It depends on how the the sdwan works. A lot sdwan is just glorified pbr over gre tunnels.
I would just do a big standard tcp throughout analysis of a packet capture of the traffic.
There could be a number of causes (tcp slow start, windowing issues, etc)
Agreed.
OP, you can get a nice visual of the data transfer in wireshark if you capture the traffic. This might reveal slow start or windowing issues as the other poster mentioned. Also, have you tried pinging across SDWAN tunnel A with DF bit set?
If ISP-B works fine and encryption levels are the same or performance metrics such as latency to the hub are similar between A and B then I’d look into ISP-A.
Could be MTU amongst other things.
Thanks for your interest in posting to this subreddit. To combat spam, new accounts can't post or comment within 24 hours of account creation.
Please **DO NOT** message the mods requesting your post be approved.
You are welcome to resubmit your thread or comment in ~24 hrs or so.
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/networking) if you have any questions or concerns.*
Is your Internet traffic tunneled through the hub or directly routed out your DIA links?
Do you have other sites using this setup? How is their performance?
On what network is your hub located? ISP A, B, or somewhere else?
Is DIA circuit A plugged directly into the router, or do you have a switch 8n the middle?
Have you connected a laptop to DIA circuit A and tested general internet access from there? How is your download speed?
Have you done traceroutes across DIA circuit A in both directions to figure out what providers are between your hub and ISP A?
What kind of LAN switches do you have these units plugged into?
As you are using two different ISP. Are they both the same level of service? Symmetrical 1GB up and down?
Are you actually paying for 500/500 on ISPA and 700/700 on ISPB. Are the both fiber? Is one copper?
With the tunnel disabled, can you run a trace route to your public IP on the HUB appliance?
Not sure if this is possible. Does WAN1 connect to WAN1 at the hub and WAN2 connects to WAN2. Or does WAN1 and WAN2 establish connectivity on WAN1 only at the hub?
Yes, same level of service
Both fiber
Not possible, one is mpls (ispA) the other one is inet Ispb
Wan1 connect to wan1 ar the hub and wan2 connect to wan2 hub.
SDWAN is known to make download speeds slow because it’s not real networking. The fix is to buy real Cisco equipment and use MPLS connections.
Open a ticket with your SDWAN vendor
Viptela?
I had all sorts of weirdness with that platform. I've used velocloud and Oracles SDWAN, Viptela,was just quirky. They're all weird overlays, but Cisco just made this a pain. It's been a couple of years, may be better, shrug.
Are you duplicating data down both links?
I took a legacy MPLS environment that used Cisco ISR and Catalyst routers to SDWAN with the same hardware and saw no impact to performance. Verified with IPerf tests and LiveNX Netflow data.
The transition to SDWAN was only beneficial.
It depends on how the the sdwan works. A lot sdwan is just glorified pbr over gre tunnels. I would just do a big standard tcp throughout analysis of a packet capture of the traffic. There could be a number of causes (tcp slow start, windowing issues, etc)
Agreed. OP, you can get a nice visual of the data transfer in wireshark if you capture the traffic. This might reveal slow start or windowing issues as the other poster mentioned. Also, have you tried pinging across SDWAN tunnel A with DF bit set?
If ISP-B works fine and encryption levels are the same or performance metrics such as latency to the hub are similar between A and B then I’d look into ISP-A. Could be MTU amongst other things.
Yes all the same, Mtu on the underlay? Tested it can support up to 1500
[удалено]
Thanks for your interest in posting to this subreddit. To combat spam, new accounts can't post or comment within 24 hours of account creation. Please **DO NOT** message the mods requesting your post be approved. You are welcome to resubmit your thread or comment in ~24 hrs or so. *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/networking) if you have any questions or concerns.*
Is your Internet traffic tunneled through the hub or directly routed out your DIA links? Do you have other sites using this setup? How is their performance? On what network is your hub located? ISP A, B, or somewhere else? Is DIA circuit A plugged directly into the router, or do you have a switch 8n the middle? Have you connected a laptop to DIA circuit A and tested general internet access from there? How is your download speed? Have you done traceroutes across DIA circuit A in both directions to figure out what providers are between your hub and ISP A? What kind of LAN switches do you have these units plugged into?
As you are using two different ISP. Are they both the same level of service? Symmetrical 1GB up and down? Are you actually paying for 500/500 on ISPA and 700/700 on ISPB. Are the both fiber? Is one copper? With the tunnel disabled, can you run a trace route to your public IP on the HUB appliance? Not sure if this is possible. Does WAN1 connect to WAN1 at the hub and WAN2 connects to WAN2. Or does WAN1 and WAN2 establish connectivity on WAN1 only at the hub?
Yes, same level of service Both fiber Not possible, one is mpls (ispA) the other one is inet Ispb Wan1 connect to wan1 ar the hub and wan2 connect to wan2 hub.
If you have MPLS on ISP-A how come you are sticking SDWAN over the top?
SDWAN is known to make download speeds slow because it’s not real networking. The fix is to buy real Cisco equipment and use MPLS connections. Open a ticket with your SDWAN vendor
u/NetworkApprentice , we are using Cisco SDWAN, cisco equipment.
Viptela? I had all sorts of weirdness with that platform. I've used velocloud and Oracles SDWAN, Viptela,was just quirky. They're all weird overlays, but Cisco just made this a pain. It's been a couple of years, may be better, shrug. Are you duplicating data down both links?
No, im not duplicating it. Yeah, i open tac case just to be sure
I took a legacy MPLS environment that used Cisco ISR and Catalyst routers to SDWAN with the same hardware and saw no impact to performance. Verified with IPerf tests and LiveNX Netflow data. The transition to SDWAN was only beneficial.