Sizing the Server for BorderManager VPN
Novell Cool Solutions: Feature
By Umasankar Mukkara
Reader Rating 
from 4 ratings
|
Digg This -
Slashdot This
Posted: 6 Jan 2003 |
We got an interesting server sizing question from Andreas in Germany, and thought you'd like to see the expert answers as provided by developer Umasankar Mukkara. If you have additional thoughts and advice on this problem, please let us know.
Andreas: We have a BM 3.7 site-to-site VPN with mesh topology and 18 locations to a single bm-master. Our Network is NW51 with sp5. We use T-DSL 1.5Gb downstream and 168Mb upstream with fixed IPs and a Cisco router. The BM-master is an HP e800 with 900MHz and 768Mb RAM.
Everything works fine, but the performance is too slow. We have no dropped packets and an average ping performance of 160ms.
Here our questions:
1. Is the server too small?
UMA: Possibly. With 18 slaves connected to Master, a faster machine with more memory should benefit your performance.
2. We use UNIX over VPN with mtu=1500 Is that a problem?
UMA: MTU is not a problem because, after successful VPN connection, IP MTU is reduced to 1400 inside the TCP/IP stack of NetWare.
3. If we have a smaller mtu size the terminal emu won`t work. Any suggestions? Should we change to star topology to improve the performance?
UMA: The keep-alive packet traffic may not be too much between the servers in this case. Hence changing to Star Topology may not add big benefits in performance. Also, changing to a RING topology may require additional work (including some manual intervention).
4. Any other suggestions?
UMA: Here are a couple of thoughts.
- I feel the machine itself is the bottleneck for the performance here. A higher-end machine will help.
- If Client-to-Site services are also hosted on this machine, they can be moved to different machine. (Master dealing with 18 slaves is a lot of traffic.)
- You should review these recent AppNotes on maximizing the performance of TCP/IP on NetWare:
- Enhancing TCP Performance Through the Large Window and SACK Options - Anumita Biswas - December, 2002
- Tuning the NetWare 6 TCP/IP Stack via SET Parameters - Anoop Kumar P & B Thavamani Rajan - July, 2002
- Novell TCP/IP Enhancements in NetWare 6: A Technical Overview - Amandeep Singh Sandhu - April, 2002
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com