until you actually put something into production and have to deal with the consequences of how you set something up.

The server is off line. There is currently no domain & no AD.

 

[trevm999]

The server is off line. There is currently no domain & no AD.

Right, which is sensible if you're just labing, but if you want some real AD experience you're going to have to actually use a server in day-to-day life.