I have a Cisco 4006 with a 4013 Supervisor and a 4232-L3 and 3 x 4148-RJ modules.
When downloading data from ServerA on the switch to ServerB on
the switch the download speed is limited to about 650KB/sec.
ServerA -> ServerB = 650KB/sec.
ServerB -> ServerA = 11MB/sec.
So the problem is in one direction.
Each server has its own VLAN and a /29 IP block and both servers are physically connected to the 4006's 4148-RJ modules.
This seems to affect servers at random.
This issue disappears if I change the /29 IP block on the server experiencing the slow downloads while still using the same VLANs and ports to a /29 not experiencing this issue.
When I change the /29 to one that is not affected the switch is capable of full wire speed which is approximately 11MB/sec sustained. When I change back to the old /29 the downloads are limited to about 650KB/sec max.
I have tried the following:
changing VLANs
changing ports on the 4006
replaced CAT5 patch cords
replaced NICs in affected servers
replaced motherboards in affected servers
had multiple people examine the configs
and a few other crazy ideas yet the problem persists.
This problem affects only a few servers on the switch however I have a similar problem on a larger group of servers as well.
Several servers are limited to 650KB/sec downloads from very fast servers outside the network on the public internet.
For example:
LocalServerA on the 4006 with a /29 is downloading from RemoteServerA on the internet and is getting about 650KB/sec.
RemoteServerA -> RemoteServerA = 650KB/sec
LocalServerB on the 4006 with another /29 is downloading from RemoteServerA on the internet and is getting 3-8MB/sec sustained.
RemoteServerA -> LocalServerB = 3-8MB/sec
If I change the /29 on LocalServerA to a /29 which is unaffected by this issue the speed problem disappears while still using the same hardware, VLANs and physical ports.
Is a basic Cisco ASA 5505 suitable for a low-bandwidth colocation environment? I run a small virtualization network, going to be expanding to multiple hosts with a SAN and looking for something that is more secure and easier to manage.
Right now, I only have 12 virtual servers and I'm only pushing about 1-1.5mbps on average, though going to be expanding it so my capacity will be about 4x, including multiple physical servers and a layer2 switch. Sometimes managing it even now can become a PITA.
I would like to use an external firewall, but don't think I need something as hefty as an ASA 5510, as I doubt I'd max out the 5505 on throughput. I'm also sceptical about putting up a m0n0wall/pfSense box, as it might not be as cost effective to put it on new, reliable hardware, and putting it on some older/purchased off Ebay server could be unreliable as it is the entry point to my network.
Think the ASA 5505 would be a good entry level point?
My users frequently tell me that my website is slow, but it doesn't seem to be so, for me. Are there objective tools and criteria to test its speed (response time, max transfer etc)?
Also, I'm currently paying $1 for GB of transfer. How much does it usually costs?
Since my hosting company sets php_safe off, I'm considering changing it.Can you guys recommend me a hosting plan that has:
- ssh with vi etc: this is important
- A FAST server
- Norway-based (to enjoy .torrents without being bothered) or US Based (to enjoy "fair use", which seems to be exclusive to the USA)
- 1-3GB of space
- LOTS of transfer. I don't consume many gigabytes yet, but someday I will.
- Some kind of hacking protection. I'm damn scared of my website suffering a vampire attack and having to pay for the raeped bandwidth.
As per topic, what is the best method to do to the hardware to improve bandwidth / uplink speed of server?
I have a production server that is used for regular file serving.
P4 3.0Ghz 4GB RAM 500GB + 160GB + 160GB hard disk 2Mbps Dedicated + 10Mbps shared.
However, the most I can pulled through the whole server is always between 1.5Mbps - 3Mbps, anyway to pull the speed up to around 10Mbps should there be availability of bandwidth for me to burst?
I currently have a windows 2003 server box which is being used only for huge file downloads (Media server). Wanted to know if there is some sorta program or script that lets me check the current connections and what speed each connection(ip) is downloading at?
I wonder whatLs more important on a shoutcast server, to get more bandwidth per month as possible, or a faster port connection?
I have test a 2 hours music stream at 128k bit rate and was only 5MB per listener ! This is not to host 24/7 radios. Its a project to host DJs /Live Bands at a maximum of 128k, with no more than 2 hours events.
Also each event between 50-80 listeners, and not at same days or hours.
About the port connection, what this means? : Port: 10/100MBPS SWITCHED VLAN
Is it shared and from 10 to 100mbps?
I am trying to find the best deal with dedi servers. Have at this moment a unlimited bandwidth /100Mbps shared, but it seems the CPU is too low (AMD Sempron 3100), as I canLt seem to create more than 40 shoutcast accounts (and no client is streaming, just ON), and the server load goes up to 4.5 !!
So, I am looking on the market , as I saw better deals with better processors (Pentium4, Core 2 Duo), and much cheaper (below $100), but they only offer 2000/3000GB bandwidth.
I am having some serious speed issues with my 1Gbit server at FDC. After opening a ticket, they've simply dismissed it as a server configuration problem. However I am convinced it isn't because certain ISP's (usually universities) get good speeds, usually 700kb/sec but the vast majority of my users get between 20-50 kb/sec and it's causing a lot of complaints.
Furthermore I have other servers with FDC which are 100mbit which perform better than my 1 Gbit one. There are no server bottlenecks (CPU/RAM/HDD), since I've closely monitored them (PRTG) and they aren't even heavily utilised. So the problem is with the network at some point.
Speed Test : [url]
where abouts you are downloading from, your ISP and net connection. Wget's from servers are also welcome as are traceroutes.
We are looking to replace our existing WatchGuard Firebox's with a hopefully more reliable firewall from Cisco's range although I'm a bit lost when it comes to the different ranges.
Could somebody suggest a firewall that is capable of:
1: Both NAT & Drop-in (bridge) mode 2: Pretty low bandwidth requirements, no more than 10mbit/s traffic 3: SNMP Monitoring 4: High availability pairing
I see a lot of DDos related articles here at WHT. We've got hit multiple times by DDos and had to handle those attacks everytime with a different approach.
The largest one and the most well know one (we were in Times Mag, AP news, CNN, slashdot, you name it - just do a search about us on WHT) was Russian botnet cyberattack - we had to anaylyze netflow and then block everything on our edge routers, then on the firewall and then locally on the servers.
Since then we had number of other attacks, some of them we were not able to defend on the server level, while, as you can understand we can't do netwflow and manual intervention evey time somebody gets an attach.
We have very good scripts which allow to mitigate huge number of DDos attack, whet our scripts are finding attacking IPs and blocking them automatically - still some attacks could be blocked only on the router level.
I've read that Cisco Guard (I am interesed in 65xx version of it) suppose to mitigate DDos attacks in automatic mode.
after months of disruption moving servers into a new data centre, our once reliable colocation company has now had nearly 6 hours downtime in the last 16 hours. So much for network redundancy.
I am looking at picking up a switch to mess around with at home. I found the following within driving distance but have no idea of which one will give me more up to date, hands on experience. Any feedback is greatly appreciated.
Used Cisco WS-C5509 Chassis with power supply ( POWER SUPPLY 34-0870-01), and fan (WSC5509FAN) Cisco WS-X5530-E2 Supervisor Engine III Modules Cisco Systems WS-U5537-FETX CISCO 4 PORT 100BASETX UPLINK MODULE Cisco WS-X5234-RJ45 Switch Modules X 8
$160 each.
Cisco WS-C5500 Chassis POWER SUPPLY 34-0773-03 Cisco Ws-x5550 Supervisor Engine Iii G-series WS-X5234-RJ45 X 11
For $200
Cisco WS-C5505 Chassis Cisco WS-X5530-E2 Supervisor Engine III Modules Cisco WS-U5533-FEFX-MMF Supervisor Engine III Uplink Modules Cisco WS-X5225R Switch Modules X 2
I'm trying to learn about network. I bought Cisco 2950 for testing. I set it up and finding out the way to cap its ports at 20Mbps or 50Mbps. Do you know what command or how to do this?
Also what command to check the port speed or to uncap the port?
I am setting up a small ccna lab and i have RIP working and i can ping my lan from both routers, but only certain hosts on the lan from the one router the setup is
1) I was recommended to chose the XL-EN model switches because it seems they have more Memory, but the second one in the list (Catalyst) is not a XL-EN, is that going to have any affect performance wise? or it doesn't really matter?
2) I was also recommended to choose managed switches because that way I can use the SNMP features to measure bandwidth, are any of the switches above unmanaged?
3) I also want to be able to manage the switch remotely, web managed, are any of the switches above web-manageable?
4) Most importantly, when my datacenter give me a 100mbit drop, I dont know which port to plug it in in the 29** series. In the 35** I see it clearly but I am not able to see it in the 29**, any ideas?
5) On some of these switches I see a special port called "Console", what is it? where does that connect to?
6) Do any of the switches above not have a console port?
I have a single /24 and my firewall is on x.2 and routes traffic for each of the servers.
Now i have a new Cisco ASA 5510 that i want to replace the aging firewall currently in place, however i dont want to put the firewall into transparent mode because i dont want to lose all the functionality.
Now with most firewalls your outside subnet cannot be the same as your inside subnet, which is fine if you are using NAT but i dont want to NAT. I need all of my servers to remain with their public ip addresses.
So what is the ideal way to setup something like this? Request my ISP give me a /30 for the ASA outside interface or something? And then ask them to route my /24 through the /30 new subnet?
whether I can grant a specific vlan priority over all other traffic..and if so does anyone know an appropriate site where I can find documentation on how to do so?
From the posts in this forum it would appear that a number of forumites are colocation service providers and web hosters that use Cisco gear.
I was reviewing the Cisco End User License Agreement that was included in the router box. Under the General Limitations section, "Customer shall have no right, and Customer specifically agrees not to:", item (iv) states, "use or permit the Software to be used to perform services for third parties, whether on a service bureau basis or time sharing basis or otherwise, without the express written authorization of Cisco".
Does this mean that a service provider is required to acquire a separate license similar to the Microsoft Service provider license?
I have a cisco 2960G switch that I used for colocation, the colocation provider does all the routing all I need is this switch. It's just a plug and play operation, however I now need to do some more difficult stuff.
So, I plugged their bandwidth uplink into port 20.
I have really no idea on how to setup anything other than the basic of the switch.
Is it possible to setup Private Vlans in this situation? I am in need of a setup like this:
All port 1-19 in private vlans, but still able to communicate with port 20 to get internet access. Port 1-19 cannot communicate with each other except by going through port 20, through the internet.
I also want to know if it's possible to statically assign each port with a specific IP? Just say I want all traffic to a static ip to only go to port 1? Is that possible? I want to be able to limit the control of IPs through the switch not through the server.
Right now all my IPs are assign on the server level, meaning the server can take each other IPs and mess with each other connections.
at 11x 2851's. When we got the quote they had added on Cisco Advanced IP SERVICES.
We arent sure if that is just the security bundle, or something they are trying to toss on for more money.
2851 w/ AC PWR,2GE,4HWIC,3PVDM,1NME-XD,2AIM,IP BASE,64F/256D Cisco 2800 ADVANCED IP SERVICES Maximum Compact and USB Flash Four port 10/100 Ethernet switch interface card Updated 1-Port T1/Fractional T1 DSU/CSU WAN Interface Card 64 to 256 MB CF Factory Upgrade for Cisco 2800 Series 256MB USB Flash Token for Cisco 1800/2800/3800 series Cisco 2821/51 AC power supply Power Cord,110V Device manager for routers 256MB DDR DRAM Memory factory default for the Cisco 2800 8X5XNBD Hardware Replacement 2851 w/ AC PWR,2GE,4HWIC,3 (1 Year)