cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Join Customer Connection to register!
70
Views
0
Helpful
3
Replies
Stacey Hummer
Beginner

Is this normal

So, while doing troubleshooting on another issue I did an extended ping between two of my switches (3560s). The are connected through fibre and are about a 1 km between them. When I do the extended ping and send 1000 packets between them I get about a 1/3 of the way through the ping and it slows right down. Results are 1/88/839ms.

I also have run into this simple between building only 200 meters apart. Same scenario starts fast but then slows right down. These network segments are by far not heavily used so I'm not sure what would be slowing down the pings.

Is this common?

There are no errors on the ports, and before I start tearing into this I just want to do if this is common. The switches we are using are 2960s, 3560s, 3750s.

Thanks for any info.

Stacey

 

***Update**

So, unfortunately I could not shutdown my management interface because I needed it for SFR defense center. Yes, you have to have the management interface up and up. No requirement for IP address but up. Other than that, it was split routing the ping.

1 ACCEPTED SOLUTION

Accepted Solutions
Jon Marshall
Hall of Fame Guru

Hi Stacey

The answer is, it depends.

When you ping to and from the switch itself the switch has to process the packet ie. send the ICMP packet up it's TCP/IP stack  and then send a response. So basically you are not seeing the true hardware performance of the switch in terms of forwarding packets.

When you ping from an end device to another end device then the switch simply forwards this in hardware ie. a simple mac address lookup is all that is needed.

So if you were pinging from end devices and seeing that slow down then I would definitely look into that.

But to and from the switch itself probably not.

Bear in mind also that pings to the switches are treated generally as low priority so sending that number I would expect it to slow down to be honest.

How is the ASA going ?

Jon

View solution in original post

3 REPLIES 3
Jon Marshall
Hall of Fame Guru

Hi Stacey

The answer is, it depends.

When you ping to and from the switch itself the switch has to process the packet ie. send the ICMP packet up it's TCP/IP stack  and then send a response. So basically you are not seeing the true hardware performance of the switch in terms of forwarding packets.

When you ping from an end device to another end device then the switch simply forwards this in hardware ie. a simple mac address lookup is all that is needed.

So if you were pinging from end devices and seeing that slow down then I would definitely look into that.

But to and from the switch itself probably not.

Bear in mind also that pings to the switches are treated generally as low priority so sending that number I would expect it to slow down to be honest.

How is the ASA going ?

Jon

View solution in original post

Thanks Jon,

ASA.... Well ever since shutting down the management port and running everything off the Inside port everything seems to work well. Now, if Cisco can resolve the VPN issue and the connectivity between the Sourcefire Defense Center I will be golden.... For now.  :-)

 

Stacey

I remember when I first moved over to Cisco firewalls, it was a bit of a culture shock to say the least and they were a lot simpler then than they are now.

Couple of months with them and you'll wonder what all the hassle was about :-)

Jon