Site-To-Site VPN extremely slow

ibarrasaualfred
Comes here often

Site-To-Site VPN extremely slow

Hi all,

I hope this finds you well.

 

We recently add to our infrastructure a SD-WAN Velocloud solution,

 We have 2 locations, both with 1Gbps for Download and Upload.

 

And the connection to internet is really very cool, but the connection Site-To-Site is extremely slow.

 

The file transfer between servers, one in every location is about on 355 Kb/s.

 

What could be causing this?

 

Thanks in advance.

 

Regards.

13 Replies 13
alemabrahao
Kind of a big deal
Kind of a big deal

Which MX model do you have? Have you opened a support case yet?

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
ibarrasaualfred
Comes here often

1: MX105
2: MX250

I created a case to Meraki also for my velocloud provider, and both sides say everything is fine in their side.
We connected both places with a LAN connection, and everything was slow between them.

Is there any shaping rule that I can create for prioritize the file transfers between the servers?

Thanks in advance!

 

alemabrahao
Kind of a big deal
Kind of a big deal

Take a look at the documentation.

 

https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/SD-WAN_and_Traffic_Shaping#SD-WAN_p...

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
ibarrasaualfred
Comes here often

I could not find nothing relevant for solve my problem.

 

Thanks for your time!

cmr
Kind of a big deal
Kind of a big deal

Is your topology at each site as below?

 

LAN - Meraki MX - VeloCloud - Internet

 

If so, can you connect a test client in place of the Meraki MX and see if that works okay? 

 

Also do you have a large SD-WAN, I ask as if you just have two sites, why not use the SD-WAN features of the Meraki MX? 

ibarrasaualfred
Comes here often

Hi, yes my topology is like that one!

We don´t use the Meraki SD-WAN for another reason, but I cannot figure out yet, why if a copy a file from my computer to the server is very fine, but from the server to my computer is very slow...

alemabrahao
Kind of a big deal
Kind of a big deal

I don't know what is your operational system but maybe it will help you.

 

https://answers.microsoft.com/en-us/windows/forum/all/how-to-change-mtu-settings-in-windows-10/5c36c...

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
Obrez
Here to help

Make sure your MX appliances are on the same version of firmware.  Also open a ticket with support, you may have some sort of MTU mismatch.  They will have you run some iPerf and do some other testing.

PhilipDAth
Kind of a big deal
Kind of a big deal

If I understand correctly, you are using Velocloud for SD-WAN and Meraki MX to act only as a security appliance.

 

As Velocloud is providing the SDWAN between the sites - that is where you'll need to look for the issue.

 

 

My guess - it is an MTU squeeze in Velocloud.  You can test this on two machines by temporarily lowering their MTU to something like 1300 and see if the issue goes away.

 

You need to find the name of the network adaptor being used with this command: 

netsh interface ipv4 show subinterface 

  

Then run this command to change the MTU (change "Local Area Connection" to the adaptor name above): 

netsh interface ipv4 set subinterface “Ethernet” mtu=1300 store=persistent 

ibarrasaualfred
Comes here often

Hi !

I tried changing the MTU and both sides.

It is still slow.

The weird thing is when I copy a file from my computer to the server, it has a good speed, the problem is when I copy a file from the server to my computer (or any computer in my domain)

AlexP
Meraki Employee
Meraki Employee

The best way to troubleshoot this is to start a packet capture, and then start your file transfer; there's a few details Support can reference in such a capture to help determine where it's bottlenecking better.

ibarrasaualfred
Comes here often

Hi, thanks for your reply.

 

Actually I did a package capture, but we cannot determine was was happening 

 

It only shows lost packages

AlexP
Meraki Employee
Meraki Employee

Packet loss could easily be the cause of reduced performance though

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels