07-20-2009 11:19 AM - edited 03-04-2019 05:29 AM
I have an IPSec encrypted GRE tunnel between two LANs that has worked great for literally years. Recently we started adding Windows Vista and Windows 7 machines to the mix. The new Vista and Win7 machines have TERRIBLE performance across the WAN/tunnel. I have tried using "ip mtu" and "tcp adjust-mss" commands on the routers LAN and tunnel interfaces (and also messed with MTU and MTUDiscovery on the machines themselves) but I haven't managed to get the Vista and Win7 machines to work as well as the XP and 2003 machines. Anybody have any ideas?
Thanks,
Diego
07-20-2009 12:02 PM
Are you sure the problem is with fragmentation of packets?
In your place I would do a packet capture analysis or packet debug first to see what is exactly happening there.
Cheers:
Istvan
07-20-2009 12:42 PM
Microsoft implemented a "NextGen" stack, starting with Vista. I don't recall anything specific with tunnels, but network interaction can be quite different (of course, all for the better [at least that's the intent]).
You might want to review both Microsoft and Cisco for "known" behavior differences and see if any apply to your experience. I know for Vista, there's a couple of configuration settings to make it behave more like XP. Again, whether any of this is specific for tunnels, don't know.
07-21-2009 04:21 PM
After more testing it seems like the bad WAN performance is not limited to the tunnels. All WAN traffic is slow from the Vista and Win7 machines. I'll look into configuring Vista like XP.
Thanks,
Diego
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide