Welcome to ISAserver.org

RE: still performance problems isa server 2004

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA Server 2004 Firewall] >> General >> RE: still performance problems isa server 2004

Page: << < prev 1 [2]

Message

<< Older Topic Newer Topic >>

RE: still performance problems isa server 2004 - 3.Jul.2005 7:35:00 AM

watts3000

Posts: 115
Joined: 27.Jun.2004
Status: offline

Ok this is what I think this is not a network problem this is a problem with the isa 2004 software. I t could be a reg setting that I'm missing or simply a misconfiguration. As I stated before I have ran sonicwall, checkpoint, netgear, astaro security linux, and linksys on my test lan and never had a problem. If it was a cabling problem or over loaded switch that could contribute to the retransmissions after 2 years I would have noticed it by now. I've gone through and changed every duplex setting and nothing seems to help. I found this article http://www.pmg.com/tip_archive/00_1.htm that showed how you can use dos commandss to troubleshoot retansmissions although I'm still using netmon also. I used the netstat -s coomad while I was downloading a large service pack and the retransmissons were out of this world. I than used the netstat -s command while downloading a service pack with isa out of the network basically with my netgear ans I had almost 0 retransmissions. So guys is there something I'm missing via a reg setting or configuration.

(in reply to watts3000)

Post #: 21

Featured Links*

RE: still performance problems isa server 2004 - 3.Jul.2005 9:13:00 AM

spouseele

Posts: 12782
Joined: 1.Jun.2001
From: Belgium
Status: offline

Hi watts3000,

did you setup an FTP server on the external subnet of ISA and if so, what are the results of the tests from ISA itself and from an internal host as explained in my previous posts?

I gave you a method to test in a *controlled* environment your ISA network configuration. If that's working without problems (aka retransmissions in your case), your ISA and the network is well configured. If not, you have to fix that first.

Once the above is working, you can investigate the problems with a 'real' Internet connection. You say you see a lot of retransmissions with the 'netstat -s' command and that you used netmon to capture them for further analyses. What are the netmon traces telling you *exactly*?

HTH,
Stefaan

(in reply to watts3000)

Post #: 22

RE: still performance problems isa server 2004 - 3.Jul.2005 9:24:00 AM

watts3000

Posts: 115
Joined: 27.Jun.2004
Status: offline

Ok let me get this straight about the ftp server. I have 2 nics in my isa server lan wan do you want me to put in a 3rd and set up the ftp server there. Is that what you are saying would it not be the same if I just used a ftp server from work.

(in reply to watts3000)

Post #: 23

RE: still performance problems isa server 2004 - 3.Jul.2005 10:00:00 AM

spouseele

Posts: 12782
Joined: 1.Jun.2001
From: Belgium
Status: offline

Hi watts3000,

No, what I'm saying is that you need an FTP server external to ISA, preferable on the same subnet as the ISA external interface, and make sure you control every piece of equipment between them. Check out the diagram in one of my previous post.

BTW --- are you experienced in analyzing netmon traces?

HTH,
Stefaan

[ July 03, 2005, 10:01 AM: Message edited by: spouseele ]

(in reply to watts3000)

Post #: 24

RE: still performance problems isa server 2004 - 3.Jul.2005 1:15:00 PM

watts3000

Posts: 115
Joined: 27.Jun.2004
Status: offline

Know I'm not I'm new to this normally the firewalls I've deployed at work and in my test lab don't give me problems. If there are any books you know of or websites that can get me up to speed on network monitoring let me know so I can get them asap. I don't know how I'm going to do what your asking I have one dynamic ip thats provided to me by the cable company.

[ July 03, 2005, 10:09 PM: Message edited by: watts3000 ]

(in reply to watts3000)

Post #: 25

RE: still performance problems isa server 2004 - 4.Jul.2005 8:39:00 AM

watts3000

Posts: 115
Joined: 27.Jun.2004
Status: offline

I've also notced this when I download from various ftp servers on the net. I get little to know retansmissions but whenever I do anything over http I get a ton of retransmissions. I ran the netstat -s command from the isa server while doing http and ftp downloads. Also when I look in netmon ftp looks normal but when I view a caputure after a http download I see continuation respose packet everywhere.

[ July 04, 2005, 10:35 AM: Message edited by: watts3000 ]

(in reply to watts3000)

Post #: 26

RE: still performance problems isa server 2004 - 12.Jul.2005 3:19:00 PM

spouseele

Posts: 12782
Joined: 1.Jun.2001
From: Belgium
Status: offline

Hi watts3000,

sorry for the late answer but I was on a week's holiday. [Smile]

If you really want to understand netmon traces, you'll have to learn all the protocols used on your network. The most important one is probably TCP/IP. In one of my previous posts I did already give you some useful links.

quote:
I don't know how I'm going to do what your asking I have one dynamic ip thats provided to me by the cable company.

Hmm... I hate a dynamic IP for the ISA external interface and therefore never used one on any ISA box. [Wink]

quote:
I've also notced this when I download from various ftp servers on the net. I get little to know retansmissions but whenever I do anything over http I get a ton of retransmissions.

That's strange. Can you post an URL where we can download some examples of your netmon traces?

HTH,
Stefaan

(in reply to watts3000)

Post #: 27

RE: still performance problems isa server 2004 - 13.Jul.2005 7:49:00 AM

watts3000

Posts: 115
Joined: 27.Jun.2004
Status: offline

Where did you give those links on tcp/ip also what book would you recommend. As far as the dynamic ip I'm trying to get that changed not only for this but future things I need to do on my test network. I've been reading through the isa 2004 book for the past week. It seems that it was the http proxy at work because if I configure sites for direct access they just go out to the internet as normal. I've been trying to find an article here that expalins how the web proxy works but also show what happens via network traces. As far as bandwidth I found this article

http://www.ahit.com.au/content/view/52/74/

my isp is charter they have a speedtest that only can be ran on there network. I ran the test and my download speed was 2.7 and upload was like 242 this is what I like to get. So my link to chater is fine. It would be nice if you guys could write an article on how bandwidth works also.

(in reply to watts3000)

Post #: 28

RE: still performance problems isa server 2004 - 13.Jul.2005 8:17:00 AM

tshinder

Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline

Hi Watts,

Continuing response packets aren't retranssions, its just more data over the same request.

HTH,
Tom

(in reply to watts3000)

Post #: 29

RE: still performance problems isa server 2004 - 13.Jul.2005 9:18:00 AM

watts3000

Posts: 115
Joined: 27.Jun.2004
Status: offline

Well Tom what is a retransmission? I think it was the proxy at work because if I configured direct access I did not see the continuing response in the network trace.

(in reply to watts3000)

Post #: 30

RE: still performance problems isa server 2004 - 13.Jul.2005 4:32:00 PM

spouseele

Posts: 12782
Joined: 1.Jun.2001
From: Belgium
Status: offline

Hi watts3000,

quote:
posted June 29, 2005 03:32 PM
My favorite network monitor is Ethereal. It is for free! You can download it at http://www.ethereal.com . To understand network traces you have to first understand the in and out of the protocols used. For some good info, check out:
- http://www.microsoft.com/technet/itsolutions/network/evaluate/technol/tcpipfund/tcpipfund.mspx
- http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/networking/tcpip03.mspx
- http://www.networksorcery.com/enp/default0401.htm

Any TCP host wil retransmit a packet if no Acknowledgement is received within a certain time period. After a number of consecutive unsuccessful retranmits, the sending host will abort the connection (Reset packet).

Because the 'bad performance' don't seems to occure for non-web based protocols, check out if Web Proxy clients are configured to use HTTP 1.1 through proxy connections.

HTH,
Stefaan

(in reply to watts3000)

Post #: 31