10 Tips For Boosting Network Performance

snydeq writes "InfoWorld's Paul Venezia and Matt Prigge provide hands-on insights for increasing the efficiency of your organization's network. From losing the leased lines, to building a monster IT test lab on the cheap, to knowing how best to accelerate backups, each tip targets a typical, often overlooked IT bottleneck."

Get drunk.

Unplug wires in network closet.

Backups

[natehoy]

I learned from the BOFH that the fastest backups are written to /dev/null.

Re:Backups

[AI0867]

That's not /dev/null, that's a deleted file. /dev/null does *nothing* with anything written into it and attempting to read from it yields 0 characters read: source, around line 618.

When however, you create a file, open, and delete it, then as long as your handle exists, the refcount of the inode won't reach zero and it won't be collected by the filesystem. This is a rather common practice.

Re:Backups

[dkleinsc]

Also, the fastest way to speed up a network is reduce the number of lusers. Completely demoralize them, electrocute them, slip a laxative into their drink, so many options, so little time.

Re:Backups

[darkpixel2k]

The whole point of /dev/null is that it's writable, but not readable.

Exactly. Backups to /dev/null, restores from /dev/random.

Get high.

[TrisexualPuppy]

Plug wires in again in a more colorful way.

11.

[Monkeedude1212]

Stop your IT Department from visitting Slashdot

Re:11.

[jd]

1. Ban Quake during work hours
2. Ban Microsoft shares
3. Ban NFS
4. Put users on Linux and servers on NetBSD
5. Have all web traffic go through Squid caches
6. Use gigabit or ten gig ethernet for LANs
7. Ensure the switches can actually carry all the traffic, not just the traffic from one line
8. Segment the network according to where the traffic is, not where the politics are

Re:11.

[lgw]

2.Ban Microsoft shares
3.Ban NFS

If you ban CIFS and NFS, what's left? Sneakernet has great bandwidth, but the latency sucks and it's a bitch to search.

Re:11.

[Colin+Smith]

Subversion.
 

Re:11.

[cstdenis]

And thanks to it not requiring activation and having support for running it's own dedicated servers, people still CAN play it.

Re:11.

[hedwards]

We use carrier pigeons, they can only take a couple "packets" of 16gb or so, but it only takes a few minutes for them to cross the city. We also use carrier rats internally as they can do the same thing with even higher capacity. We tried to work with carrier snails for a while, not sure why that didn't work out, but the packet never did arrive in San Diego like we expected. Snail mail my ass.

Re:11.

[jd]

What's left:

• Andrew File System
• Ceph
• Lustre
• GlusterFS
• POHMELFS
• Parallel Virtual File System
• CODA

There's probably a few others I've forgotten.

Re:11.

[jd]

Banning TCP/IP can help, in some circumstances. There are circumstances where shifting the resend mechanism out of the low-level protocol is actually the best option. This basically emulates TCP capabilities over UDP. (This has other advantages. You can multicast UDP, you can't multicast TCP, which helps sending the same data to multiple machines.) NACKing unreceived packets vs. ACKing the received ones also cuts bandwidth usage -- but you've got to be careful. Either the NACKs have to be sent via a reliable mechanism OR you have to send a NACK that is not attached to a packet number, otherwise there would be no way for the originating machine to distinguish between a dropped NACK and the recipient receiving all packets OK.

Re:11.

[jd]

I still play Zaxxon on MAME and that's a hell of a lot older than 12 years. I even play XTrek and occasionally BSD Sail. I can't wait until someone makes a movie version of Hunt the Wumpus.

Re:11.

[jd]

AFS has been around a LONG time and I'd hate to be within a mile of you if you go around telling IBM that the distributed file system they ship on their mainframes isn't production ready. However, if you want another option, try Polyserve FS. That is most certainly production-ready.

Re:11.

[afidel]

I was specifically thinking of OpenAFS when reading AFS as I don't work with dinosaur herders =)

Re:11.

[hawaiian717]

AppleShare! For even more fun, run it over AppleTalk instead of IP.

Backup to tape?

[nizo]

Seriously, does anyone backup to tape anymore?

Re:Backup to tape?

[Tinctorius]

CERN does.

Re:Backup to tape?

[afidel]

I have almost 5k tapes offsite on legal hold, how much would that cost in HDD's and storage fees vs tape?

Re:Backup to tape?

[QuantumRiff]

unless they are physically damaged, or get too much voltage applied to them, and fry the boards, etc.

Tape is designed to be a long term, shelf stable investment. How many old MDF hard drives can you access now? You can go to IBM right now, and order tape drives that work with mainframes from the same era. You will pay out the nose, but they are available.

Re:Backup to tape?

[Monkeedude1212]

I look at the tapes, and yes, I know how useless they'll be in about 3 years time, we'll have migrated to a new system that isn't compatible with this. I look at the backup tapes from 1999, and how we don't even have a tape drive for them anymore, but should we need to access them we'll probably hunt them down.

What kind of disks are you talking about? Well I need over 1TB of space per backup, at the end of each month, 4 different 1+ TB backups to be stored indefinately. So I can't use floppies, CD/DVD/BRD...

Because Hard Drive Disks go through different mediums too you know, I can't plug my SCSI into a SATA. I am not entirely sure that any hard drive I use today will be accessible 10 years from now. And lets look at the prices for a 2TB hard Drive (since that'd be what I'd need). Let's say I get lucky and get them for $100 each. Tapes I can get for $30.

By using tapes we get the size we need, though the speed is slow, for the right price. Saving almost $3000 a year by using tapes.

Re:Backup to tape?

[XXeR]

I haven't priced tapes lately

That's too bad. If you did, you'd know why many of us still use tape...especially in times like this where every penny matters.

Re:Backup to tape?

[tweak13]

An 800GB Native / 1.6TB Compressed LTO-4 tape costs $35. If you don't deliberately choose a ridiculous comparison, tapes really aren't that expensive.

Re:Backup to tape?

[juuri]

You sound like someone who has never been responsible for long term backup storage. Stuff isn't just thrown on a tape and stored offsite for years. Responsible DR requires you to constantly be shifting all your long term storage onto new methods, constantly. You wouldn't have MDF hard drives with valuable data on them, or even legacy data as all that data should have been MOVED and VERIFIED onto current media.

Re:Backup to tape?

[h4rr4r]

8Gigs is nothing. We do nightlies into the TBs. If this is not what you do for a living you probably lack the experience to be making valuable input.

I need 30 blocks of whatever for our rotation system.

Re:Backup to tape?

[turbidostato]

You are right about tapes being more resilient, cheap and brought in a better form factor (not a minor concern; in fact that's what makes tapes the proper choice most times). But you are wrong in everything else.

"How do you backup TB's of data across many drives?"

Just exactly as you do with tapes.

"how do you ensure your disks dont get damaged on the ride to the bank/vault?"

By using careful transportation? Heck, if we can move a Ming dinasty jar all across the world, we can certainly move a bunch of SATA disks to the vault.

"today I sent out 9 LTO4 tapes (each holds upto 1.6TB) to the vault. I couldn't manage 9 disks."

You must be joking. 9 3.5" disks fit comfortably in a cardboard box protected with bubble plastic. Can't you manage *that*? Really?

"With tapes I just put them in the tape library and it manages everything itself"

Do you mean a cheap disk cabin wouldn't do the same? My two 15 SATA disks cabins must be a matter of magic, then.

"moves them around"

Of course your tape library moves the tapes around. That's because readers are so expensive that it only has one or two of them instead of fiveteen. Two 8 ports areca cards won't need to move any disk around: it gets enough ports to access all of them at the same time.

"knows which tape has what data, what can be overwritten, etc. Everyday it gives me a list of tapes to bring back from the vault and it gives me a list of tapes to take to the vault."

Exactly the same with disks, of course, since that's a matter of software, nothing physical media-related. Oh! and you'll get decent speed for random reads (like when recovering a single file) which you can't dream with tapes.

"The tapes cost about $40 each. A drive costs probably $1000."

A LTO4 probably will cost you more 50$ than 40$ but, anyway. Of course, a 2TB disk will cost you about 150$, not 1000$. The cost per GB is still on the side of tapes, but it's not sooo far from disks. And disks can be accessed randomly, and stand for read/write cycles orders of magnitude beyond tapes, so they are fastly coming to odds.

"My tape library cost like $10,000, it has two drives and holds around 40 tapes."

A SATA disk cabin will cost you about 1500$, holds 15 disks, will give you simultanous random access to all of them *and* will be easily upgraded to bigger disks when they become affordable.

Re:Backup to tape?

[Cramer]

Plus, you'd be in deep sh*t when you got a drive back from storage to find it 100% completely unusable. HD are fine for online storage when coupled with periodic scrubbing, but for offline storage they are the most unreliable thing in the universe. (well, maybe not the worst, but pretty high up on the list.)

Re:Backup to tape?

[Sandbags]

...and that's why offline HDD storage should equally be in RAID format.

That said, I worked for a D2D disaster recovery provider, and one time only we had issues recovering data from an archive drive due to disk failure. Suspicion was the drives were pulled before the job actually finished.

Now, HDDs sitting idle have a bit failure decay measured in years. Worst case, if the drive mechanism failes, the platters are still fully readable and easily recovered. Data being pulled from legal hold usually has no timeframe recovery requirements (unlike disaster recovery, there's no SLA for court requests of data), and worst case, HDD repair is a viable option.

Tapes have a bit failure rate measured in days, typically 30 for most tapes, and once data decays from the tape, it can not be recovered. Also, most typically, a tape recorded on one set of drives can not be read by another set of identical drives. often, the very same drive has trouble reading its own tapes if they've been shuffled out of the building and back in months later. I used to do an experiment in a classroom teaching DR methods where I'd perform a backup and bit-level verify (and only 3 in 10 pass verify at the bit level, but assuming it passed I'd continue, then I'd take the tape out of the drive, drop it just 6 inches to a table, flat, then put it back in the drive and repeat verify, and it would predictably fail 100% of the time. I'd repeat that with a hard disk backup of the same data set, let each person in the room drop the drive from shoulder height to the floor, then repeat the verify, and I never once had a failure (though once I had trouble getting the drive back in the tray slot).

Re:Backup to tape?

[Sandbags]

SATA ports have been on mainboards for nearly 10 years. IDE is a near 20 year old technology and IDE drives are still available. The format methods for disks are current, and data is EASILY migrated from one partition format to another. SATA 6 is backward compatible with SATA I drives and PCI IDE adapters cost about $15. (or USB external adapters)

Backups should not do 10 years without being migrated, and disk hardware 10m years from now is practically guaranteed to be available to read your disks, and legacy hardware is cheap and easily acquired. Tape hardware migrates to new formats every few years, can only be read in proprietary devices by proprietary software in most cases. Acquiring even a 5 year old legacy tape drive is near impossible, and new tape drives have significant issues reading any more than 1 previous tape generation. Migration to new tapes should happen every 3 years, at a cost of about $80/tape. HDD can go 7-10 years between migrations, at a cost of about the same per drive, but with greater capacity in most cases, easier migration tools, readily available, and drive sets can be RAID sets adding reliability and parity on inexpensive hardware.

Outsource everything to Google.

[ickleberry]

Just give Eric Schmidt a call, tell him you have nothing to hide from his company or the government and they will replace all your machines with shiny new Google Chrome OS based "Net tops", put all your data on their servers, give you a brand new direct fibre optic connection to their nearest office and all they want in return is the ability to meticulously sift through your data in order to find the best way to bombard you with text-based ads.

Everything is more shiny with Google.

2Base-TL

[thule]

What reason is there to run T1/T3 anymore? I know, by definition, the regulation over T1/T3 guarantees reliability. I have dumped T1's and switch to 2Base-TL (aka Metro Ethernet) and it is extremely reliable. For me, the "more reliable" argument doesn't hold much. The latency is very, very good -- often below 10ms. Even if the network goes down, I can afford some sort of backup link. I'm paying under $1,000/month for 10mbit (symmetrical). The footprint for 2Base-TL is pretty good because it is based on DSL technology. It doesn't have the reach that T1's have, but it isn't bad. The big difference is that is spreads the signal over multiple pairs of wire (in my case, 8 pairs) instead of a single pair.

If your company has T1's, shed yourself of the "regulated" links and check out 2Base-TL. You will be glad you did.

Re:2Base-TL

[BagOBones]

For our US offices all we can get with a decent SLA is Factors of T1, we get Fiber/Ethernet service in Canada 10x faster for the same cost and SLA.

Citrix/VDI/etc

[nurb432]

Get rid of fat clients, that will do wonders to reduce your network bandwidth needs out to the customer. Then beef up the datacenter network.

Re:Citrix/VDI/etc

[xianthax]

This is probably the first time I've seen the claim that thin clients _reduce_ network traffic.

Care to elaborate?

Re:Citrix/VDI/etc

[BitZtream]

Not.

Sending an image of an email in outlook that takes half a meg EVERY time it gets viewed is hardly better than sending 15k of html to the client which is cached and displayed locally.

Theres a reason we don't use HTML instead of just sending prerendered images over the web.

Resending an large image every time you hit backspace in Word is hardly intelligent use of bandwidth.

Re:Citrix/VDI/etc

[afidel]

Hehe, you have no clue what you are talking about, ICA is completely usable over dialup, there is no half meg image.

Back to 56k

[Mishotaki]

Slow down your internet connection to a single 56k line... then people will stop trying to use it to look for porn and all the useless crap searches they do on google... You'll also save some money with the monthly bills!

monitoring tools

[WarJolt]

once I told a coworker about emule. He downloaded and installed it. The next morning the CFO comes to me.... "Have you ever heard about emule"...the infastructure was screwed up, but instead of fix it they waited for p2p to bring the network to it's knees. The best way to test a network is to see how many simultaneous p2p connections it can handle before crapping out. Needless to say there were some consequenced for that employee.

Re:monitoring tools

[BagOBones]

No the best way is to see if p2p is already blocked.. Tossing bandwidth at the problem is not always the best solution.

Re:monitoring tools

[clarkn0va]

Handling p2p is not so much about bandwidth as it is about routing capacity and QoS. There's a reason that a proper Linux-equipped home router can withstand torrents with literally thousands of open connections, while your typical DLink or Trendnet will buckle somewhere around 150, and I don't care what your link speed is.

Similarly, a good healthy torernt can saturdate just about any WAN link you want to throw at, but only a proper QoS solution will keep a 1mbit connection responsive under a comparable load.

Re:great and useless advices :)

[xianthax]

i think you misunderstood.

Know your apps means knowing their bottlenecks and how to alleviate them.

Some apps have high sustained disk reads, some writes.

Some have high amounts of random reads, some randoms writes, some both.

Some apps are I/O bound, some memory bound, some CPU bound.

The source of the app has nothing to do with your ability to monitor the operation of the app and determine its infrastructure needs.

Mostly Worthless

[Rantastic]

It frightens me to think that there are people getting paid to take care of enterprise systems that would not already know everything in this article. Mostly, it reads like a thinly veiled ad for VMWare products.

Re:Switch to cable internet at work?

[afidel]

It depends, we have some sites that have done very well with cable providers on business class accounts (I assume those that have separate channels for business class), and less so with others. Our biggest problem has been the lack of any teeth to an SLA when we did have problems, which is why I would never move our HQ which has nearly half our people and which hosts remote access for the rest. For a remote office where they can always fall back to 3G tethering if they have an outage for a day or two and use our Citrix farm it's a great way to get bandwidth on the cheap.

Don't fight the system, use it.

[Colin+Smith]

Run remote desktops. Bandwidth consumption to the desktop drops dramatically.
Run your heavy network I/O over the switch stacking fabric, where you've got shit loads of bandwidth. Channel bond.
Separate access ports/switches and storage network ports/switches. Use jumbo frames on the storage network, but don't route them.
Prefer shared memory first, then unix domain sockets over TCP/IP/LAN over WAN. Microsecond (or better) latency vs milliseconds or seconds.
Dedicate servers to applications, take advantage of copy on write & modern memory management.
Let your VM management hold a significant proportion of dirty pages. WTF is the point of loads of RAM if you insist on running at disk speed? But do use a logged filesystem.
Use a load management system. Grid Engine, Condor etc.

Re:Don't fight the system, use it.

[ColdWetDog]

How do I configure my Airport to do this? They said it was professional quality at the Apple store.

There is a reason for leased lines...

[juuri]

... and if you think it is about latency you are mildly retarded, as are the writers of this general knowledge article.

Leased lines in general have better SLAs but that isn't even much of a point anymore as they cheaper products "claim" to have similar ones. The difference here is how good is that business class dsl/fiber support at 2am? What are the odds they are actually going to be willing to send someone out to the telco closet right away if there is an issue? You buy leased lines because you need *real* support of the SLAs... not this, "well we were down for 5 hours, so how about we credit you a day off!" bullshit.

It's really scary for what passes for "good advice" these days.

Re:Switch to cable internet at work?

[VanGarrett]

That is almost exactly five 9's of up-time. Sounds like they met the standard guarantee.

Real Tip #1 - Disable Interrupt Moderation on NICs

[JakFrost]

Interrupt Moderation = Disable

Here's a real tip, disable Interrupt Moderation on your Network Adapter Cards to achieve greater bandwidth, as much as 100%+, and lower latency (the two measures of network performance) at the expense of processor utilization due to more hardware interrupts that have to be handled.

Instructions: In Windows open up Control Panel, Network and Sharing Center, click on Change Adapter Settings, open Properties on your Local Area Connection (sometimes #2, #3, or something if you have more network cards), click on the Configure button, then the Advanced tab, select Interrupt Moderation, change the value to Disabled, while there look for any settings with the word Offload and enable them all, and then click the OK button to make the changes. This will restart your network card driver and make the settings effective.

Most network cards from popular manufacturers such as Intel, Broadcom, Realtek, etc. hold network packets in a buffer until enough time goes by before raising a hardware interrupt and telling the processor, operating system, and network driver that there are packets waiting to be serviced. By disabling Interrupt Moderation you instruct the network driver and card to raise the interrupt every single time a packet comes in, thus making your processor service the network card much faster thus decreasing latency on the packets held in the buffer and also increasing bandwidth by allowing more packets to flow through faster. This increases your processor utilization by a significant amount 10-30% but if you have a recent dual, quad, hex, octo-core processor and recent network drivers that are multi-threaded with multi-core support and have Receive Side Scaling support then the increased processor utilization is negligible to your computer and if you are running a network server then network performance should be a priority anyway.

I have personally seen and tested corporate and home LAN environments using Fast Ethernet 100 Mbit/s (~11 MByte/s) go from slow 6-7 MByte/s to 10-11 MByte/s throughput, and Gigabit 1,000 Mbit/s (~100 MByte/s) go from ~30 MByte/s to 95-98 MByte/s speeds due to these changes. No other network driver setting had as much performance impact as Interrupt Moderation.

IEEE 802.1AX (aka 802.3ad, Cisco EtherChannel)

For advanced network performance improvement look at link aggregation (channel trunking, link bonding, etc.) using the IEEE 802.1AX (aka 802.3ad, Cisco EtherChannel) protocol support in your Intel and Broadcom network adapters using their Advanced Configuration Utilities on your servers to bundle from 2-8 Ethernet network adapters into one trunk to increase your performance. Just tell your network administrators to enable those features on your ports and find out if they are able to do it if your links are going to the same switch or if they have virtual switching enabled in case your links span switches. Just think about 4 x Gigabit performance if you bundle all 4 NICs on most servers.

NetCPS

You can test your own network performance with this simple but great utility called NetCPS. Just be sure to disable Interrupt Moderation on both of the computers on your LAN that you will be using for the performance testing otherwise you won't be able to achieve these numbers if one of the computers can't handle the data as fast as the other one. Try it with your laptop and desktop for example.

NetCPS - is a handy utility to measure the effective performance on a TCP/IP network.

Just execute "netcps.exe -s" on the listening system and then do "netcps.exe computername " on the other computer to use the utility to test the throughput bandwidth. For Gigabit you can use the "-m1000" switch to increase the transferred amount to 1,000 MBytes instead of the default 100. Below is an example.

Re:Switch to cable internet at work?

[Cramer]

Indeed. Take it from someone running a web site on a "Business Cable" connection, it sucks ass. It runs over the exact same system as residential traffic. The only difference... I pay more (a lot more) but get almost exactly the same service. Sure, it says 1M up on paper but they (TW) start dropping traffic at half that -- and that's how they have the network configured.

We switched to a T1 from Speakeasy (resold Covad.) It's 1.5M in both directions all the time; no traffic ever gets dropped. It doesn't drop everytime the power flickers (TW's too cheap and lazy to put(replace) batteries out in the field.) I'll agree it's slow by modern standards, and it's about 3x as expensive, but it works all the time -- and when it doesn't people move their ass to fix it.

/dev/null serving files = Apocalypse

[linzeal]

When /dev/null starts giving access to all the files it has gobbled up over the years I imagine would be like the gates of hell opening. Dennis Ritchie as pestilence will ride a black horse made of swarming bits astride with other famous Unix dudes (imagine your own!). Sysadmins who have been practicing the arcane arts of administrating access to Hell's one and only 9600 BAUD BBS running Minix will rise hungry for bandwidth, porn access and hot pockets.

Implement RFC 1925

[DaveAtFraud]

RFC 1925

Cheers,
Dave

Re:Real Tip #1 - Disable Interrupt Moderation on N

insmod e1000.ko InterruptThrottleRate=1 (Mode 1)
  insmod e1000.ko InterruptThrottleRate=0 (ITR off)
  insmod e1000.ko InterruptThrottleRate=8000 (Fixed value for all I/O patterns)

Page 17
http://download.intel.com/design/network/applnots/ap450.pdf

Re:Real Tip #1 - Disable Interrupt Moderation on N

Nice informative post, interrupt moderation sure sounds interesting. Link aggregation, however, is not as useful as it sounds for the following reasons:

1. Hardware link aggregation (link aggregation supported in silicon) works by hashing, not by distributing packets evenly across all links that are aggregated. If you can spare some time to ponder about this for a moment, you will be able to see why hashing is used. In real life situations, 4 x 1Gbps links aggregated together never equals 4Gbps throughput.

2. If link aggregation is handled by the software (which is most likely the case if aggregating multiple NICs on a server) then all it really provides is redundancy. It is very difficult for an average server to process 1Gbps of incoming traffic, let alone generate 1Gbps of worths of traffic. Not to mention the read/write speed of the storage device(s) used in the server.

(Unless it's using PCIE SSDs in RAID configuration, which would be very interesting and I am dying to find out the throughput of such a configuration!)

For once I actually know what I am talking about, so maybe I should have created an account before posting this one.